cryptography - 3DES key exchange with RSA in Java -
i'm implementing webservice in java in server needs send 3des key client using rsa algorithm. symmetric generated server. both server , client have own rsa key-pairs, exchanged.
in code, server sends symmetric key client.
@webmethod public byte[] getsymmetrickey(){ try{ cipher cipher = cipher.getinstance("rsa"); // first, encrypts symmetric key client's public key cipher.init(cipher.encrypt_mode, this.clientkey); byte[] partialcipher = cipher.dofinal(this.key.getbytes()); // finally, encrypts previous result server's private key cipher.init(cipher.encrypt_mode, this.privatekey); byte[] cipherdata = cipher.dofinal(partialcipher); return cipherdata; }catch (exception ex){ ex.printstacktrace(); } } when run encryption server's private key, error of illegalblocksizeexception. why exception if padding activated default? i've tried explicitly activate padding cipher.getinstance("rsa/ecb/pkcs1padding"). finally, here's exception output:
severe: javax.crypto.illegalblocksizeexception: data must not longer 245 bytes javax.crypto.illegalblocksizeexception: data must not longer 245 bytes @ com.sun.crypto.provider.rsacipher.dofinal(rsacipher.java:346) @ com.sun.crypto.provider.rsacipher.enginedofinal(rsacipher.java:391) @ javax.crypto.cipher.dofinal(cipher.java:2087) @ server.filetransfererimpl.getsymmetrickey(filetransfererimpl.java:112) @ sun.reflect.nativemethodaccessorimpl.invoke0(native method) @ sun.reflect.nativemethodaccessorimpl.invoke(unknown source) @ sun.reflect.delegatingmethodaccessorimpl.invoke(unknown source) @ java.lang.reflect.method.invoke(unknown source) @ sun.reflect.misc.trampoline.invoke(unknown source) @ sun.reflect.nativemethodaccessorimpl.invoke0(native method) @ sun.reflect.nativemethodaccessorimpl.invoke(unknown source) @ sun.reflect.delegatingmethodaccessorimpl.invoke(unknown source) @ java.lang.reflect.method.invoke(unknown source) @ sun.reflect.misc.methodutil.invoke(unknown source) @ sun.reflect.nativemethodaccessorimpl.invoke0(native method) @ sun.reflect.nativemethodaccessorimpl.invoke(unknown source) @ sun.reflect.delegatingmethodaccessorimpl.invoke(unknown source) @ java.lang.reflect.method.invoke(unknown source) @ com.sun.xml.internal.ws.api.server.methodutil.invoke(unknown source) @ com.sun.xml.internal.ws.api.server.instanceresolver$1.invoke(unknown source) @ com.sun.xml.internal.ws.server.invokertube$2.invoke(unknown source) @ com.sun.xml.internal.ws.server.sei.endpointmethodhandler.invoke(unknown source) @ com.sun.xml.internal.ws.server.sei.seiinvokertube.processrequest(unknown source) @ com.sun.xml.internal.ws.api.pipe.fiber.__dorun(unknown source) @ com.sun.xml.internal.ws.api.pipe.fiber._dorun(unknown source) @ com.sun.xml.internal.ws.api.pipe.fiber.dorun(unknown source) @ com.sun.xml.internal.ws.api.pipe.fiber.runsync(unknown source) @ com.sun.xml.internal.ws.server.wsendpointimpl$2.process(unknown source) @ com.sun.xml.internal.ws.transport.http.httpadapter$httptoolkit.handle(unknown source) @ com.sun.xml.internal.ws.transport.http.httpadapter.handle(unknown source) @ com.sun.xml.internal.ws.transport.http.server.wshttphandler.handleexchange(unknown source) @ com.sun.xml.internal.ws.transport.http.server.wshttphandler.handle(unknown source) @ com.sun.net.httpserver.filter$chain.dofilter(unknown source) @ sun.net.httpserver.authfilter.dofilter(unknown source) @ com.sun.net.httpserver.filter$chain.dofilter(unknown source) @ sun.net.httpserver.serverimpl$exchange$linkhandler.handle(unknown source) @ com.sun.net.httpserver.filter$chain.dofilter(unknown source) @ sun.net.httpserver.serverimpl$exchange.run(unknown source) @ java.util.concurrent.threadpoolexecutor.runworker(unknown source) @ java.util.concurrent.threadpoolexecutor$worker.run(unknown source) @ java.lang.thread.run(unknown source)
i researching soem stuff today , found question. since has not been answered, i'll leave here future reference.
according pkcs #1, rsaes-pkcs1-v1_5-encrypt algorithm can encrypt k - 11 bytes k "size" of key in bytes. 11 bytes used "headers".
if using 2048 bits rsa key, gives k = 256 , can encrypt 256 - 11 = 245 bytes of data.
check actual size of this.key.
Comments
Post a Comment