![]() ![]() Now, you can use this key with an iv with openssl to encrypt some plain text using aes-256-cbc, like so: echo -n 'hello world' | openssl aes-256-cbc -e -K 3fd00454580de44ea216d8b7b234267a2a6a6aec7e56d2b38e641a45597af0f2 -iv 302775dfc35a35c8081bbc6fdeacbd86 | xxd -p ![]() To generate a random 256-bit key, encoded in hexadecimal format, you can use the following command: head /dev/urandom | sha256sum UPDATE: Finally I made some tests and it turns out that this constructor: KeySpec ks = new PBEKeySpec(password.First, regardless of the AES mode being used (GCM, CBC, ECB, CTR, etc), if you are using AES-256, then the key must be 256 bits in length. ![]() My question is, does this code return keys compatible with every AES-XXX size, or should I write different code for each size?Īlso, is there a better (in terms of security or simplicity) way of generating a key from a password? However, now I have to generate keys just from a password (with no salt and no iterations), and I need them to work for AES-128, AES-192 and AES-256. I was using a similar approach to generate salted keys for AES-256. Key k = new SecretKeySpec(s.getEncoded(),"AES") Throw new Exception("Key generation failed.", e) KeySpec ks = new PBEKeySpec(password.toCharArray()) Throw new Exception("Key derivation algorithm not available.", e) I'm thinking in something like this: SecretKeyFactory f į = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1") ![]() Is it possible to write a single method that generates valid keys from a password for AES-128, AES-192, and AES-256? ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |