Hi,
I hope some-one can answer my questions as ive scoured this forum for a straight answer and haven't been able fine one.
I am using JDK 1.3 with BouncyCastle as the provider. I am simply attempting to generate a key based on a password using a BouncyCastle PBE algorithm. The length of the key I generate seems to vary based on the size of the password. Is this to be expected? This seems to happen regardless of the PBE algorithm I select.
This seems to contradict what BouncyCastle states on their website http://www.bouncycastle.org/specifications.html where they specify that their PBE algorithms such as PBEWithSHAAnd2-KeyTripleDES-CBC have a key size of 128 bits. Am I reading this the wrong way? Is this the maximum length or something? Ideally, I would like to generate a key that is always a constent size.
I know with the KeyGenerator API one can specify a key size in the init() method, however I cannot find a way to use KeyGenerator with a PBE algorithm (i.e. where my Key is based on a password and you are required to use PBEKeySpec to encapsulate the password.)
Here is the code I am using (bar the exception handling etc):
PBEKeySpec keySpec = new PBEKeySpec(caPassword);
// Get a SecretKeyFactory
SecretKeyFactory keyFactory =
SecretKeyFactory.getInstance("PBEWithSHAAnd2-KeyTripleDES-CBC", "BC");
// Create our key
skSecretKey = keyFactory.generateSecret(keySpec);
Any thoughts most welcomed.
Sincerly and thankyou,
Rishad