Thank you JK (again). I'm going to get the book. Also will look into
the boucycastle JCE.

Thanks again!, Ian

JK <nobody@nowhere.org> wrote in message news:<beltan$a82$1@nathan.rz.tu-harburg.de>...
> You can't use DSA for encryption because it is an algorithm for signing
> only.
>
> Sun's JCE does not support RSA encryption (just signing). Get the
> bouncycastle JCE (www.bouncycastle.org).
>
> You have to generate an RSA key pair instead (keytool) and use RSA e.g.
> with OAEP padding
>
> Cipher cipher = Cipher.getInstance("RSA/OAEP", "BC");
>
> I'd recommend to read a good book about cryptography to get things
> clearer, e.g. "Applied Cryptography" by Bruce Schneier.
>
> Regards
> JK.
>
>
>
> Ian deSouza wrote:
> > Thank you JK!
> >
> > I think I understood that. The concern is that large amounts of data
> > would be better encripted using the less time consuming symmetric key.
> > But I only have a small amount of data I wish to decrypt. e.g.
> >
> > I have a properties file with small string values that I wish to
> > decrypt with my public key that I ship with the product. I encrypt the
> > small values with my private key at home base and put them in my
> > properties file.
> >
> > So if this is the case, what algorithym should I set up my cipher for
> > (at home) using my "keytool -genkey" generated key? i.e.
> >
> > Sun DSA Private Key
> > parametersSA
> > p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80
> > b6512669
> > 455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f
> > f26660b7
> > 6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6
> > 150f04fb
> > 83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d
> > d14801c7
> > q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5
> > g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b
> > 3d078267
> > 5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932
> > 8cc8a6e1
> > 3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62
> > 7a01243b
> > cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b
> > fecf492a
> >
> > x: 72433d46 3e452130 bcf4db29 4b30f3cf 5e17ea81
> >
> > Don't worry, I'm only using this for testing...
> >
> > And if I have a public key as follows:
> >
> > Sun DSA Public Key
> > ParametersSA
> > p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80
> > b6512669
> > 455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f
> > f26660b7
> > 6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6
> > 150f04fb
> > 83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d
> > d14801c7
> > q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5
> > g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b
> > 3d078267
> > 5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932
> > 8cc8a6e1
> > 3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62
> > 7a01243b
> > cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b
> > fecf492a
> >
> > y:
> > 2a1c4ccd 0752ead3 d9100774 95efb3b3 06a35a6a c9ac583c 93c8c647
> > 58fe8fe7
> > de862e36 b70e2f30 5e9ae836 37aca933 dadb16c1 6dae9cf7 47b442e4
> > a63539e1
> > ded87dcf 2299900c 3895729c bf6d06d3 6dfcfe60 c256bdd4 701313ff
> > 758c8b6f
> > f3a5ce4d 8410ac3c 73d9c2ac 4645b605 c1cd7da8 be2ff818 0babc883
> > 65d3f057
> >
> > What algorithm would I use to init the Cipher to decrypt the small
> > string?
> >
> > Thanks again for any help! Ian
> >
> >
> > JK <nobody@nowhere.org> wrote in message news:<bej9uk$14e$1@nathan.rz.tu-harburg.de>...
> >
> >>You are missing, that in JCE keys are typed to match the requirements of
> >>the cipher. In a key store, you can store private keys for RSA or DSA,
> >>but not for a symmetric cipher such as DES.
> >>
> >>As asymmetric encrytion/decryption is a lot more computationally
> >>intensive, you usually use a symmetric cipher for the bulk encryption of
> >>data using a random key, and append (or prepend) the symmetric key
> >>encrypted with an asymmetric cipher (RSA or DSA) using your private key.
> >>For decryption, your public key is used to recover the secret symetric
> >>key and having that key, the actually data can be decrypted.
> >>
> >>Regards
> >>JK.
> >>
> >>
> >>
> >>Ian deSouza wrote:
> >>
> >>>Simple question... sorry..
> >>>
> >>>I'm trying to encrypt a string with a private key (retrieved from
> >>>KeyStore - that I created using keytool). So that I can send the
> >>>public key to the client to decrypt the string.
> >>>
> >>>The problem I'm having is (partially from the Java's Developer's
> >>>Almanac).
> >>>
> >>>java.security.InvalidKeyException
> >>> at com.sun.crypto.provider.DESCipher.engineGetKeySize (DashoA6275)
> >>> at javax.crypto.Cipher.init(DashoA6275)
> >>> at DesEncrypter.<init>(DesEncrypter.java:24)
> >>>
> >>> DesEncrypter(Key key)
> >>> throws InvalidAlgorithmParameterException, NoSuchPaddingException,
> >>>NoSuchAlgorithmException, InvalidKeyException
> >>> {
> >>> // Create an 8-byte initialization vector
> >>>// byte[] iv = new byte[]{
> >>>// (byte)0x8E, 0x12, 0x39, (byte)0x9C,
> >>>// 0x07, 0x72, 0x6F, 0x5A
> >>>// };
> >>>// AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
> >>> ecipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
> >>> dcipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
> >>>
> >>> // CBC requires an initialization vector
> >>>24: ecipher.init(Cipher.ENCRYPT_MODE, key); //, paramSpec);
> >>>
> >>>The "key" problem I'm having is that the code actually uses the
> >>>"SecretKey" to the class, but I'm retrieving a "Key" private key from
> >>>the store.
> >>>
> >>>I know I'm missing something..
> >>>
> >>>Ian