zzuussee zzuussee - 28 days ago 17
Java Question

NoSuchAlgorithmException with SecretKeyFactory

I keep getting a NoSuchAlgorithmExeception when I'm passing PBKDF2WithHmacSHA1 to getInstance().

Why is this happening. Am I missing some imports?

import javax.crypto.*;
import javax.crypto.spec.*;
import java.security.SecureRandom;
import java.util.Scanner;
import java.security.spec.*;
import java.security.AlgorithmParameters;
import javax.crypto.SecretKeyFactory.*;

class AES
{
static public String encrypt(String input, String password)
{
SecureRandom random = new SecureRandom();
byte salt[] = new byte[8];
random.nextBytes(salt);

SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");

Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secret);
AlgorithmParameters params = cipher.getParameters();
byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
byte[] ciphertext = cipher.doFinal(input.getBytes("UTF-8"));

String text = new String(ciphertext, "UTF-8");
return text;
}
}


Also is there a way to use SHA2 instead of SHA1 ?

Answer

If you are using OpenJDK, then this might be your case. The accepted answer states that:

The OpenJDK implementation does only provide a PBKDF2HmacSHA1Factory.java which has the "HmacSHA1" digest harcoded. As far as I tested, the Oracle JDK is not different in that sense.

What you have to do is derive the PBKDF2HmacSHA1Factory (come on, it is open!) and add a parameter to its constructor. You may avoid the mess of creating your own Provider, and just initialize and use your factory as follows:

PBKDF_SecretKeyFactory kf = new PBKDF_SecretKeyFactory("HmacSHA512");
KeySpec ks = new PBEKeySpec(password,salt,iterations,bitlen);
byte key[] = kf.engineGenerateSecret(ks).getEncoded();

About using SHA2, this post might have what you're looking for. Use this code snippet:

public byte[] hash(String password) throws NoSuchAlgorithmException
{   
    MessageDigest sha256 = MessageDigest.getInstance("SHA-256");        
    byte[] passBytes = password.getBytes();
    byte[] passHash = sha256.digest(passBytes);
    return passHash;
}
Comments