I'm trying to understand this comment from AES implementation code:
/**
* This program generates a AES key, retrieves its raw bytes, and
* then reinstantiates a AES key from the key bytes.
* The reinstantiated key is used to initialize a AES cipher for
* encryption and decryption.
*/
I dont understand following points:
AES: Advanced Encyption Standard The key is a string. So this seems to generate a string. It likely then converts it to an array of bytes (perhaps for storage). It then recreates the string from the array of bytes.
Raw bytes probably refers to the storage representation of the key object.
Usually you create a key object and then get a form in which to store it (have a look at java.security.Key#getEncoded(). That storage/exchange representation is a byte array without encoding information - therefore "raw bytes".
These raw bytes then can be used to instantiate the key object again.
Unclear to me is why the program reinstantiates the key object instead of using the one it created earlier.
That probably can only be answered by seeing the code of the program.
I think you are reading this web page,
http://java.sun.com/developer/technicalArticles/Security/AES/AES%5Fv1.html
We have code that generates AES keys according to this example also but I think the author is a little bit confused. It generates keys like this,
kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
// Generate the secret key specs.
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
skey is already an AES key you can use. The second step does nothing. If you look inside skey and skeySpec, they are identical.
So you can ignore the explanation. It doesn't make it any more clear.