tags:

views:

24

answers:

1
Q: 

how to generate PMK?

Hi everyone,

I would like to know how can I generate a random pre-master key PMK in java? (related in key exchange and authentication) Is it similar with other randam key generating? What particularly is a pre master key?

Thanks, Sebby.

A: 

It looks to me like you are trying to make your own crypto. If that's the case, please don't do it. That's the #1 crypto advice anyone will give you.

If you want to re-implement TLS or something similar, I suggest that you forget your attempt and use a well-tested library. If you MUST implement it, then please take the time to read the specs carefully. They will explain what each step is and how to compute it.

If the only thing you want to a a good bunch of random bytes, SecureRandom is the API to use.

mlaverd  2010-04-22 04:17:37
hi, thanks a lot for your reply. i now used the following code and could you please let me know that if it is a correct way to generate a PM-Key?? `try {<br/> KeyGenerator keyGen = KeyGenerator.getInstance("HmacMD5");<br/> SecretKey pmkey = keyGen.generateKey();<br/> byte[] PMKey = pmkey.getEncoded(); <br/> strPMK = MessageDigestAlgorithm.toHexString(PMKey);<br/> tv.append("\nPre-Master Key in hex: " + strPMK);<br/> }catch (NoSuchAlgorithmException e) {<br/> // TODO Auto-generated catch block e.printStackTrace(); <br/> }`
sebby_zml  2010-04-29 01:59:34
`try { KeyGenerator keyGen = KeyGenerator.getInstance("HmacMD5"); SecretKey pmkey = keyGen.generateKey(); byte[] PMKey = pmkey.getEncoded(); strPMK = MessageDigestAlgorithm.toHexString(PMKey); tv.append("\nPre-Master Key in hex: " + strPMK);}catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace();}`
sebby_zml  2010-04-29 02:05:08
I see a few issues with the code. 1) you're using MD5, which is really not future proof. Try something from the SHA-2 family instead. 2) `MessageDigestAlgorithm` is not a standard class, I don't know what it does... 3) You generate a secret key, not a pre-master secret. A pre-master secret only needs a `SecureRandom`. The pre-master secret is something specific from cryptographic protocols like SSL/TLS... are you mixing up pre-master secret with secret key?I think you need to explain your requirement/use case in more details here...
mlaverd  2010-04-29 03:11:18

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java