Hi,
I am facing an issue with SecureRandom in java.
This was the code that used to work as expected ,Generating PRNG when it ran on java 1.4. So basically when it was executed any weblogic server running on 1.4 generated same PRNG
Problem: In a clustered env , data is encrypted in the one weblogic 10 instance , and the same needs to decrypted in another weblogic 10 instance.Apparently not working
FYI: We didnt face this issue in Weblogic 8.1 as it was runing in 1.4 and the key generated in both servers returned same as the secureRandom was generated with the same SEED.
Code:
SecureRandom srandom1 = SecureRandom.getInstance("SHA1PRNG");
srandom1.setSeed(TestClient.RANDOM_SEED);
KeyGenerator keyGen1 = null;
try {
keyGen1 = KeyGenerator.getInstance("AES");
} catch (NoSuchAlgorithmException nsae) {
}
keyGen1.init(srandom1);
Key g_Key_with = keyGen1.generateKey();
but we observe that after migrating to java 1.5 , the above functionality breaks. The issue here is SecureRandom seems to generate different PRNG for the same seed in two different weblogic 10 Servers running on Java 1.5 ?
I did refer the thread : http://forums.sun.com/thread.jspa?threadID=5298375
so could anyone please suggest the alternative to using SecureRandom /possible fix ?
UPDATE
[b]Update:[/b]
Possible solution : We could store the key in a keystore and place it in a File Location. and use the same key for decrypting. But how would i go about doing it in a clustered environment. As key generated in one weblogic instance , needs to decrypted in the another.
Could you let me know the approach for this as well ?