views:

30

answers:

1

i'm triing to get this code to work on j2me (it is working a java program) but not yet in j2me

    public static String generate(String plaintext, String passphase) throws Exception {
        try {
            PBEKeySpec pbeKeySpec = new PBEKeySpec(passphase.toCharArray());
            PBEParameterSpec pbeParamSpec;
            SecretKeyFactory keyFac;
            // Salt
            byte[] salt = {(byte) 0xc8, (byte) 0x73, (byte) 0x61, (byte) 0x1d, (byte) 0x1a, (byte) 0xf2, (byte) 0xa8, (byte) 0x99};
            // Iteration count
            int count = 20;
            // Create PBE parameter set
            pbeParamSpec = new PBEParameterSpec(salt, count);
            keyFac = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
            SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
            // Create PBE Cipher
            Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
            // Initialize PBE Cipher with key and parameters
            pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
            // Our cleartext
            byte[] cleartext = plaintext.getBytes();
            // Encrypt the cleartext
            byte[] ciphertext = pbeCipher.doFinal(cleartext);
            return ciphertext;
        } catch (Exception ex) {
            throw new Exception(ex.getMessage());
        }
    }

i found this lib http://www.bouncycastle.org/java.html

the important thing is that i find a method for j2me that can encrypt using PBEWithMD5AndDES

anyone know the solution?

edit adding extra info

when i try to add the above code to a mobile project following classes are not recognized (not included in j2me)

    PBEKeySpec
    PBEParameterSpec
    SecretKeyFactory

so i need a package that allows me to encode plain text using PBEWithMD5AndDES anyone know such a package compatible with j2me?

thx for the replies so far

A: 

A lot can go wrong when applying a primitive, you should use Jasypt.

Rook
ok, is it j2me compatible? can it encrypt PBEWithMD5AndDES?
Berty
@Berty it is j2me compatible but it has its own implementation, using modern primitives. md5 and des are very old, broken, and shouldn't be used by anyone.
Rook
@Rook thx for your reply. i know they are not very safe, but they don't need to be, i just use them to generate a semi random password starting from some readable information. i already created a desktop installation and its in use now, so the mobile application has to be the same algorithm or the passwords won't match. is it possible with the suggested package?
Berty
@Berty You just need a random number generator for that. Using md5 and des is overkill.
Rook