Password based encryption using AES in java 5 (JCE only)

Question

I would like to use AES (192 or 256 bits), but am stuck on how to generate a key from a user supplied password.

I have gone through this thread, and am able to run the program in Java 6. However, I need to run the same program in Java 5, and SecretKeyFactory for PBKDF2WithHmacSHA1 is not available in JDK 5.

So, essentially, I need to generate 192 or 256 bits for a SecretKey based on users password, and I would like a secure way to do that in java 5.

Help appreciated!

EDIT #1 Just to avoid getting stuck, I am now using 128 bits from MD5(user-entered-password + fixed-salt) as the key to AES. I know it sucks, and will change it the moment I figure out a good way to generate the key.

It might help if you post the code you have that works in Java6. — Jim Garrison
@Jim - see accepted answer to this question - stackoverflow.com/questions/992019/java-256bit-aes-encryption. The code works perfect in JDK6, but I am out of ideas trying to get it work for JDK 5 — Sripathi Krishnan
So grab the code from a higher Java version 1.5 and create your own API, or do likewise using Bouncy Castle. Can't be that hard. — Maarten Bodewes

Dean J Dean J · Accepted Answer · 2010-08-23T15:37:17

Is there a reason you want PBKDF2WithHmacSHA1?

SecretKeyFactory existed in 1.4.2, so you might look here.

Password based encryption using AES in java 5 (JCE only)

1 Answers