SSH keypair generation: RSA or DSA?

RSA is generally preferred (now that the patent issue is over with) because it can go up to 4096 bits, where DSA has to be exactly 1024 bits (in the opinion of ssh-keygen). 2048 bits is ssh-keygen‘s default length for RSA keys, and I don’t see any particular reason to use shorter ones. (The minimum … Read more

What kind of Java type is “[B”?

That my friend is an array of bytes. In JNI, [B is used to describe an array ([) of bytes (B). An array of ints is [I etc. You can get a bit more information on field descriptors here:JNI Types and Data Structures (Table 3-2 should be what you are looking for).

Padding is invalid and cannot be removed?

Rijndael/AES is a block cypher. It encrypts data in 128 bit (16 character) blocks. Cryptographic padding is used to make sure that the last block of the message is always the correct size. Your decryption method is expecting whatever its default padding is, and is not finding it. As @NetSquirrel says, you need to explicitly … Read more

Encrypt Password in Configuration Files?

A simple way of doing this is to use Password Based Encryption in Java. This allows you to encrypt and decrypt a text by using a password. This basically means initializing a javax.crypto.Cipher with algorithm “AES/CBC/PKCS5Padding” and getting a key from javax.crypto.SecretKeyFactory with the “PBKDF2WithHmacSHA512” algorithm. Here is a code example (updated to replace the less secure MD5-based variant): One problem remains: Where … Read more

Encrypt Password in Configuration Files?

A simple way of doing this is to use Password Based Encryption in Java. This allows you to encrypt and decrypt a text by using a password. This basically means initializing a javax.crypto.Cipher with algorithm “AES/CBC/PKCS5Padding” and getting a key from javax.crypto.SecretKeyFactory with the “PBKDF2WithHmacSHA512” algorithm. Here is a code example (updated to replace the … Read more