Topic
1 reply Latest Post - ‏2010-05-12T21:08:26Z by MJonker
MJonker
MJonker
3 Posts
ACCEPTED ANSWER

Pinned topic looking for hmacsha2 support in IBMJCE for WebSphere 7

‏2010-05-12T20:14:51Z |
Hi,

According to this document http://www.ibm.com/developerworks/java/jdk/security/60/secguides/securityguide.win32.html#jce the supported
Message authentication codes (MAC) are

Hmac/SHA1
Hmac/MD5
Hmac/SHA2
Hmac/SHA3
Hmac/SHA5

However when I try to get a MAC instance for HmacSHA2, the algoritm is not found.

This corresponds with the content of the info field of IBMJCE class:

IBMJCE Provider implements the following: HMAC-SHA1, MD2, MD5, MARS, SHA, MD2withRSA, MD5withRSA, SHA1withRSA, RSA, SHA1withDSA, RC2, RC4, Seal)implements the following:
Signature algorithms : SHA1withDSA, SHA1withRSA, MD5withRSA, MD2withRSA,
SHA2withRSA, SHA3withRSA, SHA5withRSA
Cipher algorithms : Blowfish, AES, DES, TripleDES, PBEWithMD2AndDES,
PBEWithMD2AndTripleDES, PBEWithMD2AndRC2,
PBEWithMD5AndDES, PBEWithMD5AndTripleDES,
PBEWithMD5AndRC2, PBEWithSHA1AndDES
PBEWithSHA1AndTripleDES, PBEWithSHA1AndRC2
PBEWithSHAAnd40BitRC2, PBEWithSHAAnd128BitRC2
PBEWithSHAAnd40BitRC4, PBEWithSHAAnd128BitRC4
PBEWithSHAAnd2KeyTripleDES, PBEWithSHAAnd3KeyTripleDES
Mars, RC2, RC4, ARCFOUR
RSA, Seal
Message authentication code (MAC) : HmacSHA1, HmacSHA256, HmacSHA384, HmacSHA512, HmacMD2, HmacMD5
Key agreement algorithm : DiffieHellman
Key (pair) generator : Blowfish, DiffieHellman, DSA, AES, DES, TripleDES, HmacMD5,
HmacSHA1, Mars, RC2, RC4, RSA, Seal, ARCFOUR
Message digest : MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512
Algorithm parameter generator : DiffieHellman, DSA
Algorithm parameter : Blowfish, DiffieHellman, AES, DES, TripleDES, DSA, Mars,
PBEwithMD5AndDES, RC2
Key factory : DiffieHellman, DSA, RSA
Secret key factory : Blowfish, AES, DES, TripleDES, Mars, RC2, RC4, Seal, ARCFOUR
PKCS5Key, PBKDF1 and PBKDF2(PKCS5Derived Key).
Certificate : X.509
Secure random : IBMSecureRandom
Key store : JCEKS, PKCS12KS (PKCS12), JKS

My question is,
Which version of IBMJCE do I need to get support for HmacSHA2 ?

TIA
Updated on 2010-05-12T21:08:26Z at 2010-05-12T21:08:26Z by MJonker
  • MJonker
    MJonker
    3 Posts
    ACCEPTED ANSWER

    Re: looking for hmacsha2 support in IBMJCE for WebSphere 7

    ‏2010-05-12T21:08:26Z  in response to MJonker
    I have attached a snapshot of the java variables and what is remarkable is that the HmacSHA256KeyGenerator has an attribute (c) that contains the value "HmacSHA2".

    So where I am asking for a key for "HmacSHA256" which is supported, the keyGenerator generates a key for "HmacSHA2", which is not supported.

    When I change the value of the attribute to "HmacSHA256" the code is working fine.

    So the question is:

    Why does the HmacSHA256KeyGenerator work with "HmacSHA2" ?

    Please look at the image for details.