Date: Wed, 2 Jul 1997 11:50:06 -0700 (PDT)
From: Jan Luehe <Jan.Luehe@Eng>
Subject: Re: DSA available for use in encryption/decryption?
To: java-security@web2.javasoft.com, dmiller@preEmptive.com
Dave:
> is DES. how can i use a DSA key to encrypt the session
> key, send it with the data, and use the server's private
> DSA key to decrypt it?
DSA is an irreversible algorithm, i.e., you cannot use it to
wrap and unwrap a session key.
> if the sun provider does not provide
> this option, is there a third party provider which supports
> DES key pair generation or DSA encryption?
No, you cannot use DSA for encrpytion.
> also, since there is currently no method for building a
> SecretKey from an array of bytes obtained from getEncoding()
> on an object implementing the Key interface, as a workaround,
> i was attempting to serialize the session key, encrypt the
> serialized key, and send it to decrypt and read in on
> the other end. are there any negatives to this method?
This would work fine. But again, you cannot use DSA for wrapping/
unwrapping your session key.
> additionaly, the links to the java security q&a archive
> volumes are incorrect. they are found at:
> http://jserv.javasoft.com/hypermail/java-security-archive/index.html
Yes, we are trying to fix this.
Thanks,
Jan