In order to generate a Secret Key and add it into the current
KeyStore, click on Generate Secret
Key
. In the new window, the user has the option to
select from a wide range of key algorithms and sizes. The algorithms are
defined for 2 providers: for the Bouncy Castle Provider and for the Sun
JCE Provider (if it exists on the system where CERTivity is running),
allowing the user to select only the supported key sizes for each
algorithm depending on the algorithm type and provider. In case the Sun
JCE Provider is not available, the Default provider will be used which
means that all the Secret Key algorithms (that CERTivity supports) will be
displayed with the key sizes starting from 1 for each algorithm. For this
case, if the algorithm or the key size is not supported by the Default
provider, an error will be displayed.
To generate a Secret Key, the user has to select a Provider, then to select an algorithm, then a key size, and finally to enter an alias for the Secret Key which will be generated.
A screenshot for generate secret key action can be seen below:
JKS and PKCS#12 KeyStore types do not support storing Secret Keys. This is a limitation of the standards, not of the CERTivity application.
The key algorithms are dictating the JCE provider and the key sizes supported. These are depicted in the following table.
Table 5.2. Size and Provider for Secret Keys
Key Algorithm | Key Size | Provider |
---|---|---|
AES | 1 - 256 | Bouncy Castle |
128 - 256, multiple of 64 | Sun JCE | |
AESWrap | 1 - 256 | Bouncy Castle |
ARCFOUR | 40 - 1024 | Sun JCE |
Blowfish | 1 - 448 | Bouncy Castle |
32 - 448, multiple of 8 | Sun JCE | |
Camellia | 128 - 256, multiple of 64 | Bouncy Castle |
Cast5 | 1 - 128 | Bouncy Castle |
Cast6 | 1 - 256 | Bouncy Castle |
DES | 64 | Bouncy Castle |
56 | Sun JCE | |
DESede | 128, 192 | Bouncy Castle |
112, 168 | Sun JCE | |
DESedeWrap | 128, 192 | Bouncy Castle |
GOST28147 | 256 | Bouncy Castle |
Grainv1 | 80 | Bouncy Castle |
Grain128 | 128 | Bouncy Castle |
HC128 | 128 | Bouncy Castle |
HC256 | 256 | Bouncy Castle |
Noekeon | 128 | Bouncy Castle |
RC2 | 1 - 1024 | Bouncy Castle |
40 - 1024 | Sun JCE | |
RC4 | 40 - 2048 | Bouncy Castle |
RC5 | 1 - 128 | Bouncy Castle |
RC5-64 | 1 - 256 | Bouncy Castle |
RC6 | 1 - 256 | Bouncy Castle |
Rijndael | 1 - 256 | Bouncy Castle |
Salsa20 | 128, 256 | Bouncy Castle |
SEED | 128 | Bouncy Castle |
Serpent | 128 - 256, multiple of 64 | Bouncy Castle |
Skipjack | 1 - 128 | Bouncy Castle |
TEA | 128 | Bouncy Castle |
Twofish | 128 - 256, multiple of 64 | Bouncy Castle |
VMPC | 128, 6144 | Bouncy Castle |
VMPC-KSA3 | 128, 6144 | Bouncy Castle |
XTEA | 128 | Bouncy Castle |
HmacMD2 | 1 - | Bouncy Castle |
HmacMD4 | 1 - | Bouncy Castle |
HmacMD5 | 1 - | Bouncy Castle |
1 - | Sun JCE | |
HmacRIPEMD128 | 1 - | Bouncy Castle |
HmacRIPEMD160 | 1 - | Bouncy Castle |
HmacSHA1 | 1 - | Bouncy Castle |
1 - | Sun JCE | |
HmacSHA224 | 1 - | Bouncy Castle |
HmacSHA256 | 1 - | Bouncy Castle |
40 - | Sun JCE | |
HmacSHA384 | 1 - | Bouncy Castle |
40 - | Sun JCE | |
HmacSHA512 | 1 - | Bouncy Castle |
40 - | Sun JCE | |
HmacTIGER | 1 - | Bouncy Castle |