TJ-Bot
Var spec=new PBEKeySpec(pw, iv, 65536, 128);
var f=SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
var sk=f.generateSecret(spec);
There seems to be no way to get a new SecretKey without knowing pw
The code snippet provided is using the Password-Based Key Derivation Function 2 (PBKDF2) with the Hash-based Message Authentication Code (HMAC) using SHA-1 as the cryptographic hash function to generate a new secret key.
In this code, a new PBKDF2 key specification (PBEKeySpec) is created with the password (pw), initialization vector (iv), iteration count (65536), and key length (128). Then, a SecretKeyFactory instance is initialized with the algorithm "PBKDF2WithHmacSHA1" and used to generate a new secret key (sk) based on the provided specification.
It is important to note that in PBKDF2, the derived key is dependent on both the password and salt (in this case, the initialization vector). Therefore, without knowing the correct password and salt, it is not possible to generate or retrieve the same secret key.
As a result, in this specific implementation of PBKDF2, there is no direct way to obtain a new secret key without having knowledge of both the password and initialization vector used in the key derivation process.
runic moth