On Tue, Nov 27, 2012 at 12:13 PM, Brian Carlstrom <[email protected]> wrote: > I said CCB, you said CCM, but I meant CBC. :) Oh, my bad!
My apologies. Jeff > On Tue, Nov 27, 2012 at 6:45 AM, Jeffrey Walton <[email protected]> wrote: >> >> On Mon, Nov 26, 2012 at 3:50 PM, Brian Carlstrom <[email protected]> wrote: >> > What problem are you seeing? When I run this on host with java, I get: >> > >> > Exception in thread "main" java.security.NoSuchAlgorithmException: >> > Cannot >> > find any provider supporting AES/ECB/ZeroBytePadding >> > at javax.crypto.Cipher.getInstance(DashoA13*..) >> > at HelloWorld.main(HelloWorld.java:19) >> > >> > I think you want "AES/CCB/PKCS5Padding" as the CIpher algorithm. Running >> > with that with "java" on the host or "dalvikvm" on the device, I do get >> > garbage back. One issue I see is that you don't use the same IV for the >> > two >> > ciphers, I'm guessing you are getting a random one for the second case. >> > >> > It does work for me in both cases if I switch from from using update to >> > doFinal with an argument: >> CCM is a shitty mode (IMHO). CCM does not fit well within Java's >> Init/Update/Final paradigm. Its an "offline" mode, meaning you must >> have the entire message before you can encrypt the data. That's >> because CCM encodes some parameters in the header block. >> >> David Wagner has a nice Compare/Contrast of Authenticated Encryption >> modes at http://www.cs.berkeley.edu/~daw/talks/FSE04eax.ppt (paper: >> http://www.cs.berkeley.edu/~daw/papers/eax-fse04.ps) CWC, EAX, and GCM >> modes are much better choices if available. They are online and allow >> streaming of plaintext. The modes fit well into Java's >> Init/Update/Final paradigm. >> >> I think CCM got popular because of use in the WiFI gear from way back >> when. I was surprised NIST adopted it. That WiFi working group is the >> same group who gave us WPA. Verbum sat sapienti. >> >> Jeff >> >> > On Mon, Nov 19, 2012 at 9:45 AM, Antonino <[email protected]> >> > wrote: >> >> >> >> Hi all, >> >> I am trying a very simple function to encrypt and decrypt a string. >> >> With the following code the input string is different. >> >> Someone could help me? >> >> The code is not secure but it is not very important at the moment. >> >> >> >> String stringKey = "74dc6b9ec2bc29a5490744716e4a7a27"; >> >> String message = "FC:A1:3E:2A:79:B2"; >> >> >> >> SecretKeySpec sks; >> >> >> >> Cipher c,d; >> >> try { >> >> sks = new SecretKeySpec(stringKey.getBytes("UTF-8"),"AES"); >> >> c = Cipher.getInstance("AES/ECB/ZeroBytePadding"); >> >> c.init(Cipher.ENCRYPT_MODE, sks); >> >> c.update(message.getBytes("UTF-8")); >> >> byte[] ciphertext = c.doFinal(); >> >> Log.i("CE","crypted text: "+ Base64.encodeToString(ciphertext, >> >> Base64.DEFAULT)); >> >> //Decrypt block >> >> d = Cipher.getInstance("AES/ECB/ZeroBytePadding"); >> >> d.init(Cipher.DECRYPT_MODE, sks); >> >> d.update(ciphertext); >> >> byte[] deCiphertext =d.doFinal(); >> >> >> >> Log.i("CE","decrypted text: "+ new String(deCiphertext,"UTF-8")); >> >> } catch .... >> >> >> >> Thanks a lot -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
