• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

TripleDES compatibility (Sun - BC)

 
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi...again,
I'm using TripleDES (DESede) algorithm between servlet and J2ME application to encrypt data. Servlet uses libraries on javax.crypto-package and the other one Bouncy Castle's similar. Both application has exactly same encryption keys, but servlet throws an exception "Given final block not properly padded" while trying to decrypt received data.
Debugging shows that communication works and both application can encrypt/decrypt own data, but there is something what makes this modules incompatible to decrypt data from the other module.
J2ME app:
cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
cipher.init(true, new KeyParameter(cryptoKey));
byte[] plainBytes = plainText.getBytes();
byte[] encryptedBytes = new byte[cipher.getOutputSize(plainBytes.length)];
int oLen = cipher.processBytes(plainBytes, 0, plainBytes.length, encryptedBytes, 0);
try{
cipher.doFinal(encryptedBytes, oLen);
}catch (CryptoException ce){
throw new Exception("ERROR:\n- Encryption error.");
}
Servlet:
// Create the cipher
DESede = Cipher.getInstance("DESede");
DESede.init(Cipher.DECRYPT_MODE, cryptoKey);
...
stringFromClient = new String(DESede.doFinal(readBytes));
-> above throws exception "Given final block not properly padded".
I have a feeling that the block size might cause this, but how to effect/ensure the situation? Also I'm wondering why user (user of the function) have to worry about details (processBytes, doFinal, etc) of the encryption/decryption? This does not follow main principles of object oriented programming (encapsulation).
br,
Jorma
 
Jorma Ikonen
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
FYI:
The problem is solved by modifying each modules to use BC's crypto libraries. It seems that SUN's DESede uses ECB by default and do not support CBC (not documentted thing). Further, BC support CBC, but not ECB, and therefore use of BC's libraries was must (works with servlet, applets, J2ME applications).
-Jorma-
 
author
Posts: 11962
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for sharing the solution!
 
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi..this thread is more than 3 years old now...
but i want to ask about this thread, yes, about TripleDes in bouncycastle or in mobile application when we want to use ECB chiper mode..

i want to use ECB chiper mode, becouse in server, my friend had been devlop encrypt and dencrypt with this mode.So i must using the same mode, ECB chiper mode..

how can i encrypt in TripleDEs and ECB chiper mode with bouncycastle library..?if it can't, any library can i use to solve my problem..?

is Sun (java.crypto) for mobile can to what i want...?
 
Jorma Ikonen
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It's pretty funny that after 5 years break since my last visit here, I found someone reading/asking questions about this issue.

Anyway, I must say that I can't help you due the fact that my knowledge about making programs for MIDP is based on situation in 2003. I'm been doing mechanics for mobile phones and been waiting until phones will implement J2SE. (The reason why I'm visiting here is that I'm trying to get some information about use of GPS in MIDP.)

Let's hope that someone else could help you.
 
Ranch Hand
Posts: 643
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Anyone has implemented this or have a code snippet as an example ?
 
Saloon Keeper
Posts: 27763
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Actually, we don't encourage "waking up the zombies", as we call it. Once a thread is dead, we'd rather see a new thread. But I congratulate you for at least looking for prior answers.

I haven't done anything recent on mobile encryption, but DES, even 3DES isn't considered to be very secure any more. They can be broken by raw horsepower on modern-day computers.
 
chetan deol
Ranch Hand
Posts: 643
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Anyone implemented this using bouncycastle ?
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic