Encrypting a shared key on the Android/Java platform -


i´m new both android platform , encryption, bear me. need call webservice requires me encrypt parameter before calling it. have received specification reads:

"we use aes encrypt. settings encryption follow:

  • key: publickey12345678910

  • number of bits: 128

  • padding: pkcs #7

  • cipher: cipher block chaining (cbc)"

now, problem lack of basic understanding of encryption process. have public key, do it? have tried find answer online efforts seem result in either wrong encrypted key or "invalidkeylengthexception, key not 128, 196 or 256 bits" (or in general direction). recent effort, borrows heavily answer here on stack, looks this:

            string input = "theparameteriwanttoencrypt";         string secretid = "publickey12345678910";         char[] inputchars = input.tochararray();         char[] pswchars = secretid.tochararray();          secretkeyfactory factory = secretkeyfactory.getinstance("pbewithmd5anddes", new bouncycastleprovider());         keyspec spec = new pbekeyspec(pswchars);         secretkey tmp = factory.generatesecret(spec);         secretkey secret = new secretkeyspec(tmp.getencoded(), "aes");          cipher cipher = cipher.getinstance("aes/cbc/pkcs7padding");         cipher.init(cipher.encrypt_mode, secret);         algorithmparameters params = cipher.getparameters();         byte[] iv = params.getparameterspec(ivparameterspec.class).getiv();         byte[] ciphertext = cipher.dofinal(input.getbytes());          system.out.println(new string(ciphertext));

could explain me in order things in supplied specification? also, code implementing behavior on java/android platform obliged.

forget, moment, implementation details, , let's focus on things @ higher level. if perform encryption in manner, private key stored somewhere in program or in data used program in way extracted, compromising encryption.

by contrast, if use https (which standard way create encrypted session), there well-tested , well-studied process whereby asymmetric cipher used establish private keys used create encrypted channel (usually using 128-bit aes encryption).

you should push on whoever providing webservice offer on standard https connection encryption, rather relying on encrypting individual fields this.


Comments

Post a Comment

Popular posts from this blog

c++ - Is it possible to compile a VST on linux? -

for class project i'm attempting write vst plugin backed cuda. current cuda workflow on linux box, i'd prefer compile , link there. according wikipedia , should possible (i couldn't find steinberg documentation relevant linux) can't find makefile or instructions on how build if aren't using xcode or visual studio. i'm vst 3 sdk doesn't support linux. when try compile plugin under linux, error: ./base/source/fatomic.cpp:39:30: fatal error: libkern/osatomic.h: no such file or directory this issue caused following code in "vst3 sdk/base/source/fatomic.cpp" #if mac #include <libkern/osatomic.h> #if mac_os_x_version_min_required > mac_os_x_version_10_4 #define native_atomic_type (volatile int32_t*) #else #define native_atomic_type (int32_t*) #endif #elif windows #include <windows.h> #endif but hope compiling under linux work vst sdk 2.4. reading. jvstwrapper seems run on lin...
Read more

java - Output of Eclipse is rubbish -

i want write program in eclipse language different english. when display output using system.out program, displays output correctly in console editor. when accept input console , output it, output rubbish. how can solve it. many thnaks i'm not sure if problem, have character encoding problem. make sure you're using unicode, utf-8. you can read more @ official docs converting non-unicode text .
Read more

jquery - Confused with JSON data and normal data in Django ajax request -

i read json internet still have not got grasp of it. reading article http://webcloud.se/log/ajax-in-django-with-jquery/ i not understood first part function using json def xhr_test(request, format): if request.is_ajax(): if format == 'xml': mimetype = 'application/xml' if format == 'json': mimetype = 'application/javascript' data = serializers.serialize(format, examplemodel.objects.all()) return httpresponse(data,mimetype) # if want prevent non xhr calls else: return httpresponse(status=400) my main problems are from function getting format variable does format json mean data given function json or data recived json can give me simple example ouput of function data = serializers.serialize(format, examplemodel.objects.all()) how use data when response in jquery function if don't use json in above function how input , response chnage thanks ...
Read more