My friend has encrypted data with PKCS1 padding on an iPhone.
How can I decrypt that data in Java?
Java requires me to specify "algorithm/ciphermode/padding". The padding and the algorithm are known, but neither of us knows the cipher mode; it is not specified when encrypting on the iPhone.
using bouncy castle and this code should be simple
RSA doesn't really use a "mode"; modes are for block ciphers.
The built-in Sun provider will accept "RSA/ECB/PKCS1Padding" as a Cipher name. ECB is "Electronic Code Book", which doesn't mix any information from "block" to block; it is sort of "no cipher mode."
Other providers accept "None" as a cipher mode with RSA.
BouncyCastle is a good provider. I'm not sure why you would need to take the trouble to install it in this case, however. The SunJCE provider will work fine.
Related
I am using a test app that used java for TLS communication. Standard Oracle java is installed in my system.
I need to use the TLS_DHE_RSA_WITH_AES_128_CCM cipher suite, which is not supported by standard Java, so many suggested using Bouncy Castle. I downloaded and copied the bcprov-ext-jdk18on-171.jar to $JAVA_HOME/lib folder.
Also, updated java.security file to include Bouncy Castle in the provider list as below:
security.provider.4=org.bouncycastle.jce.provider.BouncyCastleProvider
I still cannot get TLS_DHE_RSA_WITH_AES_128_CCM to work though.
Are the steps I did sufficient and correct? Can someone suggest the steps to install and configure Bouncy Castle?
The BouncyCastleProvider adds cryptographic algorithms such as the AES in the CCM mode of operation to the available algorithms of Cipher and other classes. As CCM is not included by default in Java, you will need to register this provider through code (i.e. Security.addProvider(new BouncyCastleProvider)) or adding it into the java.security file (as demonstrated in the question). You will probably want to add it to the end of the provider list as the algorithms of the Oracle provider are generally better tested and may be sped up using hardware acceleration.
However, the BouncyCastleProvider does not contain an implementation of the TLS protocol. You'd need to register the BouncyCastleJsseProvider for that instead. This is required as the Java TLS implementation won't magically know how to use the CCM implementation within Bouncy Castle. JSSE is an acronym of the Java Secure Socket Extension.
You can add that provider at the start of the providers so you know for sure that this provider is used for implementing TLS:
Security.insertProviderAt(new rg.bouncycastle.jsse.provider.BouncyCastleJsseProvider(), 1);
And you can also directly register it in the java.security file.
Note that the JSSE provider doesn't provide implementations such as RSA or AES for Cipher or Signature so it should not be in the way.
I'm not a sercurity or a crypto expert. I want to perfrom encryption on my client to server communication in a RESTful api system.
Currently I'm using javax crypto and initializing the Ciper for AES with AES/GCM/PKCS5Padding to encrypt the data and RSA with RSA/ECB/OAEPWithSHA-256AndMGF1Padding to encrypt the iV and Symmetric key with a public key.
This works well for me.
I did some more digging on other encryption libraries and found Libsodium or NaCl.
I tried searching for any comparision between these and I'm not able to find any. Is it because I'm trying compare apples to oranges?
Should I continue with the javax crypto or should I switch to sodium? What benifits does sodium give over the default javax crypto?
What's the padding mode for AES/GCM? I understood it can be NoPadding, as in ECB mode it can be PKCS5Padding, how about in GCM mode? in JCE interface, we need provide "algorithm/mode/padding" (Reference).
So I used the following code to get the instance and it works in JDK but failed in IBM SDK which says
cannot find provider for supporting AES/GCM/PKCS5Padding
Cipher.getInstance("AES/GCM/PKCS5Padding");
What's real use case for padding?
GCM is a streaming mode which means that the ciphertext is only as long as the plaintext (not including authentication tag). GCM doesn't require a padding. This means that the PKCS5Padding version is actually only a synonym for NoPadding for convenience during programming.
Some providers don't have this strange mode. Java has pluggable cryptographic providers and basically all JRE distributions have a default cryptographic provider which may have different cipher strings and defaults than those of other providers.
There are cases where padding the plaintext makes sense. For example, you can hide the length of the actual plaintext by appending a random length PKCS5Padding.
I am using AES Symmetric encryption of data using BouncyCastle provider, and then wrapping the key using RSA Asymmetric algorithm from Public key obtained from Windows keystore certificate using SunMSCAPI provider. Can anyone please help how to use the SunMSCAPI for RSA wrapping and unwrapping of symmetric keys appropriately with some code snippet?
[sweeping old questions]
You can just use javax.crypto.Cipher.wrap() and unwrap() using the retrieved instances of RSAPublicKey and RSAPrivateKey. For this you may need the unlimited crypto policy files from Sun/Oracle for your JDK/JRE.
I've got a flash client that communicates with a server. The server-side code is in java. I'd like to be able to encrypt the communication, so it has to be an algorithm that has libraries for both as3 & java.
Speed if more important than the security of the encryption, and ideally it would use asymmetric key encryption.
AES and Blowfish seem like they would work from what I've seen. But both use symmetric keys.
Any ideas?
It seems like opening an HTTPS connection would be the simplest way to do this.
AS3Crypto is a port of the popular Java/C# library BouncyCastle. That works just great.
I'm going to be working with encrypting data shortly here. I've chosen to do it using asynchronous RSA encryption.
I'll be using AS3Crypto's RSA encryption client-side with the public key.
Server-side I'll be using JAVA's built-in RSA cryptography to decrypt data with the private key.