encryption - En/decrypt between php and j2me app -

-

i have blackberry app (j2me) encrypt data , sends server, php page, , again. app use lcrypto-j2me-147 (bouncy castle) , mcrypt php part. problem encrypting same text , producing different results. 2 can't send encrypted data 1 another.

my test system: php code:

<?php  function printstringtohex($text) {     $size = strlen($text);     for($i = 0; $i < $size; $i++)     {         echo dechex(ord($text[$i])) . " ";     } }  function encrypt($key, $input)  {      echo "<pre>*** encrypt *** </pre>";     echo "<pre>raw input: " . $input . "</pre>";     $size = mcrypt_get_block_size('twofish', 'ecb');      echo "<pre>block: " . $size . "</pre>";     $input = pkcs5_pad($input, $size);      echo "<pre>pkcs#5 padding: ";     echo printstringtohex($input);     echo "</pre>";      $td = mcrypt_module_open('twofish', '', 'ecb', '');      $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), mcrypt_rand);      mcrypt_generic_init($td, $key, $iv);      $data = mcrypt_generic($td, $input);      echo "<pre>raw output: " . $data . "</pre>";     echo "<pre>hex output: ";     echo printstringtohex($data);     echo "</pre>";     mcrypt_generic_deinit($td);      mcrypt_module_close($td);      $data = base64_encode($data);      echo "<pre>b64 output: " . $data . "</pre>";     echo "<pre>b64 output len: ";     echo strlen($data) . "</pre>";     return $data;  }   function pkcs5_pad ($text, $blocksize)  {      $pad = $blocksize - (strlen($text) % $blocksize);      return $text . str_repeat(chr($pad), $pad);  }   $enc = encrypt("the key string", "the plain text string");

the out put is:

encrypt: raw input: plain text string block: 16 pkcs#5 padding: 54 68 65 20 70 6c 61 69 6e 20 74 65 78 74 20 73 74 72 69 6e 67 b b b b b b b b b b b  raw output: Þˆ2l4ýé6öò8?‰ÛŒÇy˜w‘Š…heÅ8=a[ hex output: de 88 32 4c 34 8 fd e9 36 f6 f2 38 3f 89 db 8c c7 59 98 57 91 8a 85 48 45 16 2 c5 38 3d 61 5b  b64 output: 3ogytdqi/ek29vi4p4nbjmdzmferiovirrycxtg9yvs= b64 output len: 44

for java part used example:

public static byte[] encryptdecrypt(byte[] inputbytes, string keystring, boolean encrypt) {      try     {         if(encrypt) system.out.println("*** encrypting *** "); else system.out.println("*** decrypting *** ");         system.out.println("key: " + keystring);         system.out.println("input bytes (string): " +  new string(inputbytes));         system.out.print("\ninput bytes (byte[]): ");         printoutbytes(inputbytes);          byte[] keybytes = keystring.getbytes();         keyparameter key = new keyparameter(keybytes);         twofishengine twofish = new twofishengine();         bufferedblockcipher cipher = new paddedbufferedblockcipher(twofish);         cipher.init(encrypt, key);         byte[] cipherbytes = new byte[cipher.getoutputsize(inputbytes.length)];         int cipherlength = cipher.processbytes(inputbytes, 0, inputbytes.length, cipherbytes, 0);         cipher.dofinal(cipherbytes, cipherlength);          system.out.println("cipher bytes (string): " + new string(cipherbytes));         system.out.print("\ncipher bytes (byte[]): ");         printoutbytes(cipherbytes);         return cipherbytes;     }        catch(invalidciphertextexception e)     {         system.err.println(e.getmessage());     }     return null; }

the out put is:

encrypting  key: key string input bytes (string): plain text string input bytes (byte[]): 54 68 65 20 70 6c 61 69 6e 20 74 65 78 74 20 73 74 72 69 6e 67  cipher bytes (string): ²rð?= r¾=??ùuí?9?rtæ?0ÊÃ(½~Å3 cipher bytes (byte[]): b2 52 f0 87 81 3d 14 72 3d 85 80 f9 55 ed 9a 39 82 72 74 e6 91 30 ca c3 1 28 bd 7e c5 33  b64 of enctext: sllwh4e9fapyvj2fgplv7zo5gnj05pewysmbkl1+xtm= b64 len: 44

any ideas? suspect initialization vector not used java?

many thanx, andre

i ended creating servlet using same encryption lib suggested telmo pimentel mota


Comments

Post a Comment

Popular posts from this blog

c# - SVN Error : "svnadmin: E205000: Too many arguments" -

-
i trying reposotries using c# code process svncommand = null; var psi = new processstartinfo("svnadmin"); psi.redirectstandardoutput = true; psi.redirectstandarderror = true; psi.useshellexecute = false; psi.arguments= @"dump c:\repositories\myrepo > c:\temp\myrepodumpfile.dump"; using (svncommand = process.start(psi)) { var myoutput = svncommand.standardoutput; var myerror = svncommand.standarderror; debug.write("output :" + environment.newline + environment.newline + myoutput.readtoend() + environment.newline + "error :" + environment.newline + environment.newline + myerror.readtoend()); svncommand.close(); } when use dump command commandline svnadmin dump c:\repositories\myrepo > c:\temp\myrepodumpfile.dump it works fine when try ...
Read more

c++ - Using OpenSSL in a multi-threaded application -

-
i have been writing soap client application in c++ on ubuntu using openssl https transport , pthreads threading. have number of threads - 1 central data acquisition thread periodically gets worker threads make soap requests via shared mutex protected queues. reading documentation openssl found is openssl thread-safe? in openssl faq describes mechanisms required ensure thread safety when using openssl. implemented , works fine. the reason question conceptual difficulty really. thinking implementing same functionality application has already, instead of using threads, create 2 seperate applications : 1 worker thread (of multiple copies running) , main data acquisition thread. use tcp sockets communicate between 2 rather mutex protected queues. may bad idea not important - confusing me would have implement same functions required ensure openssl thread safety in second approach or not? my guess not have , treated independent (indeed surely must many applications use openssl) re...
Read more

All overlapping substrings matching a java regex -

-
is there api method returns (possibly overlapping) substrings match regular expression? for example, have text string: string t = 04/31 412-555-1235; , , have pattern: pattern p = new pattern("\\d\\d+"); matches strings of 2 or more characters. the matches are: 04, 31, 412, 555, 1235. how overlapping matches? i want code return: 04, 31, 41, 412, 12, 55, 555, 55, 12, 123, 1235, 23, 235, 35. theoretically should possible -- there obvious o(n^2) algorithm enumerates , checks substrings against pattern. edit rather enumerating substrings, safer use region(int start, int end) method in matcher . checking pattern against separate, extracted substring might change result of match (e.g. if there non-capturing group or word boundary check @ start/end of pattern). edit 2 actually, it's unclear whether region() expect zero-width matches. specification vague, , experiments yield disappointing results. for example: string line = "xx90xx"; strin...
Read more