Hi,
I am writing an application that uses Digest MD5 to authenticate a
client (android phone) to a server (running on SUN Java 1.6.0_02). The
authentication, which works fine, if I run the client from a normal
computer (not the Dev phone), does not succeed when the client is
running on the phone.
I started digging deep into the client and server authentication code
and I figured out that the following code yields different results,
when executed on the Dev Phone and on the SUN JVM:
1 Mac hmac = Mac.getInstance("HmacSHA256");
2 SecretKeyFactory kf = SecretKeyFactory.getInstance("DES");
3 Key k = kf.generateSecret(ks);
4 hmac.init(k);
5 finalKey = hmac.doFinal(s);
The fact is that the key 'k' contains different byte values (Debugger--
> key=byte[8]) on the phone and on the SUN JVM.
The reason is, that on the phone, the SecretKeyFactory kf which
generate k in line 3 returns a different results.
On the phone the implementation of the factory kf, which is returned
in line 2 is provided by the Bouncy Castle Provider. On the SUN JVM it
is the SUN implementation.
Obviously, both implementations - though using the same algorithm
(DES) - calculate different results.
Did anyone experience this before? Is that a known issue that might be
solved by a newer Java version?
Maybe it is a bug.
Oh one more thing: when you compare the values of the byte-array of
the Key k, which was generated by the SUN provider and the Bouncy
Castle one, you can see that the values are almost identical. They
only deviate by +1, 0, and -1 in an unregular pattern.
E.g. if
k_phone = 54, 51, 54, 57, 54, 53, 53, 52
then
k_sun = 55, 50, 55, 56, 55, 52, 52, 52
so that is: +1, -1, +1, -1, +1, -1, -1, 0
I wonder whether this has anything to do with parity bits or
something. I am not a crypto guy.
Any help is greatly appreciated.
Thanks.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
