One more thing I just noticed: If you compare k and ks in the following line,
Key k = kf.generateSecret(ks); you notice that the Bouncy Castle SecretKeyFactory obviously does not do anything with the input key ks. In fact, on the phone, k == ks. On the SUN VM, ks is mangled. Probably according to http://forums.sun.com/thread.jspa?threadID=493288 Can anybody confirm that? Would you say that is a bug of the Bouncy Castle implementation? On 30 Jun., 11:40, nleiptv <[email protected]> wrote: > Hi, > > I am writing an application that uses Digest MD5 to authenticate a > client (android phone) to a server (running on SUN Java 1.6.0_02). The > authentication, which works fine, if I run the client from a normal > computer (not the Dev phone), does not succeed when the client is > running on the phone. > > I started digging deep into the client and server authentication code > and I figured out that the following code yields different results, > when executed on the Dev Phone and on the SUN JVM: > > 1 Mac hmac = Mac.getInstance("HmacSHA256"); > 2 SecretKeyFactory kf = SecretKeyFactory.getInstance("DES"); > 3 Key k = kf.generateSecret(ks); > 4 hmac.init(k); > 5 finalKey = hmac.doFinal(s); > > The fact is that the key 'k' contains different byte values (Debugger--> > key=byte[8]) on the phone and on the SUN JVM. > > The reason is, that on the phone, the SecretKeyFactory kf which > generate k in line 3 returns a different results. > On the phone the implementation of the factory kf, which is returned > in line 2 is provided by the Bouncy Castle Provider. On the SUN JVM it > is the SUN implementation. > Obviously, both implementations - though using the same algorithm > (DES) - calculate different results. > > Did anyone experience this before? Is that a known issue that might be > solved by a newer Java version? > Maybe it is a bug. > > Oh one more thing: when you compare the values of the byte-array of > the Key k, which was generated by the SUN provider and the Bouncy > Castle one, you can see that the values are almost identical. They > only deviate by +1, 0, and -1 in an unregular pattern. > > E.g. if > k_phone = 54, 51, 54, 57, 54, 53, 53, 52 > then > k_sun = 55, 50, 55, 56, 55, 52, 52, 52 > > so that is: +1, -1, +1, -1, +1, -1, -1, 0 > > I wonder whether this has anything to do with parity bits or > something. I am not a crypto guy. > > Any help is greatly appreciated. > > Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
