> From: owner-openssl-us...@openssl.org On Behalf Of Dave Thompson
> Sent: Wednesday, 20 March, 2013 20:21
> >From: owner-openssl-us...@openssl.org On Behalf Of azhar jodatti
> >Sent: Wednesday, 20 March, 2013 15:21
<snip>
> >this.secretKey is an object of javax.crypto.SecretKey which
> >I am using for symmetric encryption like this
> > byte[] utf8 = plaintext.getBytes("UTF8");
> > Cipher c = Cipher.getInstance("DES");
> > c.init(Cipher.ENCRYPT_MODE, this.secretKey);
> > byte[] encryptedText = c.doFinal(utf8);
> > return new sun.misc.BASE64Encoder().encode(encryptedText);
>
> With the usual providers "DES" is really "DES/CBC/PKCS5Padding",
> and it would be clearer to be explicit. I thought that CBC with
> no IV specified uses a random IV, which you would need to transmit,
> but on testing apparently it uses zeros, which in general is bad
> but if you are using nonce DEKs it is tolerable.
>
Correction: on more careful checking, it's DES/*ECB*/PKCS5Padding,
which for one block I looked at is the same as CBC IV=zeros (duh).
Sorry for the mislead.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
