Android Question Bouncy castle provider

Javier Alonso

Member
Licensed User
Longtime User
Hi,

I am using agraham's encryption library, actually a wrapper for the cipher class in android. My problem is that some mobiles pones do not implement some of the cipher transformations I would like to use (even though according to the documentation they should), like "AES/CBC/PKCS5Padding". What I would like to do is to include in the app a bouncycastle security provider with all the transformations I need.

I have downloaded agraham's source code and added the BouncyCastle provider bcprov-jdk15on-1.55.jar to the JRE libraries in Eclipse, but my knowledge of java is very, very limited and I haven't succeded:

1. Adding the .jar to the JRE and adding "import org.bouncycastle.jce.provider.BouncyCastleProvider;" gives an error saying it does not belong to agraham's package.
2. Agraham's library do not have a cipher class where the provider can be added like "Security.addProvider(newBouncyCastleProvider());"

Any help, please?
 
Sort by date Sort by votes

KMatle

Expert
Licensed User
Longtime User
Hi. I use Agrahams lib for

B4X: 
C.Initialize("AES/ECB/PKCS5Padding")

and

B4X: 
ServerC.Initialize("RSA/ECB/PKCS1Padding")

to exchange data with my servers via php.

Javier Alonso said:
that some mobiles pones do not implement some of the cipher transformations
Click to expand...

What exactly do you mean with that? Do you need help how to implement ecnryption in B4A or do you have issues with a specific enryption?
 
Upvote 0

Erel

B4X founder
Staff member
Licensed User
Longtime User
You cannot include BouncyCastle library in Android as Android includes parts of BouncyCastle internally and the classes will clash.

There is a different built named SpongyCastle that is compatible with Android: https://github.com/rtyley/spongycastle

B4XEncryption uses AES/CBC/PKCS5Padding and up until now there were no reports of any errors.
 
Upvote 0

Javier Alonso

Member
Licensed User
Longtime User
Hi, I included some code in my app to be notified if some phone models do not include AES/CBC/PKCS5Padding. This is the output of the list of supported methods for the BouncyCastle provider that some user has found out:

'AES'
'AESWRAP'
'ARC4'
'BLOWFISH'
'DES'
'DESEDE'
'DESEDEWRAP'
'PBEWITHMD5AND128BITAES-CBC-OPENSSL'
'PBEWITHMD5AND192BITAES-CBC-OPENSSL'
'PBEWITHMD5AND256BITAES-CBC-OPENSSL'
'PBEWITHMD5ANDDES'
'PBEWITHMD5ANDRC2'
'PBEWITHSHA1ANDDES'
'PBEWITHSHA1ANDRC2'
'PBEWITHSHA256AND128BITAES-CBC-BC'
'PBEWITHSHA256AND192BITAES-CBC-BC'
'PBEWITHSHA256AND256BITAES-CBC-BC'
'PBEWITHSHAAND128BITAES-CBC-BC'
'PBEWITHSHAAND128BITRC2-CBC'
'PBEWITHSHAAND128BITRC4'
'PBEWITHSHAAND192BITAES-CBC-BC'
'PBEWITHSHAAND2-KEYTRIPLEDES-CBC'
'PBEWITHSHAAND256BITAES-CBC-BC'
'PBEWITHSHAAND3-KEYTRIPLEDES-CBC'
'PBEWITHSHAAND40BITRC2-CBC'
'PBEWITHSHAAND40BITRC4'
'PBEWITHSHAANDTWOFISH-CBC'
'RSA'

Unfortunately, I do not know the phone model Looks like there is no encryption/padding scheme reported. Does it mean that only the default configuration is valid or can I still try AES/CBC/PKCS5Padding in such a device like this one?

Thanks in advance.
 
Upvote 0
You must log in or register to reply here.

Similar Threads

  • Question
Android Question API security on B4A
Replies
2
Views
2K
epicsapis
  • Question
Android Question protecting embedded ClientIDOauth using code obfuscation?
Replies
3
Views
1K
MarcoRome
Z
  • Question
Android Question SMS Authentication with Twilio
Replies
2
Views
1K
zabayin
Z
M
  • Question
Android Question Maven artifact not found: androidx.legacy/legacy-support-core-utils
Replies
11
Views
3K
Erel
A
  • Question
Android Question Need help in Encryption with key+iv structure
Replies
2
Views
1K
Arun
A
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…