> What does key.getAlgorithm() return on 4.4 and previous versions? >
PBEWithSHA256And256BitAES-CBC-BC on both. > What does ecipher.getProvider().getName() return on 4.4 and > previous versions? > BC on both (bouncy castle I guess) > > Note that Using Cipher.getInstance() without specifying explicitly the > algorithm, mode and padding is a recipe for disaster. > I thought mode was CBC, padding BC (whatever that is). I was under major time pressure when I implemented encryption :-) > AlgorithmParameterSpec paramSpec = new IvParameterSpec( > > initVector ); > > > Where does initVector come frome and how was it generated? > An array of 8 random bytes, fixed. As is the salt. > > Most importantly, what encryption algorithm are you trying to use? > AES. > AES's block size is 16 bytes (128 bits) so there is no way it > can work 8 byte (56 bit) IVs. > > Right, that matches with on old devices the cipher reporting the block size as 16 also. However, it's worked since 2010 on a huge variety of devices, which leads us to the conclusion that the previous implementation was doing something to adapt to the too-short IV instead of complaining, right ? So I need to find out what that something is. I'll start with filling the IV up to 16 bytes with 0s or 1s though :-) Pent -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
