--------------------------------------------------
From: "Kevin W. Wall" <[email protected]>
Subject: Re: Detecting attempts to decrypt with incorrect secret key in
OWASP ESAPI
So given these limited choices, what are the best options to the
questions I posed in my original post yesterday? As Peter mentioned, we
want to give web app developers something that will work out-of-the-box.
It isn't difficult to implement CMAC and CTR modes in pure Java. The NIST
specs for CMAC and CTR are plenty clear. You'll be looking for the
AES/ECB/NoPadding option. From there use update it returns a byte []. I've
used the standard JCE implementation in this way to implement unsupported
modes before, it works.
Joe
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [email protected]
