Thanks for the explanation and help.. everything worked perfect. :) :)
Regards,
Azhar
On Mon, Mar 25, 2013 at 1:34 PM, Dave Thompson <dthomp...@prinpay.com>wrote:
> > From: owner-openssl-us...@openssl.org On Behalf Of Dave Thompson
> > Sent: Wednesday, 20 March, 2013 20:21
>
> > >From: owner-openssl-us...@openssl.org On Behalf Of azhar jodatti
> > >Sent: Wednesday, 20 March, 2013 15:21
> <snip>
> > >this.secretKey is an object of javax.crypto.SecretKey which
> > >I am using for symmetric encryption like this
> > > byte[] utf8 = plaintext.getBytes("UTF8");
> > > Cipher c = Cipher.getInstance("DES");
> > > c.init(Cipher.ENCRYPT_MODE, this.secretKey);
> > > byte[] encryptedText = c.doFinal(utf8);
> > > return new sun.misc.BASE64Encoder().encode(encryptedText);
> >
> > With the usual providers "DES" is really "DES/CBC/PKCS5Padding",
> > and it would be clearer to be explicit. I thought that CBC with
> > no IV specified uses a random IV, which you would need to transmit,
> > but on testing apparently it uses zeros, which in general is bad
> > but if you are using nonce DEKs it is tolerable.
> >
> Correction: on more careful checking, it's DES/*ECB*/PKCS5Padding,
> which for one block I looked at is the same as CBC IV=zeros (duh).
> Sorry for the mislead.
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
