Apps encryption help

[triocorp]

Hi there,

We have an application that runs under java and under android which encrypts and decrypts data using AES. We found that we can decrypt data under android if the data was originally encrypted using android, and same applies with the java version. However, if we tried decrypting under android data that was originally encrypted under java, it doesnt work, and vice versa.

We believe we have narrowed it down to SecureRandom. For some reason, secret keys derived from SecureRandom are different for java and android.

Has anyone else experienced this and are there any solutions to this problem?

Thanks in advance.

 

[TheAndroidWorks]

Yes, we encountered a small stump when we wrote our 256 AES Android to PHP interop a while back. I can't remember exactly what the solution was, but I will ask the other developer... for some reason I think I remember it having to do with bytecode formats.

PHP and Android/Java had two very different ways of handling the encrypted strings that caused problems within the encrypt and decrypt functions that we had to program around.

I know it may be stating the obvious, but have you tested for snags in passing the key and IV, etc?

 

[gtx]

Hi,
Did you end up solving this problem? Can you post a link to the solution?