Equivalent tranformation spec. in Bouncy Castle API 1.4

[Michael]

Hi all,

We are porting an application from j2ee 1.2 (sdk 1.3) to j2ee 1.3 (sdk
1.4). Our app makes use of Bouncy Castle API for sdk 1.3. So we also
have to use the new Bouncy Castle API for sdk 1.4.

There is a function:

javax.crypto.Cipher.getInstance("DESede//NoPadding")

which has to be ported. But we do not know how to form the equivalence
of the transformation "DESede//NoPadding" in the new getInstance of
Bouncy Castle, since the new GetInstance does not support
"DESede//NoPadding".

We have searched in the docs of Bouncy Castle and JCE extension in
order to find the appropriate values of "DESede//NoPadding" to put in.
In particular which string or char do we have to put between "DESede"
and "NoPadding".

We have tried "NONE". And therefore have substituted
"DESede/NONE/NoPadding". But just got the error:

stderr: java.lang.IllegalArgumentException: can't support mode NONE

Pls note that there is no application documention on which mode we
have to spec in the above mentoned string (algorithm/mode/padding).

Thus, if any one just knows the equivalence transform of
"DESede//NoPadding" for Bouncy Castle (for java sdk 1.4) pls let me
know,

Thanks in advance

Michael

 

[Sudsy]

Michael wrote:

Thus, if any one just knows the equivalence transform of
"DESede//NoPadding" for Bouncy Castle (for java sdk 1.4) pls let me
know,

A quick search of the archives indicates that most people are using
ECB as the mode. Worth a try?
i.e. "DESede/ECB/NoPadding"

 

[Michael]

[This is why I write my own implementations. I could never figure out
how to make the providers work.]

I thought it was just me. I spent about 2 hours trying figure out how to
enter a triple DES key from a byte [] array in jdk 1.4.2. The api is
ridiculously abstract. I haven't looked at the bouncy castle api.

ghstark AT pobox DOT com

Hi All,

Does anybody know what the 1.2 implementation of Bouncy Castle does
with "DESede//NoPadding" since the 1.4 implementation could not deal
with this and by substituting "DESede/ECB/NoPadding", we have got
cryptogram computed by the server that is not equal with the one
computed by the client.

The idea is to re-use the code that used to process
"DESede//NoPadding" successfully in 1.2 in 1.4, so that we still can
live with "DESede//NoPadding" in 1.4.

Quite a challenge huh !

Michael

 

[Sudsy]

Michael wrote:

Does anybody know what the 1.2 implementation of Bouncy Castle does
with "DESede//NoPadding" since the 1.4 implementation could not deal
with this and by substituting "DESede/ECB/NoPadding", we have got
cryptogram computed by the server that is not equal with the one
computed by the client.

The idea is to re-use the code that used to process
"DESede//NoPadding" successfully in 1.2 in 1.4, so that we still can
live with "DESede//NoPadding" in 1.4.

It's possible that you're using Cypher Block Chaining then. Try using
DESede/CBC/NoPadding instead. Of course this is all just p***ing in the
wind without knowing the mode on the remote end...
But that's what I'd try if I was in your situation, unless you've got
access to the Bouncy Castle source and can grok what they're using when
mode is not specified.