'Re: [dev-crypto] Help porting PBKDF2 code from C# to Java'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    Re: [dev-crypto] Help porting PBKDF2 code from C# to Java
From:       Maarten Bodewes <maarten.bodewes () gmail ! com>
Date:       2010-07-20 23:28:18
Message-ID: AANLkTinLYIqC_bn2PCjPChqthkXjpLElJ4SRaAJAgJsx () mail ! gmail ! com
[Download RAW message or body]

On Sun, Jul 18, 2010 at 10:17 PM, Omri Baumer <omri.baumer@gmail.com> wrote:

> Hi everyone, I'm trying to port this function part of my code from C# to
> Java, the thing is that the
>
>                 byte[] arryByte =
> System.Text.Encoding.BigEndianUnicode.GetBytes(UserPassword);
>                 Rfc2898DeriveBytes pswdPBKDF2 = new
> Rfc2898DeriveBytes(arryByte, Salt, 1000);
>

Shouldn't arryByte be a String? If I take a look at the API, I haven't got a
clue why the byte[] is created at all.


>                 m_PswdSalt = pswdPBKDF2.GetBytes(32);
>

But  GetBytes() does not return a salt at all? It returns the created key
bytes?


>
>                 if (m_CipherKey == null)
>                 {
>                     m_CipherKey = new byte[32];
>                     RNGCryptoServiceProvider Gen = new
> RNGCryptoServiceProvider();
>                     Gen.GetBytes(m_CipherKey);
>                 }
>

And this seems to generate the salt instead of the key?


>
>                 return m_PswdSalt;
>
>

Um? Well, maybe I'm confused, I'm not sure what the missing function is, but
just returning the salt?



> Tried doing something like
>
>         PBEKeySpec keyspec = new PBEKeySpec(pass.toCharArray(),
>                 salt,
>                 KEY_ITERATION_COUNT,
>                 AES_KEY_SIZE);
>         try {
>         SecretKeyFactory skf = SecretKeyFactory.getInstance(KEY_FACTORY);
>         key = skf.generateSecret(keyspec);
>
>         } catch (Exception e) {
>          Log.e("MyApp",e.toString());
>         }
>
> but it generated a diffrent key, I tried playing with the string encoding
> but couldent get it to create the same key as the C# code.
>

And that's probably a good thing.


>
> Would love help with this from anyone who could help.
>
>
Take a very careful look at the C# code, is my first recommendation. I don't
program C# at all, I get the strong feeling it isn't up to par. It looks,
well, hacked or reversed or something.

Regards,
Maarten

[Attachment #3 (text/html)]

<br><br><div class="gmail_quote">On Sun, Jul 18, 2010 at 10:17 PM, Omri Baumer <span \
dir="ltr">&lt;<a href="mailto:omri.baumer@gmail.com">omri.baumer@gmail.com</a>&gt;</span> \
wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; \
border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"> <div dir="ltr"><span \
style="font-family: arial,sans-serif; font-size: 13px; border-collapse: \
collapse;"><div style="text-align: left;">Hi everyone, I&#39;m trying to port this \
function part of my code from C# to Java, the thing is that the  </div>

<div style="text-align: left;"><br></div><div style="text-align: left;">              \
byte[] arryByte = System.Text.Encoding.BigEndianUnicode.GetBytes(UserPassword);</div><div \
style="text-align: left;">                         Rfc2898DeriveBytes pswdPBKDF2 = \
new Rfc2898DeriveBytes(arryByte, Salt, 1000);</div> \
</span></div></blockquote><div><br>Shouldn&#39;t arryByte be a String? If I take a \
look at the API, I haven&#39;t got a clue why the byte[] is created at all.<br>  \
</div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: \
1px solid rgb(204, 204, 204); padding-left: 1ex;"> <div dir="ltr"><span \
style="font-family: arial,sans-serif; font-size: 13px; border-collapse: collapse;"> \
<div style="text-align: left;">                         m_PswdSalt = \
pswdPBKDF2.GetBytes(32);</div></span></div></blockquote><div><br>But   GetBytes() \
does not return a salt at all? It returns the created key bytes?<br>  <br></div> \
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px \
solid rgb(204, 204, 204); padding-left: 1ex;"><div dir="ltr"><span \
style="font-family: arial,sans-serif; font-size: 13px; border-collapse: \
collapse;"><div style="text-align: left;"> <br></div><div style="text-align: left;">  \
if (m_CipherKey == null)</div><div style="text-align: left;">  {</div><div \
style="text-align: left;">                               m_CipherKey = new \
byte[32];</div><div style="text-align: left;">                               \
RNGCryptoServiceProvider Gen = new RNGCryptoServiceProvider();</div>

<div style="text-align: left;">                               \
Gen.GetBytes(m_CipherKey);</div><div style="text-align: left;">                       \
}</div></span></div></blockquote><div><br>And this seems to generate the salt instead \
of the key?<br>  </div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt \
0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div \
dir="ltr"><span style="font-family: arial,sans-serif; font-size: 13px; \
border-collapse: collapse;"><div style="text-align: left;"> <br></div><div \
style="text-align: left;">                         return m_PswdSalt;</div> <div \
style="text-align: left;"><br></div></span></div></blockquote><div><br><br>Um? Well, \
maybe I&#39;m confused, I&#39;m not sure what the missing function is, but just \
returning the salt?<br><br>  </div><blockquote class="gmail_quote" style="margin: 0pt \
0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"> <div \
dir="ltr"><span style="font-family: arial,sans-serif; font-size: 13px; \
border-collapse: collapse;"><div style="text-align: left;"></div><div \
style="text-align: left;">Tried doing something like</div><div style="text-align: \
left;"> <br></div><div style="text-align: left;"><div style="text-align: left;">      \
PBEKeySpec keyspec = new PBEKeySpec(pass.toCharArray(),  </div> <div \
style="text-align: left;">                         salt,</div><div style="text-align: \
left;">                         KEY_ITERATION_COUNT,</div><div style="text-align: \
left;">                         AES_KEY_SIZE);</div><div style="text-align: left;">

             try {</div><div style="text-align: left;"><span style="white-space: \
pre-wrap;">	</span>             SecretKeyFactory skf = \
SecretKeyFactory.getInstance(KEY_FACTORY);</div><div style="text-align: left;"><span \
style="white-space: pre-wrap;">	</span>             key = \
skf.generateSecret(keyspec);</div>

<div style="text-align: left;"><span style="white-space: pre-wrap;">	</span>          \
</div><div style="text-align: left;">             } catch (Exception e) {</div><div \
style="text-align: left;">             <span style="white-space: \
pre-wrap;">	</span>Log.e(&quot;MyApp&quot;,e.toString());</div>

<div style="text-align: left;">             }</div></div><div><br></div><div>but it \
generated a diffrent key, I tried playing with the string encoding but couldent get \
it to create the same key as the C# code.</div></span></div> \
</blockquote><div><br>And that&#39;s probably a good thing.<br>  </div><blockquote \
class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, \
204, 204); padding-left: 1ex;"><div dir="ltr"><span style="font-family: \
arial,sans-serif; font-size: 13px; border-collapse: collapse;"><div> <br></div>
<div>Would love help with this from anyone who could \
help.</div></span><br></div></blockquote><div><br>Take a very careful look at the C# \
code, is my first recommendation. I don&#39;t program C# at all, I get the strong \
feeling it isn&#39;t up to par. It looks, well, hacked or reversed or something.<br> \
<br>Regards,<br>Maarten<br><br></div></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic