I want to exchange a public key between a c++ application and and android application.
I decided to use Diffie-Hellman. On the C++ side this library looks promising for generating the keys with c++. Now I am looking for an implementation for java to generate the keys on the android smartphone.
What libraries would you suggest, also on the c++ side?
In the end i want to share the public key as a string via UDP.
kind regards
A long time ago I used Crypto++ for the C++ which worked well for me and has support for many different algorithms.
http://www.cryptopp.com/
For android the KeyAgreement class can be used on some JavaVM, it is initialized with a String to choose the algorithm. You could try to instantiate it with "DiffieHellman" and see if you get an instance.
According to Java7 docs, http://docs.oracle.com/javase/7/docs/api/javax/crypto/KeyAgreement.html -
"Every implementation of the Java platform is required to support the following standard KeyAgreement algorithm:
DiffieHellman"
Test it and see if that includes dalvik or not.
Related
I need to securely store a piece of data (a single string) on Android from a pure C++ implementation.
AFAIK the way to do this is using SharedPreferences and KeyStore. SharedPreferences takes care of simple storage and KeyStore of encrypting the data. This is done trivially in Java/Kotlin, but all the C++ answers seem to point to a JNI implementation (that just binds/calls Java classes and methods)
The problem is: I'm not looking for Java/JNI implementations, all my functionality is implemented in pure C++ using JSI (JavaScript ⇔ C++ communication) bindings, so I cannot use JNI code without a huge headache of macros and workarounds.
There are some hints, such as this question, that it might be possible to use the low-level implementation of android. But I just cannot find any example on the web. I'm also not a C++ expert to go diving into AOSP source code.
Is this even possible? and if so, could anybody provide a simple example I could start with? Even just an example showing if the underlying frameworks are importable/includable in some custom C++ code would already be a great help.
Short answer is: no, after much fumbling around it is not worth it to try to achieve certain things from C++ on android. The solution I ended up was calling java methods (bridged used JNI) from my C++ code.
I am writing you because I programmed a signature algorithm with elliptic curves in Java on PC and I would like to integrate it on a Java Card. In my program, I use the crypto library BouncyCastle.
So my question is the following : is it possible to use external libraries on Java Card ?
Thank you very much for your help !
Kind of. You can use external libraries that were explicitly written for Java Card. Java Card (Classic) is a very constrained Java environment, which has quite a lot of Java SE functionality missing. Heck, usually it even doesn't have integers, only bytes and shorts.
You cannot use external libraries written for Java SE. And you certainly cannot use Bouncy Castle. Java Card has its own crypto library (which actually has got a lot of functionality, some even not found in Java SE).
Note that even if you could rewrite cryptographic functionality, it would be pretty tricky to get enough performance out of Java Card. The crypto libraries of Java Card usually rely on native processing and co-processor support.
My server is written in Java (on GAE). It includes some data classes that I share with an Android client, and would now like to also share with a Dart web client.
By 'share' I mean that I serialize them to JSON and use HTTP or GCM to sync them between client and server.
So, I'm looking for a tool that will generate Dart equivalents for the relevant Java classes, so I don't have to create them manually.
Google Cloud Endpoints does this (converts data classes from GAE languages to client languages) but Dart is not currently amongst the support languages.
I guess GCE could be used to generate js, which could then be used in Dart app, but that is not ideal. So I think this is a possible solution but not an adequate one.
The other problem with this is that the code conversion of is tightly bound to the GCE service - it can't be used independently of GCE and the only way to get GCE to convert your classes is to include them in a GCE interface.
(If they added Dart support to GCE, made the code translator more independent of GCE, and added some features such as an #Ignore attribute, I think it would be very useful!)
The "ad-hoc Java-to-Dart translator" was "written in three days" by Stefan Matthias Aust (last revised on 2014-01-03). The author notes that "there might be errors", and that "I didn't cover annotations and some esotheric[sic] generics syntax."
He provides some useful guidelines for keeping your Java code dart friendly:
"Because Dart doesn't support overloading methods, I strongly recommend to first rename (using your favorite IDE) those methods in Java. I also noticed that Dart doesn't like if types, fields, or methods have the same name. Again, I recommend to rename all such occurrences before translating. He also notes that Dart doesn't support a character type.
You can use this package to generate Dart client code for Google Cloud Endpoints http://pub.dartlang.org/packages/discovery_api_client_generator.
I also successfully used Protocol Buffers for a similar scenario
- http://pub.dartlang.org/search?q=protobuf
- http://pub.dartlang.org/packages/protobuf_builder
See also https://developers.google.com/protocol-buffers/
I'm looking for a java-based encryption library for Android. I am aware of the built-in encryption that Android offers. Don't want it. Google broke compatibility from one OS to another. My app cannot rely on that. I also looked at Bouncy Castle, which is what Android uses internally but modified. The footprint however is pretty big at around 1.5 meg. Spongy Castle is available but is just a wrapper for Bouncy Castle with the same footprint.
Anyone aware of any other libs?
From a Java perspective, pretty much the only two games in town are the built-in JCE providers and BouncyCastle. Since Oracle's JCE stuff isn't in Android, you either get to use the modified BoucnyCastle built-in, or SpongyCastle.
There are a couple of other options out there (GNU has one as a part of their classpath libraries, which would probably fail your footprint requirements), but honestly, I would be very skittish about using another crytpography library. They are used by such a small subset of people (pretty much everyone who isn't using the built-in JCE providers is using BouncyCastle) that they are unlikely to have been rigorously reviewed for security, and for that reason you should probably avoid using them.
If you are concerned about api breaking within the built-in APIs, I would just stick with SpongyCastle. 1.5mb is honestly not that much of a footprint.
I am looking for a good library that can perform pairing based cryptography (PBC).
One I could find is jPBC
What have others used? and their experiences?
The idea is to test the performance of algorithms using standard pairings (Weil, Tate) as well as some of the newer proposals without getting my hands too much dirty in the math.
I do work in this space as well. The best thing we could find in java was jPBC. Its not very good.
Non java alternatives:
MIRACL: I believe this is the current
fastest c implementation.
charm crypto: a python framework for
rapidly prototyping crypto systems. Full disclosure, I am a dev on
it. It has bindings to some subset of MIRACL and Lynn's PBC lib.
These are more than enough to impliment most schemes.These subsets
are expanding and probably can be readily expanded without getting
into the math involved. Given specific requests, we might even be willing to do those
extensions
Furthermore, it already has support for benchmarking that can
give specific time spent in cryptographic operations, the number of operations (e.g.
pairings and exponentiations), and other stats.
An open-source java implementation of Miracl is at
https://dsl-external.bbn.com/tracsvr/openP3S/wiki/jmiracl
Includes benchmarks
MIRACL is the gold standard for Elliptic Curve Cryptography over GF(p) and GF(2m) and additionally supports even more esoteric Elliptic Curves and Lucas function-based schemes. It also includes over twenty protocols based on the new paradigm of Pairing-Based Cryptography. Using MIRACL means that AES encryption, RSA public key cryptography, Diffie-Hellman Key exchange and DSA digital signature are all just a few procedure calls away.
You can read more about MIRACL here and download the SDK: https://github.com/miracl/MIRACL