I am working on a Flutter application which needs to communicate using DTLS. As far as I can see there is no current support for DTLS in the Dart APIs, only TLS.
Can anyone recommend what I can do? Perhaps just the high-level steps on how to get a Flutter application to communicate in DTLS? Any tips on what I should watch out for?
Thanks!
I wrote a DTLS server ten years ago in Java (before there was support in Bouncy Castle), and I've ported a lot of my Java code to Dart over the last few years (but not DTLS!).
I had a quick look through the server code for what the biggest gotchas might be in a pure Dart implementation (of a client - hope that's a correct assumption). Two immediate difficulties seem to be parsing the server's certificate chain (DER decode to get to a usable RSA public key) and then using that RSA key to encrypt the pre-master-secret. (There's an old implementation of RSA in pub, but I couldn't find any ASN/DER libraries to help with the certificates.) Validating the root CA certificate would be tricky without access to a trust store.
Most of the other stuff like random number generation (how secure?), SHA/MD5 hashing, serialization to/from network byte order, handling timers are doable.
All in all, given the support in BC, RĂ©mi is correct to suggest a platform channel to Java.
Related
Is there any way to implement MQTT protocol on Ingenico's POS devices? I am currently working on iCT220 on which I want to implement IOT project. In this project, I will be sending some bytes (may be 400-1000 bytes) of data to the broker (server).
There are lots of source codes for the library available in the internet, but all make use of Linux or Windows socket libraries, where as Ingenico's devices come with proprietary libraries.
Have anyone implemented similar project on the same devices? Can anyone guide me to the process of implementation?
Thanks in advance,
Pankaj
Surely, you will need to build it from source.
I had a look at several client libraries and it looks that dependencies come mostly from IP stack, so there's very little to be implemented to have it running.
You should expect the proprietary OS issues to be thing of the past in short time - newer terminal lines are based on linux.
I'm converting an Android app to iOS. The Android version uses CMAC-AES cryptography, but I couldn't find CMAC for iOS. Does anyone know a library or could give a tip? I am not familiar with cryptography, so I am little messy.
CMAC stands for Cipher-based Message Authentication Code, that means it's a message authentication code (it is used to authenticate data and avoid any corruption of the data being authenticated) that uses ciphers to achieve its goals, in your particular case it uses the AES cipher to do so.
There are indeed some libraries that you could use, you may use OpenSSL (you may try others tutorials that links OpenSSL to your project) which is a well adopted library and heavily maintened.
I've worked with Java cryptography for many years. Now, we have a requirement to write an iOS application that will send encrypted payloads from the mobile device to a Java service. I've begun working with the iOS crypto support (CommonCrypto, etc.) and have found it a bit more difficult. The JCE has a very clean, concise API, so I've clearly gotten spoiled. In contrast, iOS cryptography is a far more difficult API to work with.
Are there any simplified crypto libraries or wrappers around CommonCrypto that provide a more concise API? In particular, we need:
Key generation (both symmetric and asymmetric)
Encryption/decryption of data
Digital signatures (SHA1withRSA, for example)
Hashing
RSA, 3DES, and AES support
I know I've seen a sample class or two that wraps AES encryption, for example. I'm looking for something a bit richer and more full-featured. Anyone have any suggestions?
You can use openSSL inside your iOS app, for ease of use you can use the SSCrypto library by septicus.
From the septicus site:
SSCrypto.framework provides a simple wrapper around OpenSSL library
functions for encryption, decryption (both symmetric and RSA) and
checksums. It also encodes and decodes base64 data and can generate
both private and public RSA keys. A test tool is included in the
project. Click here to see the main.m file that comes with SSCrypto
for examples of it's use.
I want to encrypt a parameter(which consist of sensitive data) while sending to server(WCF Service) using SHA1 algorithm, On server end I'll decrypt the string and use it.
This way i can ensure any third party won't read my sensitive data so easily.
How do I encrypt the string in windows phone 7 using SHA1 algorithm and decrypt the same in my WCF service.
Encrypted string may come to server from iPhone, android or WP7; How do I ensure that every client will produce the same result in server.
Update:
Can I use AES algorithm for above requirement?
How do I encrypt the string in windows phone 7 using SHA1 algorithm and decrypt the same
You don't. SHA-1 is a hashing algorithm. It's one way - you can't "decrypt" it. You should choose a symmetric or public/private key algorithm based on your requirements. Read the .NET cryptographic services documentation as a starting point - I'd expect pretty much any of the algorithms supported by .NET to also be supported on other platforms.
Alternatively, just use HTTPS instead of HTTP... that would satisfy your initial highlighted requirement without you having to do much work at all (beyond the server-side deployment of appropriate HTTPS certs).
Agree with Jon's post but with additional thoughts.
I cannot comment yet (need more street cred) so I will post it here.
Your question does not state if you are transmitting this from a native app, or a browser (using an Ajaxian mechanism). But I will presume native. Really though the answer is the same with the difference being implementation.
The easiest approach IMO would be to use the tools and APIs to be a HTTPS (SSL/TLS) client which will give you over the wire confidentiality. The details of what quality of service the SSL connection provides is for you to configure from the "cipher suites") available. AES is available.
I'm looking for a Delphi implementation of an asymmetric encryption algorithm without any dependencies on external DLLs. Is there any available?
My goal is to encrypt/decrypt a string (or array of bytes) using a public/private key pair.
SecureBlackBox from Eldos offers a native, comprehensive solution - including certificate management and access to external crypto devices (i.e. USB tokens)
LockBox is now improved. It allows long keys for RSA, AES cipher and is in active development.
It is free, Open Source and 100% native code with no DLLs.
You can try Lockbox - http://sourceforge.net/projects/tplockbox/. It's free and includes RSA among others (Blowfish, MD5, SHA-1, DES, triple-DES, Rijndael, & digital signing of messages).
It comes complete with a good RSA example that demonstrates how to generate your public/private keys and how to actually encrypt and decrypt data using the keys.
I'm currently using it with Delphi 2010.
I realize that the original question stated "no external DLLs" but in the absence of an acceptable answer maybe you should take a look at the OpenSSL DLLs along with this Delphi link which contains an import unit for the library and some good examples on how to use it, including RSA encryption.
I have tinkered with this and got it working pretty well. There are some changes required to make it work with unicode Delphi - but these are mostly to do with changing PChar to PAnsiChar or PBytes.
Simple Delphi wrappers now allow me to sign/verify/encrypt sym or asym and use SSL. And let's be honest - the distribution of the OpenSSL DLLs is a lot more straightforward than some of the Microsoft offerings. Plus it's free and well maintained.
Take a look at the FGInt package on this site: http://submanifold.be/
If you can stomach using Windows services, there is the Crypto API: http://msdn.microsoft.com/en-us/library/aa380255(v=VS.85).aspx
If you are targeting Vista and up, there is the new Cryptography API: Next Generation. This also supports Elliptic Curve crypto: http://msdn.microsoft.com/en-us/library/aa376210(VS.85).aspx
Another very good fairly complete package is the Delphi Encryption Compendium (DEC) 5.2. You can download (Free with source) from http://www.torry.net/pages.php?id=519#939342.