Android use CFB

Question

I'm trying to encode my String with AES and CFB. If im doing this

Cipher cipher = Cipher.getInstance("AES/CFB/NoPadding");

, it works fine. But if i'm using "AES/CFB/NoPadding" instead of "AES", then the same String with the same password is different. Here is my Code:

SecretKeySpec key = new SecretKeySpec(cryptPassword.getBytes(), "AES");

        byte[] cryptByte = cryptString.getBytes("UTF8"); 

        Cipher cipher = Cipher.getInstance("AES/CFB/NoPadding");

        cipher.init(Cipher.ENCRYPT_MODE, key);
        byte[] hans = cipher.doFinal(cryptByte);


        cryptString = Base64.encodeToString(hans,Base64.DEFAULT);

Can someone help me? Thanks a lot!!!

Do you mean you tried `new SecretKeySpec(cryptPassword.getBytes(), "AES/CFB/NoPadding");`? — Duncan Jones, Apr 15 '14 at 15:24

score 0 · Answer 1 · edited May 23 '17 at 10:32

Assuming that the question is about the difference of Cipher.getInstance("AES") and Cipher.getInstance("AES/CFB/NoPadding"):

For Oracle JDK the default mode/padding when you do not specify them in the transformation string is "ECB/PKCS5Padding", meaning that Cipher.getInstance("AES") is the same as Cipher.getInstance("AES/ECB/PKCS5Padding").

The result of encoding some data with AES/ECB/PKCS5Padding is predictably different from encoding the same data with AES/CFB/NoPadding.

To minimize the confusion you should always specify the full transformation with explicit mode and padding values.

Android use CFB

1 Answers1