1

Encode the string in java then decode on all mobile platform. if i use Base64/AES but they all have different implementation on their platform so How can i encode the string then it will decode on every mobile platform(Android,IOS,Windows,Mozilla,BlackBerry,J2ME phones)

user3359503
  • 31
  • 1
  • 7
  • Base64 and AES are standardised. Even if there may be small implementation specific differences, this should not preclude interoperability at all. Do you have a concrete example of an interoperability problem? – deceze Sep 19 '14 at 11:32

1 Answers1

1

As stated in the comments, base64 and AES are sufficiently standardised that every platform will have a compatible implementation.

You just have to ensure a few things:

  • Always use the same character encoding when converting strings to bytes (and vice versa).

  • Use the same AES mode of operation (e.g. CBC-mode) and same padding on all platforms (e.g. PKCS #7 [a.k.a. PKCS #5 in Java]). Don't rely on defaults if you have the option to explicitly state your choice.

  • If you use a mode that requires an IV, ensure this is passed correctly to the destination. For best practice, use a random IV for each message.

  • Use the same key. This may sound silly, but if you are deriving the key from a password, you need to use the same mechanism on every platform. PBKDF2 is a good choice for password-based keys (and you need to use the same hash function and iteration count). If you use fixed keys, ensure you convert from your string representation to the key bytes in a consistent way.

Duncan Jones
  • 67,400
  • 29
  • 193
  • 254