I'm working on a one-time password application, using the hotp algorithm (RFC 4226). I've got an Android app (via simulator) for otp generation, and a server-side app for validation. On their own, both are working fine and passing tests.
我正在使用hotp算法(RFC 4226)进行一次性密码应用。我有一个用于otp生成的Android应用程序(通过模拟器),以及用于验证的服务器端应用程序。他们自己都工作正常并通过测试。
However, the secret key I'm generating on my device is not the same as the secret key I'm generating on the server, even when the inputs are hardcoded and the same between them. This leads to different one-time passwords being generated on the device and the server, which ruins my ability to generate valid one-time passwords. I'm trying to figure out why this is happening, and if there's anything I can do about it.
但是,我在我的设备上生成的密钥与我在服务器上生成的密钥不同,即使输入是硬编码的,并且它们之间是相同的。这会导致在设备和服务器上生成不同的一次性密码,这会破坏我生成有效一次性密码的能力。我试图弄清楚为什么会发生这种情况,如果有什么我可以做的。
The code is identical between the server and the device simulator for constructing SecretKeys and generating one-time passwords from the keys. I've checked the bytes in the keyspecs on the device and the server, and they're identical. However, the keys generated by the SecretKeyFactories (both from DESedeKeySpecs) have subtle off-by-one differences when I view the bytes from secretKey.getEncoded(). I see similar differences if I use DES instead of triple DES.
服务器和设备模拟器之间的代码是相同的,用于构造SecretKeys并从密钥生成一次性密码。我检查了设备和服务器上的keyspecs中的字节,它们是相同的。但是,当我从secretKey.getEncoded()查看字节时,SecretKeyFactories(来自DESedeKeySpecs)生成的密钥具有微妙的逐个差异。如果我使用DES而不是三重DES,我会看到类似的差异。
What's interesting is that in my Android project, the bytes in the KeySpec and the generated SecretKey are consistent (though truncated), but on the server, there are occasional off-by-one differences in the bytes between the KeySpec and generated SecretKey. Is this normal? I read something about parity bit alterations when using DES and triple DES, so I'm not sure if this is a problem.
有趣的是,在我的Android项目中,KeySpec中的字节和生成的SecretKey是一致的(虽然被截断),但在服务器上,KeySpec和生成的SecretKey之间的字节偶尔会有一个一个一个的差异。这是正常的吗?我在使用DES和三重DES时读到了有关奇偶校验位更改的内容,所以我不确定这是否是一个问题。
I also know that Android is using Bouncy Castle, but my server is using SunJCE. My understanding was that this shouldn't present a problem, and I'd like to know if this is a known occurence when using two different providers. I have very limited ability to get Bouncy Castle server-side.
我也知道Android正在使用Bouncy Castle,但我的服务器正在使用SunJCE。我的理解是,这不应该是一个问题,我想知道在使用两个不同的提供者时这是否已知。我获得Bouncy Castle服务器端的能力非常有限。
Advice and enlightenment, please?
建议和启示,好吗?
1 个解决方案
#1
1
Looks like someone else already detected the problem and an interim solution. It's a difference between how the BC implementation on the phone and SunJCE handle parity bits when generating secret keys. Looks like Bouncy Castle might be releasing an update to address this:
看起来其他人已经检测到问题和临时解决方案。在生成密钥时,电话上的BC实现和SunJCE如何处理奇偶校验位是有区别的。看起来像Bouncy Castle可能会发布更新来解决这个问题:
http://code.google.com/p/android/issues/detail?id=3143
http://code.google.com/p/android/issues/detail?id=3143
#1
1
Looks like someone else already detected the problem and an interim solution. It's a difference between how the BC implementation on the phone and SunJCE handle parity bits when generating secret keys. Looks like Bouncy Castle might be releasing an update to address this:
看起来其他人已经检测到问题和临时解决方案。在生成密钥时,电话上的BC实现和SunJCE如何处理奇偶校验位是有区别的。看起来像Bouncy Castle可能会发布更新来解决这个问题:
http://code.google.com/p/android/issues/detail?id=3143
http://code.google.com/p/android/issues/detail?id=3143