java-security - w3toppers.com

Crash casting AndroidKeyStoreRSAPrivateKey to RSAPrivateKey

I managed to get this working by removing the Provider from Cipher.getInstance and not casting to a RSAprivateKey. KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry; Cipher output = Cipher.getInstance(“RSA/ECB/PKCS1Padding”); output.init(Cipher.DECRYPT_MODE, privateKeyEntry.getPrivateKey()); I’m not 100% but I think the reason for this I believe is the change in marshmallow from OpenSSL to BoringSSL. https://developer.android.com/preview/behavior-changes.html#behavior-apache-http-client Anyway, the above worked … Read more

Enable TLSv1.2 and TLS_RSA_WITH_AES_256_CBC_SHA256 Cipher Suite

It is only possible if you use a simple HTTPS connection (not SSL Sockets) using the properties -Dhttps.protocols=TLSv1.2 -Dhttps.cipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA256 See the post at http://fsanglier.blogspot.com.es/ Java 7 introduced support for TLS v1.2 (refer to http://docs.oracle.com/javase/7/docs/technotes/guides/security/enhancements-7.html) BUT does not enable it by default. In other words, your client app must explicitly specify “TLS v1.2” at SSLContext creation, … Read more