The https handshake is unbearably slow in a BlackBerry app, so I'm going to try to use their native encryption functions to send private data to my server via http. I can send a unique shared secret key to the device using a one-time https transfer so I think this scheme is relatively secure unless someone gets access to the device, but I'm not concerned about that.
I've found the encrypt() function in the following BlackBerry article: http://supportforums.blackberry.com/t5/Java-Development/Use-Basic-Encryption/ta-p/445092
I've been tinkering with it and it seems to produce encrypted output.
The question is, how do I decrypt this on the server side in PHP using mcrypt_decrypt()?
I'm by no means an encryption expert and all the options are making my head spin. Key size, block size, block cipher mode, IV, etc.
I read in the comments here How to write AES/CBC/PKCS5Padding encryption and decryption with Initialization Vector Parameter for BlackBerry that maybe I should use a CBCEncryptorEngine on the BlackBerry side. The encrypt() example doesn't specify a block cipher mode, so adding this seems to make sense since mcrypt_decrypt() seems to want one.
Then does the IV have to be sent along with the encrypted data? it seems to be required Obviously I'm out of my element here.
I'm tinkering with this code in PHP:
mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $sSecretKey, $sEncrypted, MCRYPT_MODE_ECB);
But honestly I have no clue what constants to use and whether I need the IV. Naturally, it's giving me garbage out.
Can someone help me put these pieces together?