I’m currently a few weeks into my internship where I’m developing a new blackberry app for a small start-up company. One of the core features of this app is that it can communicate with a remote server. Anyone that knows anything about security will tell you that you simply cannot send these communications in plain text.
So, this week I’ve been working with encrypting strings and sending them to our server. The way we’re handling the encryption/decryption is by using a common method on both client and server side so that messages can be easily decrypted. Pretty common enough. But, in order for the client and server to tell if messages have been tampered with before the arrive at their destination, we also send a CRC of the string that we have encrypted. Once decrypted, we call the CRC method again and can tell if the data is as it should be.
Here’s where the problem arises.
Since the app is cross platform, we have to ensure that the CRC value gotten on a blackberry device matches that gotten on an Android device, not to mention the server will need to be working off the same algorithms. Initially you might think thats no problem because CRCs are universal. Incorrect. It took me a few days but I have realised that the Blackberry implementation of CRC32 is different to the Android and the Apache/PHP implementation. It was frustrating having the Android sending and receiving messages with ease, when my blackberry app was getting errors.
The Solution
Like all good programmers will tell you, there’s no point reinventing the wheel. It felt to me like that was going to be my only solution if I was to ever get this to work, but after spending way too long on this small piece of code, I decided to do what I should’ve done a long time ago….and that is to Google java.util.zip.CRC32 source (and java.util.zip.checksum) and copy and paste the source into a new .java file in my project! Basically the blackberry CRC32 code seems “broken” so why invent the wheel when I can just use the same “working” code that the others use!!!
After I did this, the code worked straight away. I didnt even have to rewrite the code too much because they all have pretty similar methods! Plus, my code is a little bit more “cross-platform” now for when we package all the common stuff into a JAR later.