Java/Kotlin example on how to encrypt the new lock key with the old one.

[LouisCAD]

Hi,
Here in the Eddystone configuration service page, there's mentions on the fact that the new lokc key shall be encrypted with the old one, but there's no example, and no mention of which padding to use.

Please, could you share a code snippet on how to generate the encrypted key using the old key and the desired new key in Java or Kotlin?

I don't want to try this without being certain, because if I fail, my beacon is bricked with a key I don't know.
FYI, the target use is an Android app

[adriancretu]

Take a look at the Eddystone GATT service implementation in my beacon advertiser library: The AES transformations for the lock key encrypt/decrypt is right there
There is no padding used because for a 16-byte message it would add an empty padding block at the end, making it a 32-byte encrypted message without much point (a potential attacker would probably already know the message is 16 bytes, checking some padding for decryption consistency is last of his worries). Speaking of this, there's no IV either, but I suspect encrypting the new lock key using the older lock key should always be a one-time op anyway ;) Good luck.