• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Problem encrypting in Triple-DES

 
Ranch Hand
Posts: 169
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Here's my scenario.
* I'm receiving a public RSA key from a C application (using openSSL library)
* I create an RSA key from the bytes I'm getting.
* I use RSA key to encrypt a string (known to the C code), and verify that the encryption works
* I generate a payload(Triple-DES) key, encrypt it using the RSA Key, then send the raw bytes to the C code for use
* C++ code verifies for itself that it can use the tripleDes key created from my bytes to encrypt/decrypt a string
* If everythings succeeded up to this point, I once again encrypt the 'known' data - this time with the triple DES key

Currently when the C code receives my triple-DES encrypted known data, it's the right length, but when it uses the key it created earlier from my bytes to do the decryption, the known data's not there. I may be missing something basic about the key exchange, but I've yet to catch it. I've tried both instantiating the desEde key as a Key and SecretKey. Am I correct that I can be using just one desEde key for everything? Or at least to encrypt the data?
(NOTE: All the stuff that I need to do from java has already been done in a C++ client using Crypto5.1, and I'm getting what I can from that code...)


The C code is expecting a 32-byte array with which to construct the TripleDES(DesEde) Key for use. I havent found the exact C++ client code that encodes the 32 byte array (not for lack of looking).

I went with what seemed the standard procedure, constructing the 32 byte[] the Triple-Des key's first 16 bytes. Here's how I coded it:



>>>>>OUTPUT<<<<<<<
All desKeyBytes = 7af82094eaf8a2a28345b3a29152d38c7af82094eaf8a2a2
first 16 bytes = 7af82094eaf8a2a28345b3a29152d38c
desKeyBytes = 070a0f08020009040e0a0f080a020a02080304050b030a02090105020d03080c
<<<<<OUTPUT>>>>>>>

Here's how I (try to) encrypt the known data (a String - length=61). The EncodedBuffer class is one thats used for writing/reading bytes, and it works plenty of other places in the code, so I'm reasonably certain it works just fine.




>>>>>OUTPUT<<<<<<< KNOWN DATA NOT SHOWN (XXXX) FOR OBVIOUS REASONS
paddedBytes = 3
encryptedLen = 64
plain text, x 0= XXXXXXXX
plain text, x 8= XXXXXXXX
plain text, x 16=XXXXXXXX
plain text, x 24=XXXXXXXX
plain text, x 32=XXXXXXXX
plain text, x 40=XXXXXXXX
plain text, x 48=XXXXXXXX
encryptedBuffer.getNumberOfBytesInput = 56
paddingBuffer.getNumberOfBytesInput = 5
padChar = 3
padded buffer = XXXXX
paddingBuffer.getNumberOfBytesInput = 8
encryptedBytes.length = 8
<<<<<OUTPUT>>>>>>>
 
Tom Katz
Ranch Hand
Posts: 169
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
one correction, the 4th * at top of post should read 'The C code', not C++.

And they didnt transfer over when I copied, but there are three byte indicators in this line of the output:

padded buffer = XXXXX***

...representing the padding
 
Tom Katz
Ranch Hand
Posts: 169
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well, I also tried encoding those 24 bytes in base64 (didnt work) and adding an 8Byte Initialization Vector to the bytes (while using same IV to initialize the cypher) - once again, didnt work.

Man, I just wish everything was written in java, would make this so much easier!!!
 
Tom Katz
Ranch Hand
Posts: 169
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
aHA! Needed to be using a cypher in CBC mode, not ECB. Pretty sure that was my whole problem.
 
We're being followed by intergalactic spies! Quick! Take this tiny ad!
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic