tags:

views:

129

answers:

1
+2  Q: 

What's the Java JCE equivalent for this C OpenSSL encryption function?

I am writing a Java implementation of an app originally written in C. I can't modify the C version, and the Java version must share encrypted data with the C version.

Here's the relevant part of the C encryption code:

makekeys(password,&key1,&key2); /* turns password into two 8 byte arrays */
fill_iv(iv); /* bytes 8 bytes of randomness into iv */
des_key_sched(&key1,ks1);
des_key_sched(&key2,ks2);
des_ede2_ofb64_encrypt(hashed,ctext,hashedlen,ks1,ks2,
                       &iv,&num);

I can see that the JCE equivalent is something like:

SecretKey key = new SecretKeySpec(keyBytes, "DESede");
IvParameterSpec iv = new IvParameterSpec(new byte[8]);
Cipher cipher = Cipher.getInstance("DESede/?????/?????"); // transformation spec?
cipher.init(Cipher.ENCRYPT_MODE, key, iv);
byte[] cipherTextBytes = cipher.doFinal(plaintext);

Questions:

  • The C code takes two keys, JCE takes one. How do I reconcile this? Just append the two into one array? In which order?
  • What transformation spec (if any!) is equivalent to OpenSSL's des_ede2_ofb64_encrypt? How would I find out, other than by asking strangers on the Internet? ;)
+2  A: 

In answer to your last question, you'd find out by reading the documentation on the specific algorithms themselves. The Sun docs do generally assume you already are familiar with the subject matter. In this case, you would know that: triple DES is the application of three independently keyed DES ECB instances in sequence; that the most common way to this is something called DES ede, which means the 1st and 3rd DES instances are run in the encrypt direction but the 2nd DES instance is run in the decrypt direction; that ede3 three means that each DES instance is keyed independently and ede2 means that the 1st and 3rd instances use the same key; that OFB64 means 64-bit output feedback mode.

You should get the the same result with getInstance("DESede/OFB64/NoPadding"), and by making the key1 the 1st 8 bytes of the DESede key, key2 the 2nd, and key1 the 3rd.

GregS  2010-02-08 13:29:59
Thanks so much. The Sun docs I had been working with did not mention an "OFB64" mode -- only "OFB". But the runtime seems happy with OFB64. I'll post back when it's talking to the C version.
slim  2010-02-08 14:10:01
Works perfectly. Thanks again.
slim  2010-02-08 18:22:12

related questions

any good tool for makefile generation?
How do you pass a function as a parameter in C?
Where should a veteran C programmer start in order to master Java ?
Any good book on best practice and guidelines in developing a SDK in C?
How do you determine the size of a file in C?
Decoding printf statements in C (Printf Primer)
Shift operator in C
How to avoid redefining VERSION, PACKAGE, etc.
Alpha blending sprites in Nintendo DS Homebrew
When should I use type abstraction in embedded systems
How to implement continuations?
What are the barriers to understanding pointers and what can be done to overcome them?
Anyone have experience creating a shared library in MATLAB?
String.indexOf function in C
Passing multidimensional arrays as function arguments in C
C/C++ library for reading MIDI signals from a USB MIDI device
Choosing a static code analysis tool
How do you printf an unsigned long long int?
Good STL-like library for C.
Rockbox audio format
Why am I getting a malloc: double free error with realloc()?
Should I learn C?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS