Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Oracle Triple DES Encryption -> Java Decryption

843811Mar 22 2010 — edited Mar 25 2010
I'm working with a legacy Oracle system that uses Triple DES encryption, and I'm having problems decrypting the data in java. Here is the pl/sql for the encryption: 
   FUNCTION encrypt(p_str IN VARCHAR2, p_key IN RAW) RETURN RAW IS
      v_data   VARCHAR2(255);
      v_retval RAW(255);
   BEGIN
      v_data := RPAD(p_str, CEIL(LENGTH(p_str)/8)*8, CHR(0));
      dbms_obfuscation_toolkit.DES3Encrypt
         (
            input => utl_raw.cast_to_raw(v_data),
            key   => p_key,
            which => g_which,
            encrypted_data => v_retval
         );
      RETURN v_retval;
   END encrypt;

   FUNCTION decrypt(p_raw IN RAW, p_key IN RAW) RETURN VARCHAR2 IS
      v_retval RAW(255);
   BEGIN
      dbms_obfuscation_toolkit.DES3Decrypt
         (
            input => p_raw,
            key   => p_key,
            which => g_which,
            decrypted_data => v_retval
         );
      RETURN RTRIM(utl_raw.cast_to_varchar2(v_retval), CHR(0));
   END decrypt;
Here is the java code I'm using: 
import java.security.GeneralSecurityException;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;


public class TripleDES {
    private String algorithm = "DESede/CBC/NoPadding";
    private IvParameterSpec iv = 
        new IvParameterSpec(new byte[] { 0, 0, 0, 0, 0, 0, 0, 0 });
    private Cipher cipher;
    private SecretKey key;

    public TripleDES(String secretString) throws GeneralSecurityException {
        key = new SecretKeySpec(secretString.getBytes(), "DESede");
        cipher = Cipher.getInstance(algorithm);
    }    

    private byte[] encrypt(byte[] bytes) throws GeneralSecurityException {
        cipher.init(Cipher.ENCRYPT_MODE, (Key)key, iv);
        return cipher.doFinal(bytes);
    }

    private byte[] decrypt(byte[] bytes) throws GeneralSecurityException {
        cipher.init(Cipher.DECRYPT_MODE, (Key)key, iv);
        return cipher.doFinal(bytes);
    }

}
I'm using the same key, 123456789123456789123456, but something doesn't match up.

Oracle: 
SELECT encrypt('testing!', RAWTOHEX('123456789123456789123456'))
  FROM dual;
returns: "7F6C925B08D478C4"

Java: 
    public static void main(String[] args) throws Exception {
    
        try {
            TripleDES x = new TripleDES("123456789123456789123456");
            String value = "testing!";
    
            byte[] encrypted = x.encrypt(value.getBytes());
            String encoded = new String(Hex.encodeHex(encrypted));
            System.out.println("Encrypted: \"" + encoded + "\"");
    
            byte[] decoded = Hex.decodeHex(encoded.toCharArray());
            String decrypted = new String(x.decrypt(decoded));
            System.out.println("Decrypted: \"" + decrypted + "\"");
        }
        catch (Exception e) {
            System.out.println("Error: " + e.toString());
        }
        
    }
Encrypted: "6352d3ff779ab3fa"

Everywhere I've read said that DESede/CBC/NoPadding is the correct algorithm for Triple DES on Oracle. Is something happening to key perhaps to cause this discrepancy?

Thanks for looking and for the replies!

Comments

Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Apr 22 2010
Added on Mar 22 2010
#cryptography
10 comments
5,750 views