Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Problem in the Cryptography during JDK Migration

843811Oct 16 2008 — edited Oct 26 2008


Dear All,


I am running the following code (sample client) in the JDeveloper 9 , jdk 1.4.2, and it's a part of an application deployed on standalone OC4J 9.0.4.0.0, the method doFinal() returns a result




import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.CharacterCodingException;
import java.nio.charset.Charset;
import java.nio.charset.CharsetDecoder;
import java.nio.charset.CharsetEncoder;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
//import raya.ps.rplog.model.LogHandler;


public class TripleDES
{
public TripleDES()
{
}


/**
*
* @param args
*/
public static byte[] genKey()
{
byte[] keybytes= {};
try
{
KeyGenerator keyGen;
keyGen = KeyGenerator.getInstance("DESede");
SecretKey key = keyGen.generateKey();
keybytes=key.getEncoded();
}
catch (NoSuchAlgorithmException e)
{
//LogHandler.critical("[TripleDES][Generating 3DES Key][Algorithm or provider not Available] ");
}
return keybytes;
}
public static SecretKey genKey(String inkey)
{
return new SecretKeySpec(inkey.getBytes(), "DESede");
}

public static String encode(String inStr, byte[] aKey)
{
byte[] myIV = {(byte)50,(byte)51,(byte)52,(byte)53,(byte)54,(byte)55,(byte)56,(byte)57};
String result="";
try
{
Cipher c3des = Cipher.getInstance("DESede/CBC/PKCS5Padding");
SecretKeySpec myKey = new SecretKeySpec(aKey, "DESede");
IvParameterSpec ivspec = new IvParameterSpec(myIV);


c3des.init(Cipher.ENCRYPT_MODE, myKey, ivspec);
//System.out.println(inStr +" is "+inStr.length()+" bytes long...");
byte[] cipherText = c3des.doFinal(inStr.getBytes());
result= new String(cipherText);
//System.out.println("result length is: "+result.length());


Charset charset = Charset.forName("US-ASCII");
CharsetEncoder encoder = charset.newEncoder();
ByteBuffer bbuf = encoder.encode(CharBuffer.wrap(result));
result = new String( bbuf.array());
}
catch(Exception e){e.printStackTrace();}
// catch (CharacterCodingException e) { }
// catch (NoSuchPaddingException e) { }
// catch (NoSuchAlgorithmException e) { }
// catch (InvalidKeyException e) { }
// catch (InvalidAlgorithmParameterException e) { }
// catch (IllegalBlockSizeException e ) { }
// catch (BadPaddingException e) { }
return result;
}
public static String decode(String inStr, byte[] aKey)
{
byte[] myIV = {(byte)50,(byte)51,(byte)52,(byte)53,(byte)54,(byte)55,(byte)56,(byte)57};
String result="";
try
{
Cipher c3des = Cipher.getInstance("DESede/CBC/PKCS5Padding");
SecretKeySpec myKey = new SecretKeySpec(aKey, "DESede");
IvParameterSpec ivspec = new IvParameterSpec(myIV);


c3des.init(Cipher.DECRYPT_MODE, myKey, ivspec);
//System.out.println("inside TripleDES core ... decoding <<"+inStr+">> with the key " );
//System.out.println("inside TripleDES core ... "+ new String(c3des.doFinal(inStr.getBytes())));
byte[] decodeText = c3des.doFinal(inStr.getBytes());
result= new String(decodeText);
}


catch (NoSuchPaddingException e) { }
catch (NoSuchAlgorithmException e) { }
catch (InvalidKeyException e) { }
catch (InvalidAlgorithmParameterException e) { }
catch (IllegalBlockSizeException e ) { }
catch (BadPaddingException e) { }
return result;
}
public static void main(String[] args)
{
TripleDES tripleDES = new TripleDES();
System.out.println(new String(genKey()));
String testString="La Elaha Ella Allah";
String encodedString;
String decodedString;
String key;
// testing the functions

//1. generate the key
key = new String(genKey());
//2. encrypt a string
encodedString= encode(testString, key.getBytes());
//3. decrypt the string into an empty one and compare both
decodedString= decode(encodedString, key.getBytes());

//4. print the results
System.out.println(" test String was >> "+testString);
System.out.println(" Key String was >> "+key);
System.out.println("Encoded String was >> "+encodedString);
System.out.println("Decoded String was >> "+decodedString);
System.out.println("comparing decoded with original returned>> "+testString.equals(decodedString));
}
}



But when running it on JDeveloper 10.1.3.3.0, jdk 1.4.2 (selected from the project properties - > libraries -> j2se version), and deploying the application on the JDeveloper's embdded OC4J (i think it's running on jdk 5 not jdk 4) or on stand alone OC4J (10.1.3.1.0) running on jdk 5 packaged with SOA suite 3 the same method gives a different result, has any one faced a similar problem in this method when migrating from jdk 4 to jdk 5 ???


Also i want to know if I can run the Application server (10.1.3.1) on jdk 1.4 or not, any help would be appreciated, thanks in advance


Regards,
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Nov 23 2008
Added on Oct 16 2008
#cryptography
11 comments
388 views