3DES Ecnryption

Hi,
We are using Seeburger AS2 adapter to send messages to our trading partner. The sender AS2 adapter has the capability of encrypting the AS2 message, and it supports only 3DES ,AES encryption, and few more alogrithms, but not RSA.
The J2EE Key Storage has the capablity of generating self signed Secrety Key and Certificate using RSA alogrithm.
We would like to generate a self signed 3DES or AES/128 Secret Key and Certificate. Can anyone guides us with this?
Thanks,
Karma

Hi,
Thanks for your help. Any idea as how to genereate key/certificate using 3DES algorithm?
Thanks again for your help.
Karma

Similar Messages

  • Compatibility wtih 3DES

    I want to encrypt wtih 3DES in java and decryt in C. The same in the other way. The problem is that when I encrypt the same word with the same key in both languages, I get a different cipher test.
    Can anybody help me?
    I use this code to encrypt in JAVA:
    public class Encriptador {
         //Generamos la clave
    /*     private static final byte[] _3desData = {
             (byte)0x76, (byte)0x6F, (byte)0xBA, (byte)0x39, (byte)0x31, (byte)0x2F,
             (byte)0x0D, (byte)0x4A, (byte)0xA3, (byte)0x90, (byte)0x55, (byte)0xFE,
             (byte)0x55, (byte)0x65, (byte)0x61, (byte)0x13, (byte)0x34, (byte)0x82,
             (byte)0x12, (byte)0x17, (byte)0xAC, (byte)0x77, (byte)0x39, (byte)0x19 };*/
         static String clave ="012345678901234567890123";
         private static final byte[] _3desData = clave.getBytes();//{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
         private static SecretKeySpec _key = new SecretKeySpec(_3desData, "DESede");
    //  private static SecretKeySpec _key = Generador.clave();
         //Tenemos funciones de encriptar y desencriptar con cadenas y bytes
      public static String encrypt(String text){
        byte[] plaintext = text.getBytes();
        try{
          // Cogemos el objeto 3DES Cipher
          Cipher cipher = Cipher.getInstance("DESede");  // Triple-DES encryption
          // Modo encriptar
          cipher.init(Cipher.ENCRYPT_MODE, _key);
          // Encriptamos, pero pasamos a ASCII primero
          byte[] cipherText = cipher.doFinal(plaintext);
          BASE64Encoder b64 = new BASE64Encoder();
          return b64.encode(cipherText);
        }catch (Exception e){
          throw new java.lang.RuntimeException(e);
      public static String decrypt(String text){
        try{
          BASE64Decoder b64 = new BASE64Decoder();
          byte[] cipherText = b64.decodeBuffer(text);
          // Cogemos el objeto 3DES Cipher
          Cipher cipher = Cipher.getInstance("DESede");  // Triple-DES encryption
          // Modo desencriptar
          cipher.init(Cipher.DECRYPT_MODE, _key);
          // Desencriptamos
          String plainText = new String(cipher.doFinal(cipherText));
          return plainText;
        }catch (Exception e){
          throw new java.lang.RuntimeException(e);
        }

    Excuse me, I�m using as plaintext 0000111122220000.
    Yes, I�m now that use this keys make it a DES encrypt, but it only is to simplify yhe test.
    This is the C code. I can�t change it because it works in other aplications.
    void algorithms_DES (char tipo,UCHAR *d,UCHAR *c)
         int i,j;
         UCHAR k,val_car,d_i1[65],d_i2[65];
         UCHAR Edato[65],Eclave[65],Fresu[33],DatoR[33],Iclave[49];
         UCHAR permut_ini[65] = { 64,58,50,42,34,26,18,10, 2,60,52,44,36,28,20,12, 4,
                         62,54,46,38,30,22,14, 6,64,56,48,40,32,24,16, 8,57,
                          49,41,33,25,17, 9, 1,59,51,43,35,27,19,11, 3,61,53,
                         45,37,29,21,13, 5,63,55,47,39,31,23,15, 7
         UCHAR permut_fin[65] = { 64,40, 8,48,16,56,24,64,32,39, 7,47,15,55,23,63,31,
                         38, 6,46,14,54,22,62,30,37, 5,45,13,53,21,61,29,36,
                           4,44,12,52,20,60,28,35, 3,43,11,51,19,59,27,34, 2,
                           42,10,50,18,58,26,33, 1,41, 9,49,17,57,25
         ST(Edato,0,sizeof(Edato));
         ST(Eclave,0,sizeof(Eclave));
         ST(d_i1,0,sizeof(d_i1));
         ST(d_i2,0,sizeof(d_i2));
         ST(Fresu,0,sizeof(Fresu));
         ST(Iclave,0,sizeof(Iclave));
         ST(DatoR,0,sizeof(DatoR));
         Edato[0]=sizeof(Edato)-1;
         Eclave[0]=sizeof(Eclave)-1;
         d_i1[0]=sizeof(d_i1)-1;
         d_i2[0]=sizeof(d_i2)-1;
         Fresu[0]=sizeof(Fresu)-1;
         Iclave[0]=sizeof(Iclave)-1;
         DatoR[0]=sizeof(DatoR)-1;
         for (i=0,j=1 ; i<8 ; i++) 
              val_car=d;
              for (k=0x80 ; k>0 ; k/=2)
                   if ((k & val_car)!=0) Edato[j]=1;
                   j++;
         for (i=0,j=1 ; i<8 ; i++)
              val_car=c[i];
              for (k=0x80 ; k>0 ; k/=2)
                   if ((k & val_car)!=0) Eclave[j]=1;
                   j++;
         for (i=1 ; i<=permut_ini[0] ; i++) d_i1[i]=Edato[permut_ini[i]];
         for (i=1;i<=16;i++)
              ST(&d_i2[1],0,d_i2[0]);
              if (tipo==DEST_CIFR) algorithms_calc_Ki((UCHAR)i,Eclave,Iclave);
              else
              if (tipo==DEST_DESC) algorithms_calc_Ki((UCHAR)(17-i),Eclave,Iclave);
              else return;
              CP(&DatoR[1],&d_i1[33],DatoR[0]);
              algorithms_calc_F(Fresu,DatoR,Iclave);
              CP(&d_i2[1],&d_i1[33],32);
              for (j=1 ; j<=d_i2[0]/2 ; j++) d_i2[j+32]=(d_i1[j] ^ Fresu[j]);
              CP(&d_i1[1],&d_i2[1],d_i2[0]);
         CP(&d_i2[1], &d_i1[33],32);
         CP(&d_i2[33],&d_i1[1], 32);
         for (i=1 ; i<=permut_fin[0] ; i++) Edato[i]=d_i2[permut_fin[i]];
         ST(d,0,8);
         for (i=1 ; i<=Edato[0] ; i+=8)
              d[(i-1)/8] = (UCHAR)(Edato[i  ]*0x80)+(UCHAR)(Edato[i+1]*0x40)+
                   (UCHAR)(Edato[i+2]*0x20)+(UCHAR)(Edato[i+3]*0x10)+
                   (UCHAR)(Edato[i+4]*0x08)+(UCHAR)(Edato[i+5]*0x04)+
                   (UCHAR)(Edato[i+6]*0x02)+(UCHAR)(Edato[i+7]*0x01);

  • 3DES from Java - CryptoAPI

    Hi All,
    I'm facing a problem that is:
    I encrypt data in Java client using 3DES algorithm("DESede/ECB/NoPadding" for the Cipher object and "DESede" for the SecretKey one). Our server is made on C# and it decrypts the data using .NET TripleDESCryptoServiceProvider class. No problem at all...
    The problem appears when this encrypted data (by Java) is passed to C++ client (GINA) that uses CryptoAPI with CALG_3DES parameter for data decryption. The "key base" is exactly the same byte array of 24 elements that's used for Java SecretKey creation. But the result of CryptDecrypt() is 0x80090005 that means "Bad Data". I've tried this with thew most simple data (i.e. BYTE data[] = {1,2,3,4,5,6,7,8}).
    What can be the problem ? The key or the Data or maybe some initialization parameter ( inspite of using deafult key parameters in CryptoAPI)???
    Thanx a lot for any clue.
    P.S. I've also tried to encrypt in Java with PKCS5Padding since
    "The only padding method currently defined is
    PKCS5_PADDING" appears in MS SDK.
    But the result is the same....

    1. Both sides use 3DES algorithm with CBC mode, the same IV and PKCS5 padding (DESede/CBC/PKCS5Padding).
    2. At the java side the key is produced in the following manner:
    DESedeKeySpec keyspec = new DESedeKeySpec(key);
    SecretKeyFactory keyfactory = SecretKeyFactory.getInstance(keyAlg);
    SecretKey secretKey = keyfactory.generateSecret(keyspec);where key is a byte array of 24 elements and keyAlg = "DESede".
    3. At CryptoAPI side I use the same settings for the key and the algorithm but the key itself is not derived (as I've tried before) but is packed to PLAINTEXTKEYBLOB and then imported via CryptImportKey(). The key data that is inserted to this blob is exactly the same 24 bytes from the previous paragraph.
    Good luck to all ! :-)

  • 3DES decryption with SHA1 hashed key

    Hello all,
    I've been given the task of rewriting an existing VB application in Java, and one routine makes use of the Microsoft Cryptography API.
    The VB code decrypts a string using TripleDES decryption, using a string key that's been hashed with a SHA1 has algorithm.
    Most of the java DESede encryption/decryption examples I've worked through generate keys with a KeyGenerator instance, but I have not yet found any examples that use a key that's been SHA1 hashed.
    My attempts at using a hashed byte[] array of my key phrase with a DESede Crypto instance always return a "wrong key size" error.
    Can anyone provide some help? Example code fragments or anything would help.

    Thanks for the reply, and you're right in that this might be a more appropriate question to ask on a VB forum or on a MS cryptography API forum.
    Nevertheless, I've been able to make some headway on the VB side by getting the bytes of the SHA-1 hash map through some API calls.
    The hex representation of the SHA-1 hashed keyword:
    "3EC10CE885353DCD23B912860C2B91885CD3D6D1"
    A keyword to use as a test:
    "logins"
    Hex representation of the 3DES encrypted result of "logins" using the hashed keyword:
    "FB158A921E3C4CDB"
    Currently, my problem is with the length of the key. As you pointed out, SHA is 20 bytes, while 3DES is looking for 24 bytes. I'll experiment with your suggested 2-key approach, but here's my test code at the moment:
    import java.security.*;
    import javax.crypto.*;
    import javax.crypto.Cipher;
    import javax.crypto.Mac;
    import javax.crypto.SecretKey;
    import javax.crypto.spec.DESedeKeySpec;
    import javax.crypto.spec.SecretKeySpec;
    public class EncryptionTest {
    public static void main(String[] args) {
    String hashedKey = "3EC10CE885353DCD23B912860C2B91885CD3D6D1";
    String textToCode = "logins";
    byte[] keyBytes = hexStringToBytes( hashedKey );
    byte[] source = textToCode.getBytes();
    SecretKey key = new SecretKeySpec(keyBytes, "DESede");
    try {
    Cipher cipher = Cipher.getInstance("DESede");
    cipher.init(Cipher.ENCRYPT_MODE, key);
    byte[] result = cipher.doFinal(source);
    String sresult = hex( result );
    System.out.println( result );
    } catch ( NoSuchPaddingException e ) {
    e.printStackTrace();
    } catch ( BadPaddingException e ) { 
    e.printStackTrace();
    } catch ( NoSuchAlgorithmException e ) {
    e.printStackTrace();
    } catch ( InvalidKeyException e ) {
    e.printStackTrace();
    } catch (IllegalBlockSizeException e ) {
    e.printStackTrace();
    static byte[] hexStringToBytes( String s ) {
    int iLength = s.length();
    int iBuff = iLength / 2;
    byte[] buff = new byte[ iBuff ];
    int j = 0;
    for(int i = 0; i < iLength; i+=2) {
    try {
    String s1 = s.substring(i, i+2);
    buff[j++] = (byte) Integer.parseInt(s1, 16);
    } catch ( Exception e ) {
    e.printStackTrace();
    return buff;
    static String hex(byte[] data) {
    StringBuilder sb = new StringBuilder();
    for (byte b : data) {
    sb.append(Character.forDigit((b & 240) >> 4, 16));
    sb.append(Character.forDigit((b & 15), 16));
    return sb.toString();
    }

  • Error while using 3DES algorithm

    Hi All,
    i am trying to decrypt and encrypt the data using 3DES algorithm.i am facing following problem.find below what exaclty i have done:
    SQL> variable x varchar2(100);
    SQL> exec :x := 'how r u Anwar';
    PL/SQL procedure successfully completed.
    X
    how r u Anwar
    SQL> create or replace procedure crypt1( p_str in out varchar2 )
    2 as
    3 l_data varchar2(255);
    4 begin
    5 l_data := rpad( p_str, (trunc(length(p_str)/8)+1)*8, chr(0) );
    6 dbms_obfuscation_toolkit.DESEncrypt
    7 ( input_string => l_data,
    8 key_string => 'MagicKey',
    9 encrypted_string=> p_str );
    10 end;
    11 /
    Procedure created.
    SQL> create or replace procedure decrypt1( p_str in out varchar2 )
    2 as
    3 l_data varchar2(255);
    4 begin
    5 dbms_obfuscation_toolkit.DESDecrypt
    6 ( input_string => p_str,
    7 key_string => 'MagicKey',
    8 decrypted_string=> l_data );
    9
    10 p_str := rtrim( l_data, chr(0) );
    11 end;
    12 /
    Procedure created.
    SQL> set autoprint on;
    SQL> exec crypt1( :x );
    PL/SQL procedure successfully completed.
    X
    5??V????? ??
    SQL> exec decrypt1( :x );
    BEGIN decrypt1( :x ); END;
    ERROR at line 1:
    ORA-28232: invalid input length for obfuscation toolkit
    ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT_FFI", line 0
    ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT", line 153
    ORA-06512: at "UJAPAN.DECRYPT1", line 5
    ORA-06512: at line 1
    X
    5??V????? ??
    Any idea or thought would be appreciable.
    Thanks n advance
    Anwar

    From the top of my head (without checking the docs) I think that the string to be obfuscated must have a length of a multitude of 8 bytes. You might need some padding to get it to the right length.
    cu
    Andreas

  • Sending a 3DES encrypted zip file as one fields in the SOAP request xml.

    Dear All,
    We have a requirement to
    - to create a text file, after mapping and content converisons, out of an IDoc xml file,
    - zip this file
    - encrypt this file using 3DES
    - send this encrypted file as one of the tags of an xml request file to a webservice
    Could one of you please help me with any pointers to how we can do this, mainly on how to send the encrypted zip file as one of the tags of an xml file?
    Please write back to me if you need more details/clarity on my query.
    Kind Regards,
    Thomas.

    Hi Udo,
    Thank you for the response.
    Please let me try this option and get back to you with my findings.
    Kind Regards,
    Thomas.

  • What is KCV (Key Check Value) in 3DES used for?

    Hi Friends..
    I want to know what is KCV (Key Check Value) used for?..
    i found that 3DES operation (2Keys length or 3Keys length) sometimes needs KCV (Key Check Value)..
    As far as i know the KCV itself computed as Follows :
    3DES(Keys, IV(all zeroes), Data (8byte zeroes)
    Please correct me if i'm wrong..
    Thanks

    Leonardo Carreira wrote:
    sabre150 wrote:
    Leonardo Carreira wrote:
    Could you suggest me what is the good book for "learning the concept of cryptography"?..Errr ... I thought I had done that!Yes you're right, you had suggested the book for me..
    And i don't found the KCV (Key Check Value) usage in the book..
    So, i ask this question, sorry if my question is sounds boring to you, sorry for this inconvenience.. :(
    thanksKCV has at least two different meanings. I suspect you are interested in the one outlined in http://www.cryptographyworld.com/key.htm.

  • One file  Encrypt in VB using 3DES how to  Decrypt in Java ?

    one file Encrypt in VB using 3DES how to Decrypt in Java ?
    plese give me code
    shrinath

    My problem is something similar to him, but mine is in Tandem C. I have a encrypted text, which was encrypted in Tandem C using OpenSSL. I used CBC mode with no padding, i just wrote the encrypted text to a file & i tried reading the cipher from a Java program, so as to decrypt using the same CBC mode & no padding mode. but it is not decrypted as intended to be.
    can u pls give ur comment? if u have any code can u pls share it here?

  • Key for 3DES

    Hi all
    i'm new to java card.
    i need to port a design using old secure chip that does not have a OS to a new chip that run JTOP.
    After Java card receives the APDU command, the data need to be decrypted using 3DES.
    How should i store these key during the card INITIALIZED phase?
    should i use PUT_DATA or STORE DATA command?
    Any advise?
    Thanks.

    shng wrote:
    i need to port a design using old secure chip that does not have a OS to a new chip that run JTOP.
    After Java card receives the APDU command, the data need to be decrypted using 3DES.
    How should i store these key during the card INITIALIZED phase?
    should i use PUT_DATA or STORE DATA command?You're probably talking about GlobalPlatform functionality. First advice is at least to look into the GP 2.1.1 card specification to get an overview. Then you should contact Trusted Labs to get a datasheet for the card you have.
    Acc. to GP 2.1.1, PUT KEY and STORE DATA commands can be used to store security domain keys. PUT DATA command was supported in OP 2.0.1'.

  • Charging on USB 3.0? ASUS ROG G73SW-3DE Notebook

    Ok just got a ASUS ROG G73SW-3DE series laptop for gamming...VERY NICE!
    It has a USB 3.0 port?
    I have read that devices plug in to USB 3.0 ports charges faster?
    Anyone confirmed this? I dont realy want to try it yet cause im not sure what effect it has on iphones battery?

    Since the maximum bus power output has been bumpted from about 500mA to 900mA, battery-powered devices should charge faster.

  • Best add-on 3DES for Aironet?

    Since RC4-128 is not FIPS complaint, I need to add 3DES VPN on top of LEAP. So far only Cisco 3000 and XP worked well. Any advise is welcome.
    Thanks,
    Audie

    Lots of VPN options, none are cheap and none work without a performance penalty - I would be interested in what you decide on.
    We have met with a company that promises better than 3DES or IPSec protection without a performance hit for less than $100 per user, but they are not shipping yet.
    Matthew Wheeler
    Chief Wireless Architect
    www.BlueModal.com

  • Asa 3des license installation

    Hi all,
    Is it required for the 3des license upgrade for the asa5510 to reboot for the further
    configuration of site2site tunnels.
    thanks
    Anand

    Hello Anand,
    The reboot is not required for the activation of this key,
    Any other question...Sure.. Just remember to rate all of my answers.
    Julio

  • Enabling VPN-3Des-AES

    Hello!
    I need to enable VPN-3DES-AES on an ASA5540.  Show version provided this info below. 
    Licensed features for this platform:
    Maximum Physical Interfaces  : Unlimited
    Maximum VLANs                : 200
    Inside Hosts                 : Unlimited
    Failover                     : Active/Active
    VPN-DES                      : Enabled
    VPN-3DES-AES                 : Disabled
    Security Contexts            : 2
    GTP/GPRS                     : Disabled
    VPN Peers                    : 5000
    WebVPN Peers                 : 2
    AnyConnect for Mobile        : Disabled
    AnyConnect for Linksys phone : Disabled
    Advanced Endpoint Assessment : Disabled
    UC Proxy Sessions            : 2
    This platform has an ASA 5540 VPN Premium license.
    After doing some poking around I came across a link to request a free license but when the email came it warned that the requested license was lower than one currently assigned to the serial number provided.  I do not have any of the old license information since this was set up years ago and was way before my time with the company.  Can anyone point me in the right direction on how to enable the feature as well as maintaining my vpn premium license features. 
    Thanks,
    Andrew

    Below is info from the email with the key.  It keeps referring to PIX OX6.1.  The ASA is running ASA 8.0(4).  Is this going to be a problem or are the pix references just there because this key has been needed to activate the strong encryption since the pix days?  Also is the process going to be the same for an asa?  Will I still need a reboot?  Thanks for all the help!
    Platform = asa
    Installing Your PIX Firewall Activation Key
    Note:  On systems running PIX OS 6.2 and higher, you may enter the new activation key via the activation-key command.  A reboot will be necessary to have the change take effect.  On systems running PIX OS 6.1 and earlier, a software image must be downloaded to the PIX Firewall in monitor mode in order to enter the new activation key.
    Step 1.  Back up your PIX Firewall configuration.  Use the tftp-server command with the "write net" command to store your configuration on a TFTP server.  Or, use the "write terminal" command to list your configuration and then cut and paste it into a text editing application on your console.
    Step 2.  Follow the directions applicable to your version and PIX Firewall model number for installing  a new software and entering a new activation key.  Refer to the PIX Firewall documentation at the following site:
    http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/index.htm
    Step 3.  If prompted to "install a new image," enter y.
    Step 4.  When prompted to "enter new key," enter y.
    Step 5.  When prompted, enter each of the four key values (Do not enter spaces in the key value).
    Step 6.  Use the "show version" command to view the new features enabled by the key.

  • 3DES/AES licence for ASA5520

    Hi everybody,
    I have an ASA 5520 K8 with a smartnet contract, how can I proceed to get K9 software so that I will be able to use 3DES/AES encryption key.
    Thanks a lot in advandce

    As long as you are not in a proscribed country, you can just go to this page:
    https://tools.cisco.com/SWIFT/LicensingUI/ipsCryptoPage
    ...and provide your product serial number. You will be sent an activation code that will have instructions for activation included.

  • VPN-3DES-AES: Disabled feature

    Hello all,
    I have an ASA that I will like to enable the VPN-3DES-AES license. Unfortunately, we have been using this device for the past few years and the supplier did not supply us with the SKU PAK (white sheet that comes with the box). Is there a way that I can enable this feature?
    Thanks alot.
    Licensed features for this platform:
    Maximum Physical Interfaces  : Unlimited
    Maximum VLANs                : 100
    Inside Hosts                 : Unlimited
    Failover                     : Active/Active
    VPN-DES                      : Enabled
    VPN-3DES-AES                 : Disabled

    You get the license free of charge on www.cisco.com/go/license.
    Under "Get new" you choose ASA, provide your serial# and contact, and some minutes later you have the license in your inbox.
    Don't stop after you've improved your network! Improve the world by lending money to the working poor:
    http://www.kiva.org/invitedby/karsteni

Maybe you are looking for

  • I'd like to decrease my data to 1 gb or below.  I'm at 2gb now.  Can I go below 2gb and where do I get to this on line?

    I'd like to decrease my data limit to 1gb or lower.  Can I do this with a Droid Mimi, or is 2 the minimum:?  Where do I go to on the site to make this change?

  • Getting an error in MERGE statement

    Hi, I am getting an error "missing keyword" when I execute the MERGE statement. Here I have attached copy of MERGE statement which I am trying to execute. (My requirement is if I find matching record then insert again it's a business requirement. And

  • Share reminders lists now that app is outside?

    I used to share reminders on icloud.com by finding the list on my calendar app. There was this feed icon and after clicking it you could send the invitation to share the reminders list, now icloud has the reminder app outside the calendar one and I c

  • ODI private conversion problem

    Hi ODI gurus! Today I have question about ODIs private conversion. Is is is possible to enforce ODI during conversion to use specific number and date mask? Lets say odi always converts numbers using '.' instead of ','. If yes please let me know how ;

  • FRM-92102 when accessing a form using a Load Balancer

    Greetings. We have two oracle application servers version 10.1.2.0.2 on windows 2003 running forms and reports. When just one a server is running everithing works fine, but when I start the second server the clients receive the message "FRM-92102 : A