DES Decryption using a decrypt id

I have a decrypt id from the vendor from whom i get the data encrypted in DES. So i wanna how i can use that decrypt id and decrypt the encrypted data. Hope someone has already worked on this and hoping for a quick reply..
Thanks,
Ravi

Similar Messages

FTP to mail scenario with DES decryption

Hi All,
I have a existing process where FTP data files are scheduled to be available at 1:00pm each day on the FTP server. Earlier to support this, a Windows-based FTP client script has been developed by us which automatically retrieves the files via the Internet and does a number of other tasks which are detailed below. This script runs at 1:10pm each day, including weekends and holidays. The script retrieves 3 files, which are saved locally, and then decrypted, archived, and finally transferred via mail and also FTP to specific Unix directories for import into various SAP systems
I have a scenario where SAP PI needs to do the same stuff above that is pick a file from the ftp location and send it to a mail address. The file will be in encrypted format and SAP PI needs to decrypt the file and the decrypted file needs to be send through.
The files at the FTP side are encrypted using DES Encryption so ideally SAP PI needs to decrypt it using DES decryption.
I know I can keep the DES software on the UNIX server at XI side and call it in sender file adapter at OS level calls but as far as I know it will be difficult for maintenance as the logs won't be available for proper monitoring.
What is the best way to achieve this ?
Thanks in advance.
Ravijeet
Edited by: RAVIJEET.SAP.PI on Dec 2, 2010 4:00 PM
Edited by: RAVIJEET.SAP.PI on Dec 2, 2010 8:18 PM

Any suggestions

InternalError: DES Decryption error

**PLEASE HELP** I recenty did an extension update from MCE 1.2.1 to 1.2.2 for both the 1.2.2 framework and provider. It resolved my previous ExceptionInInitializerError of 'Cannot set up certs for trusted CAs.' I'm now getting an InternalError or "DES Decryption error
at com.marconi.soc.util.Des3.decrypt (Des3.java:114)
at com.marconi.soc.util.Crypt3.decrypt (Crypt3:java:51)
and so on.
This occurs after starting Openview's NNM which is integrated with Marconi's NMS app, ServiceOn Data (ver2.2).
I'm not a software or java person so I desperately need some expert help from this forum.
I believe we're using jre 1.2 thru 1.4 ( each NMS app uses a different jre version, I think). It all worked fine before the JCE expired.

Hi,
MDN (Message Disposition Notifications) is nothing but an Exchange Level acknowledgement. MDN ensures the sender of the document that the recipient has successfully received the document. The sender specifies how the MDN is to be sent back (either synchronously or asynchronously, and signed or unsigned). MDN provides the "Non-repudiation" element of AS2
In case, recipient is able to read the received message successfully a success MDN is sent back otherwise a failed MDN is sent back. Not getting any MDN back also indicates a failure.
Ask your tp to check the information he/she received in MDN.
Regards,
Anuj

Help with DES decryption

Hello !
I wrote the code for DES Encryption , which i have tested and works perfectly, consistent with the results expected.
But I have not been able to implement the decryption process correctly asI have not yet understood the way i need to shift the order of keys , or their elements.I tried reversing the left shifting sequence , but it didn't solve the problem
Please suggest something .I just need to understand the exact process used for decryption.
Many Thanks..

@dstuz
I haven't been reinventing the wheel , but I have been working out the DES code on my own.
I have already coded the application for encryption & it works perfectly- thoroughly verified.
Now since i have been looking to finish the cipher by implementing the Decryption stage..i am stuck because there isn't enough info available to actually clarify my doubt.Some variation has to be made in the way we apply keys to the Right Expanded array but i haven't quite figured out how..
I can do the coding on my own..infact 90% of the coding is finished
FYI.
Its just this last step , where i have been stuck , trying to figure out how the last step is to be done.
I just need help to exactly understand the process & lend the finishing touch to the cipher.

DES Decryption Code Review / Not Running

Hi,
I'm trying to do the following in a java program:
-Read a DES key from the a file generated by my client
-Use the incoming DES key to decrypt an incoming message from socket s
-Print out the message
I've gotten it started, but I just don't know what else I'm missing.
Thanks,
James
import java.io.*;
import java.net.*;
import java.security.*;
import javax.crypto.*;
public class CipherServer
     public static void main(String[] args) throws Exception
          int port = xxxx;    //I purposely changed to xxxx for privacy
          ServerSocket server = new ServerSocket(port);
          Socket s = server.accept();
          //Read the key from the file
          ObjectInputStream in=new ObjectInputStream(new FileInputStream("des.key"));
          key=(Key)in.readObject();
          in.close();
          //Decrypt
          Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
          cipher.init(Cipher.DECRYPT_MODE, key);
          //Printing the message
          System.out.println(message);
}

Hi,
Thanks for the reply Sabre150. Here's the client side of my program and how it's sent, if it helps:
import java.io.*;
import java.net.*;
import java.security.*;
import javax.crypto.*;
public class Ciphert
     public static void main(String[] args) throws Exception
          String message = "Hi John, how are you?";
          String host = "xxx.xxx.xxx";
          int port = xxxx;
          Socket s = new Socket(host, port);
          //DES Key Generation
          KeyGenerator generator= KeyGenerator.getInstance("DES");
          generator.init(new SecureRandom());
          key=generator.generateKey();
          //Storage of DES Key to File
          ObjectOutputStream out=new ObjectOutputStream(new FileOutputStream("des.key"));
          out.writeObject(key);
          out.close();
          //usage of ObjectOutputStream to communicate with the server
          ObjectOutputStream outSocket = new ObjectOutputStream(cipherOut);
          //Encrypt the message above using the key and send it over socket s to the server
          Cipher cipher=Cipher.getInstance("DES/ECB/PKCS5Padding");
          cipher.init(Cipher.ENCRYPT_MODE, key);
          //Passing the encrypted message over socket s to the server
          CipherOutputStream cipherOut = new CipherOutputStream(s.getOutputStream(), cipher);
}

DES decryption

Hi,
If I have a file that is DES encrypted and I know the String key value e.g. "8AE.B(,5". How can I decript the file?
Thanks in advance.
PS I also need to GUNZIP this afterwards...
String x = "8AE.B(,51";
byte[] keyBytes = x.getBytes();
SecretKey key = new SecretKeySpec(keyBytes, "DES");Is this the correct way to use the String key??

Will this type of code help?
e465. Converting a 56-bit Value to a DES Key
The DES encrypter/decrypter requires a 64-bit key where only 56-bit are significant. The other 8-bit are parity bits used to ensure that the key has not been corrupted. To make the 64-bit key, the 56-bit value is broken up into 7-bit chunks. Each 7-bit chunk is moved into an 8-bit slot taking up the most significant bit positions. The least significant bit (the parity bit) is set to either 1 or 0 in order to make the quantity of 1 bits in the byte an odd number.
This example implements a method to convert a 56-bit value into a valid DES key. Such a method could be used to convert a 7-character string password to a valid DES key.
See also e462 Encrypting a String with DES.
    // Takes a 7-byte quantity and returns a valid 8-byte DES key.
    // The input and output bytes are big-endian, where the most significant
    // byte is in element 0.
    public static byte[] addParity(byte[] in) {
        byte[] result = new byte[8];
        // Keeps track of the bit position in the result
        int resultIx = 1;
        // Used to keep track of the number of 1 bits in each 7-bit chunk
        int bitCount = 0;
        // Process each of the 56 bits
        for (int i=0; i<56; i++) {
            // Get the bit at bit position i
            boolean bit = (in[6-i/8]&(1<<(i%8))) > 0;
            // If set, set the corresponding bit in the result
            if (bit) {
                result[7-resultIx/8] |= (1<<(resultIx%8))&0xFF;
                bitCount++;
            // Set the parity bit after every 7 bits
            if ((i+1) % 7 == 0) {
                if (bitCount % 2 == 0) {
                    // Set low-order bit (parity bit) if bit count is even
                    result[7-resultIx/8] |= 1;
                resultIx++;
                bitCount = 0;
            resultIx++;
        return result;
    // Get the 56-bit value
    byte[] raw = new byte[]{0x01, 0x72, 0x43, 0x3E, 0x1C, 0x7A, 0x55};
    byte[] keyBytes = addParity(raw);
    // You can check that the parity has been set properly
    try {
        boolean b = DESKeySpec.isParityAdjusted(keyBytes, 0);
    } catch (java.security.InvalidKeyException e) {
        // The DES is invalid
    // Convert the bytes into a SecretKey suitable for use by Cipher
    SecretKey key = new SecretKeySpec(keyBytes, "DES");

Problem with DES Decryption of String - Need Urgent Help

Hi,
I created this program to encrypt and decrypt a string using DES algorithm but somehow I keep getting an exception. The code is given below.
/* ASCryptography.java*/
import javax.crypto.*;
import javax.crypto.spec.*;
import java.security.*;
import java.io.*;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class ASCryptography
     public static String[] encryptPassword(String password)
          String returnvalue[] = new String[2];
          try
               KeyGenerator keygen = KeyGenerator.getInstance("DES");
               SecretKey skey = keygen.generateKey();
               byte[] bytekey = skey.getEncoded();
               returnvalue[0] = new BASE64Encoder().encode(bytekey);
               Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
               cipher.init(Cipher.ENCRYPT_MODE, skey);
               byte[] bytepassword = password.getBytes();
               byte[] byteencryptedpassword = cipher.doFinal(bytepassword);
               returnvalue[1] = new BASE64Encoder().encode(byteencryptedpassword);
          catch(Exception err)
          return (returnvalue);
     public static String decryptPassword(String key, String encryptedpassword)
          String password = null;
          try
               Cipher decipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
               byte[] bytekey = new BASE64Decoder().decodeBuffer(key);
               SecretKey skey = new SecretKeySpec(bytekey, "DES");
               decipher.init(Cipher.DECRYPT_MODE, skey, decipher.getParameters());   /* Netbeans detected the error to be in this part*/
               byte[] byteencryptedpassword = new BASE64Decoder().decodeBuffer(encryptedpassword);
               byte[] bytedecryptedpassword = decipher.doFinal(byteencryptedpassword);
               password = new String(bytedecryptedpassword);
          catch(Exception err)
               System.out.println(err);
          return password;
}The methods of this class are used by another class given below.
/*Crypt.java*/
public class Crypt
     public static void main(String[] args)
          String password = "pic01234";
          String value[] = new String[2];
          value = ASCryptography.encryptPassword(password);
          System.out.println(value[0]);
          System.out.println(value[1]);
          String returnedvalue = ASCryptography.decryptPassword(value[0], value[1]);
          System.out.println(returnedvalue); //the returned value remains null
          System.out.println(returnedvalue.length()); // This generates a null pointer exception coz of above.
}Now whenever I run the Crypt.java program the Netbeans IDE gives the following as output
jL+Fg2EBp9Y=
LOhqKHoJRkKWc76IkU4q/A==
java.security.InvalidAlgorithmParameterException: Parameters missing
null
Exception in thread "main" java.lang.NullPointerException
I used the Step in tool of Netbeans and came out with the following conclusion
1. The first 2 strings are the encrypted key and the password string so encryption is working fine.
2. All is fine till the decipher.init(Cipher.DECRYPT_MODE, skey, decipher.getParameters()); part is encountered at this point the java.security.InvalidAlgorithmParameterException: Parameters missing is thrown.
3.The NullPointerException is caused due to the null value stored in returnedvalue
Can anyone help me out with this one I have been trying to solve for the past 6 hours.
Thanks!

Also -
1) Using an array to return a compound result is at best poor. You should really define a class as a container for your encryption result.
2) Since you generate and return a new key for each password, where are you going to store the key. If you store it in the same place (database ?) as the encrypted password then this is just the same as not encrypting the password because anyone with with access to the encrypted password will also have access to the key!

I cant install CS6 Des STd using AAME on win 7

I kick off the install and it quits soon after, the package is 64 bit. When I create an identical package with 32 bit it install just fine on Xp.

Hi,
A 32 bit package should be deployed only on 32 bit machines and a 64 bit package should be deployed only on 64 bit machnies. Any mismatch can result in errors. Can you please send the PDApp.log file to [email protected] from the machine where the deployment is failing. This file is formed at %temp%\PDApp.log. This will help us narrow down the exact reason of a 64 bit package.
Thanks,
Saransh katariya | Adobe Systems | [email protected]

Decrypting PEM file using Triple DES

Hi all,
I am trying to decrypt a Triple DES encrypted RSAPrivateKey stored in PEM format in a file. How do I get the DES key to initialize the Cipher. I am using the following code to get the IV from the file and get the DES key using pass phrase. But I get the message
java.lang.SecurityException: Unsupported keysize or algorithm parameters
Can someone help me.
Thanks in advance,
Trilok.
// Gets the IV params from the RSAPrivate key PEM file.
// Uses the last 16 digits in this line to get the IV.
// DEK-Info: DES-EDE3-CBC,4A90C209D3A81791
private IvParameterSpec getIV(String s) { // here s = 4A90C209D3A81791
byte[] ivBytes = new byte[8];
for (int j=0; j<8; j++) {
ivBytes[j] = (byte)Integer.parseInt(s.substring(j*2, j*2 + 2), 16);
return new IvParameterSpec(ivBytes);
private SecretKeySpec getSecretKey(byte [] pwd, byte [] iv)
throws NoSuchAlgorithmException {
     byte[] keyMat = new byte[24];
     MessageDigest md = MessageDigest.getInstance("MD5");
     md.update(pwd);
     md.update(iv);
     byte[] data = md.digest();
     System.arraycopy(data, 0, keyMat, 0, 16);
     md.update(data);
     md.update(pwd);
     md.update(iv);
     data = md.digest();
     System.arraycopy(data, 0, keyMat, 16, 8);
     return new SecretKeySpec(keyMat, encAlg);
}

Hi trilok,
Please let me know what JCE provider you are using for decrypting the Key.
Please make sure that you have made the static or dynamic registration properly.
For Static registration:
Please go to JAVA_HOME/jre/lib/security/java.security
Please edit
security.provider.1=sun.security.provider.Sun
For Dynamic Registration
Security.addProvider(new com.sun.crypto.provider.SunJCE());
Also please refer this URL, which is the third party provider which supports RSA.
http://www.bouncycastle.org/latest_releases.html
I hope this will help you.
Thanks
Bakrudeen
Technical Support Engineer
Sun MicroSystems Inc, India

Encryption/Decryption failure for pdf and MSWord files

Hi,
Is there anybody to help me to find out what is wrong with my class (listing below)? I am sucessfuly using this class to encrypt and decrypt txt, html files but for unknown reasons I am unable to use it for e.g. pdf files. The encrypion somehow works but any atempt to decrypt is a failure.
/* This class accepts an input file, encrypts/decrypts it using DES algorithm and
writes the encrypted/decrypted output to an output file. DES is used in Cipher
Block Chaining mode with PKCS5Padding padding scheme. Note that DES is a symmetric
block cipher that uses 64-bit keys for encryption. A password of length no less
than 8 is to be passed to the encryptFile/ decryptFile methods. This password is
used to generate the encryption key. All exception handling is to be done by
calling methods. These exceptions are thrown by encryptFile/ decryptFile methods.
The input buffer is 64 bytes, 8 times the key size.
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.security.*;
import java.security.spec.*;
public class Crypto
public Crypto(FileInputStream inStream_, FileOutputStream outStream_)
fInputStream_ = inStream_;
fOutputStream_ = outStream_;
public void encryptFile(String password_) throws InvalidKeySpecException, InvalidKeyException,
InvalidAlgorithmParameterException, IllegalStateException, IOException, Exception
DataOutputStream dataOutStream_ = new DataOutputStream(fOutputStream_);
// key generation
SecretKey encryptKey_ = createEncryptionKey(password_);
// Cipher initialization
Cipher cipher_= Cipher.getInstance(cipherType);
cipher_.init(Cipher.ENCRYPT_MODE, encryptKey_);
// write initialization vector to output
byte[] initializationVector_ = cipher_.getIV();
dataOutStream_.writeInt(initializationVector_.length);
dataOutStream_.write(initializationVector_);
// start reading from input and writing encrypted data to output
while (true) {
inputLength_ = fInputStream_.read(input_);
if (inputLength_ ==-1) break;
byte[] output_ = cipher_.update(input_, inputOffset_, inputLength_);
if (output_ != null)
dataOutStream_.write(output_);
// finalize encryption and wrap up
byte[] output_ = cipher_.doFinal();
if (output_ != null)
dataOutStream_.write(output_);
fInputStream_.close();
dataOutStream_.flush();
dataOutStream_.close();
public void decryptFile(String password_) throws IllegalStateException, IOException, Exception
DataInputStream dataInStream_ = new DataInputStream(fInputStream_);
// key generation
SecretKey encryptKey_ = createEncryptionKey(password_);
// read initialization vector from input
int ivSize_ = dataInStream_.readInt();
byte[] initializationVector_ = new byte[ivSize_];
dataInStream_.readFully(initializationVector_);
IvParameterSpec ivParamSpec_= new IvParameterSpec(initializationVector_);
// Cipher initialization
Cipher cipher_= Cipher.getInstance("DES/CBC/PKCS5Padding");
cipher_.init(Cipher.DECRYPT_MODE, encryptKey_, ivParamSpec_);
// start reading from input and writing decrypted data to output
while (true) {
inputLength_ = fInputStream_.read(input_);
if (inputLength_ ==-1) break;
byte[] output_ = cipher_.update(input_, inputOffset_, inputLength_);
if (output_ != null)
fOutputStream_.write(output_);
// finalize decryption and wrap up
byte[] output_ = cipher_.doFinal();
if (output_ != null)
fOutputStream_.write(output_);
fInputStream_.close();
fOutputStream_.flush();
fOutputStream_.close();
// the following method creates the encryption key using the supplied password
private SecretKey createEncryptionKey(String passwd_) throws InvalidKeySpecException,
InvalidKeyException, NoSuchAlgorithmException
byte[] encryptionKeyData_ = passwd_.getBytes();
DESKeySpec encryptionKeySpec_ = new DESKeySpec(encryptionKeyData_);
SecretKeyFactory keyFactory_ = SecretKeyFactory.getInstance(algorithm_);
SecretKey encryptionKey_ = keyFactory_.generateSecret(encryptionKeySpec_);
return encryptionKey_;
private FileInputStream fInputStream_;
private FileOutputStream fOutputStream_;
private final String algorithm_= "DES";
private final String cipherType= "DES/CBC/PKCS5Padding";
private byte[] input_ = new byte[64]; // The input buffer size is 64
private int inputLength_;
private final int inputOffset_= 0;
}

Please can u give me refined code for me///
at [email protected]
Hi,
I found at least one thing wrong. In the decrypt
method you are reading from 'fInputStream_' rather
than 'dataInStream'.
Worked for me on MSWord after changing this!
Roger
// start reading from input and writing decrypted
ted data to output
while (true) {
inputLength_ = fInputStream_.read(input_);
if (inputLength_ ==-1) break;
byte[] output_ = cipher_.update(input_,
input_, inputOffset_, inputLength_);
if (output_ != null)
fOutputStream_.write(output_);

Decrypting data from Oracle 8.1.7.4 outside the database

I need to decrypt some data that is DES encrypted using Oracle 8i (8.1.7.4) and the DBMS Obfuscation Toolkit, outside of the database where it was encrypted, and I hope someone here might have some hints on how I can achieve that.
I have currently experimented with both encrypting and decrypting the same data using the obfuscation toolbit, Perl (Crypt::CBC / Crypt::EBC) and PHP (mcrypt), getting pretty much identical results from the latter. They do, however, not match what I see using the obfuscation toolkit, so the must be something here I don't quite understand.
From what I have gathered, the obfuscation toolkit encrypts the data using
* CBC
* Initialization vector consisting of 8 chr(0)'s
* Padding using spaces to achieve an encryption string of a multiple of 8 bytes.
Below I'm including 1) The PL/SQL code which is used to encrypt the data (des_encrypt_hex()), 2) the PHP code I used to test encryption. When trying to encode the same string using the obfuscation toolkit and PHP, I end up with completely different HEX values. I have also tried several variations of both this PHP code and the Perl code, using various other kinds of padding and chaining modes, but no luck.
If anyone could give me some pointers as to what I am doing wrong here, I'd be really grateful.
1)
================================================================================
FUNCTION des_encrypt
( string_in in VARCHAR2) RETURN VARCHAR2
IS
l_data varchar2(2000);
key_check_flag number;
l_encrypted_string varchar2(2000);
BEGIN
-- the key and the input data must have a length
-- divisible by eight (the key must be exactly 8 bytes long).
l_data := RPAD(string_in,(TRUNC(LENGTH(string_in)/8)+1)*8,CHR(32));
key_check_flag := mod(length(des_key_string),8);
IF key_check_flag != 0 then
RAISE_APPLICATION_ERROR(-20199,'Key should be 8 char long');
END IF;
-- Encrypt the input string
DBMS_OBFUSCATION_TOOLKIT.DESENCRYPT
( input_string => l_data,
key_string => des_key_string,
encrypted_string => l_encrypted_string);
RETURN l_encrypted_string;
END;
FUNCTION des_encrypt_hex
( string_in in VARCHAR2) RETURN VARCHAR2
IS
l_encrypted_string varchar2(2000);
BEGIN
l_encrypted_string := des_encrypt(string_in);
l_encrypted_string := rawtohex(UTL_RAW.CAST_TO_RAW(l_encrypted_string));
RETURN l_encrypted_string;
END;
===============================================================================
And the way I call it:
DECLARE
     RETURN_VALUE VARCHAR2(2000) := '-';
     STRING_IN VARCHAR2(2000) := '12345678901';
BEGIN
     RETURN_VALUE := KATALOG.PKG_PRKCRYPTO.DES_ENCRYPT_HEX(STRING_IN);
     DBMS_OUTPUT.PUT('RETURN_VALUE: ');
     DBMS_OUTPUT.PUT_LINE(RETURN_VALUE);
     DBMS_OUTPUT.PUT('STRING_IN: ');
     DBMS_OUTPUT.PUT_LINE(STRING_IN);
END;
GO
===============================================================================
2)
<?php
$space = chr(32);
$null = chr(0);
$key = "xxxxxxxx";
$input = "12345678901$space$space$space$space$space";
$iv = "$null$null$null$null$null$null$null$null";
print bin2hex(mcrypt_cbc(MCRYPT_DES, $key, $input, MCRYPT_ENCRYPT, $iv));
?>

I might have been unclear in my initial post, but I do have the DES encryption key used on the Oracle side. If you got that part, then my question would be: Is the Oracle 8.1.7.4 DES encryption incompatible with every other DES encryption implementation out there?

Having Trouble Correctly Encrypting Email Addresses Using DES

Hi, I am having some problems when I try to encrypt email addresses using DES encryption. I can't really find a solution to the problem. Any help would be appreciated.
//String Encryptor. Takes a string and returns it's equivalent DES encryption.
    private String encrypter(String str)
        try
            byte[] word = str.getBytes("UTF8");
            byte[] encryptedString = this.encrypt.doFinal(word);
            return new String(encryptedString);
        catch(Exception e)
            e.printStackTrace();
        return null;
//String decryptor: Takes an encrypted string and returns its equivalent DES decrypted string
    private String decrypter(String str)
        try
            byte[] encryptedString = str.getBytes();
            byte[] word = this.decrypt.doFinal(encryptedString);
            return new String(word);
        catch (Exception e)
            e.printStackTrace();
        return null;
        }This is a simple input and output:
Input: [email protected]
Out: Qnõ £¥Å¼'v(úR»ñ]{&õa?´n±

You don't say what your problem is but this code is an example of the number 1 problem reported in this forum. String is not a suitable container for binary data and encrypted data returned by          byte[] encryptedString = this.encrypt.doFinal(word);
is definitely binary data and should not be converted to a String using new String(encryptedString);The basic problem is that for the majority of character encodings the transformation
bytes -> String -> bytesdoes not produced the original bytes.

W2k3 Auth failed with KRB5KDC_ERR_ETYPE_NOSUPP when using DES

We are authenticating users on AD server 2k3, and the users are setup in AD to use DES (checked "Use DES encryption types for this account" in user properties).
It failed somehow with ETYPE_NOSUPP. From the packet capture, I can find KRB5 AS-REQ contains des-cbc-crc/des-cbc-md5/des-cbc-md4 as encryption types.
This is the request:
++++++++++ REQUEST ++++++++++++++++
Kerberos AS-REQ
Pvno: 5
MSG Type: AS-REQ (10)
padata: PA-ENC-TIMESTAMP
Type: PA-ENC-TIMESTAMP (2)
Value: 303ba003020117a2340432482d36ca7556ebf719421fc8b4... rc4-hmac
Encryption type: rc4-hmac (23)
enc PA_ENC_TIMESTAMP: 482d36ca7556ebf719421fc8b4530cfea187d35318fd63bd...
KDC_REQ_BODY
Padding: 0
KDCOptions: 00000010 (Renewable OK)
.0.. .... .... .... .... .... .... .... = Forwardable: Do NOT use forwardable tickets
..0. .... .... .... .... .... .... .... = Forwarded: This is NOT a forwarded ticket
...0 .... .... .... .... .... .... .... = Proxiable: Do NOT use proxiable tickets
.... 0... .... .... .... .... .... .... = Proxy: This ticket has NOT been proxied
.... .0.. .... .... .... .... .... .... = Allow Postdate: We do NOT allow the ticket to be postdated
.... ..0. .... .... .... .... .... .... = Postdated: This ticket is NOT postdated
.... .... 0... .... .... .... .... .... = Renewable: This ticket is NOT renewable
.... .... ...0 .... .... .... .... .... = Opt HW Auth: False
.... .... .... ..0. .... .... .... .... = Constrained Delegation: This is a normal request (no constrained delegation)
.... .... .... ...0 .... .... .... .... = Canonicalize: This is NOT a canonicalized ticket request
.... .... .... .... .... .... ..0. .... = Disable Transited Check: Transited checking is NOT disabled
.... .... .... .... .... .... ...1 .... = Renewable OK: We accept RENEWED tickets
.... .... .... .... .... .... .... 0... = Enc-Tkt-in-Skey: Do NOT encrypt the tkt inside the skey
.... .... .... .... .... .... .... ..0. = Renew: This is NOT a request to renew a ticket
.... .... .... .... .... .... .... ...0 = Validate: This is NOT a request to validate a postdated ticket
Client Name (Principal): test
Name-type: Principal (1)
Name: test
Realm: SRV.MYTESTSERVER.LOC
Server Name (Unknown): krbtgt/SRV.MYTESTSERVER.LOC
Name-type: Unknown (0)
Name: krbtgt
Name: FP.DEREKTESTING.COM
from: 2011-04-07 08:10:06 (UTC)
till: 2011-04-08 08:10:06 (UTC)
Nonce: 1302163806
Encryption Types: aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 rc4-hmac des-cbc-crc des-cbc-md5 des-cbc-md4
Encryption type: aes256-cts-hmac-sha1-96 (18)
Encryption type: aes128-cts-hmac-sha1-96 (17)
Encryption type: des3-cbc-sha1 (16)
Encryption type: rc4-hmac (23)
Encryption type: des-cbc-crc (1)
Encryption type: des-cbc-md5 (3)
Encryption type: des-cbc-md4 (2)
++++++++++ REQUEST ++++++++++++++++
And this is the response:
++++++++++ RESPONSE ++++++++++++++++
Kerberos KRB-ERROR
Pvno: 5
MSG Type: KRB-ERROR (30)
stime: 2011-04-07 08:10:06 (UTC)
susec: 247525
error_code: KRB5KDC_ERR_ETYPE_NOSUPP (14)
Realm: SRV.MYTESTSERVER.LOC
Server Name (Unknown): krbtgt/SRV.MYTESTSERVER.LOC
Name-type: Unknown (0)
Name: krbtgt
Name: SRV.MYTESTSERVER.LOC
e-data
padata: PA-ENCTYPE-INFO
Type: PA-ENCTYPE-INFO (11)
Value: 30443020a003020103a119041746502e444552454b544553... des-cbc-md5 des-cbc-crc
Encryption type: des-cbc-md5 (3)
Salt: 46502e444552454b54455354494e472e434f4d6a69616e
Encryption type: des-cbc-crc (1)
Salt: 46502e444552454b54455354494e472e434f4d6a69616e
++++++++++ RESPONSE ++++++++++++++++
What could have possibly gone wrong? I also tried to reset the passwords of administrator and the user and restart the kdc services. It didn't help.
Thanks.

I am not sure, the exact behaviour must be specified somewhere, but I was not able to find any precise documentation on the topic. It may be, that the DC preferes AES if allowed by the client and it may colide with the setting on the user account.
Anyway, why do you use the checkbox at all? If you wanted to enforce DES, you could have enabled the "System Cryptography: Use FIPS compliant algorithms for encryption, hashing and siging" policy which would switch the whole environment to DES or AES automatically.
The user account setting is meant to only those accounts that are used by non-windows services IMHO.
ondrej.

DES Encryption compatibility between Microsoft dot Net and Java

Hi,
I have a situation that a Secret key is shared between two components like Core and the Customer. The customer encrypts a particular data using DES algorithm using the shared secret key. The customer uses Microsoft dot Net framework to do this. The encrypted data comes to core part which has been developed in Java. I want to know whether it is possible to decrypt the data value using DES algorithm which is coming from Dot Net platform. By the way I am getting different values. I want to know whether the byte[] in Java and Dot Net are same. Please provide me relevent answers to this question. Is it possible to make interaction with the cryptography between two differnet environments like Java and Microsoft Dot Net. I mean only DES algorithm.

DebadattaMishra wrote:
Hi,
I have a situation that a Secret key is shared between two components like Core and the Customer. The customer encrypts a particular data using DES algorithm using the shared secret key.Yuk! That is what SSL is for.
The customer uses Microsoft dot Net framework to do this. The encrypted data comes to core part which has been developed in Java. I want to know whether it is possible to decrypt the data value using DES algorithm which is coming from Dot Net platform. Yes though there are many pitfalls. The devil is in the detail of the .NET code. I would not tackle this without access to the full .NET encryption code.
By the way I am getting different values.This is not surprising since, as I said above, there are many pitfalls. The.NET documentation is poor at best and in some cases is very very misleading. Some of the .NET methods involved in key generation have obscure semantics and only after a very careful reading of lots of MS documentation did I start to understand the semantics.
I want to know whether the byte[] in Java and Dot Net are same. You should compare the 'bits' of each byte and not the numeric values since Java uses signed bytes.
Please provide me relevent answers to this question.This is not your call. Anyone is free to post answers as long as they follow the forum code of conduct.
Is it possible to make interaction with the cryptography between two differnet environments like Java and Microsoft Dot Net. I mean only DES algorithm.Of course!

Problems turning bytes back into a des key

hi there-
i'm writing a client/server application the uses encryption to send files back and forth. i have been able to get my program to receive certificates from the client and server. i have generated a des key using:
KeyGenerator kg = KeyGenerator.getInstance("DES");
java.security.Key secretkey = kg.generateKey();
and I want to send that to the server, encrypted with the public key. i'm trying to do it like this:
Cipher cipher = Cipher.getInstance("RSA");
cipher.init ( Cipher.ENCRYPT_MODE, key); //key is the public key
theBytes [] = secretkey.getEncoded(); //send secretkey
bytesEncrypted [] = cipher.doFinal(theBytes);
outToServer.writeInt(bytesEncrypted.length);
outToServer.write(bytesEncrypted);
the problem is, once i transmit the des key and decrypt it with the private key, i dont know how to turn it back into a des key from the bytes. can someone help me out bigtime and let me know how i can go about doing this?
thanks a bunch!

In followup to my previous reply, here is the sample code.
import java.security.spec.KeySpec;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
public class SecretKeyTest {
     public static void main(String[] args) throws Exception {
          System.out.println(System.getProperty("java.version"));
          KeyGenerator kg = KeyGenerator.getInstance("DES", "SunJCE");
          SecretKey sk1 = kg.generateKey();
          System.out.println(sk1);
          byte [] sk1Bytes = sk1.getEncoded();
          SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
          KeySpec spec = new DESKeySpec(sk1Bytes);
          SecretKey sk2 = skf.generateSecret(spec);
          System.out.println(sk1.equals(sk2) ? "Equal" : "Not Equal");
}

DES Decryption using a decrypt id

Similar Messages

Maybe you are looking for