4

I'm trying to migrate the oracle method dbms_obfuscation_toolkit.DES3Encrypt to a Java Function. My problem is that I don't get the same encrypted value in both scenes.

For this procedure in Oracle:

set serveroutput on;
declare
input raw(128);
encrypted raw(2048);
cadena varchar2(60);
begin
dbms_obfuscation_toolkit.DES3Encrypt(
input => utl_raw.cast_to_raw('TESTDATATESTDATATESTDATA'), 
key => utl_raw.cast_to_raw('GD6GTT56HKY4HGF6FH3JG9J5F62FT1'), 
encrypted_data => encrypted
);
dbms_output.put_line(rawtohex(encrypted));
end;

I get this output:

8A2E6792E39B0C850377F9A0E054033963F979E4A3FBA25B

However, with this Java class:

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;


public class TripleDes2 
{
    private static final String PLAIN_TEXT = "TESTDATATESTDATATESTDATA";
    private static final String SHARED_KEY = "GD6GTT56HKY4HGF6FH3JG9J5F62FT1";

   public static void main(String args []) throws Exception

{

    String algorithm = "DESede";
    String transformation = "DESede/CBC/PKCS5Padding";

    byte[] keyValue = SHARED_KEY.getBytes("UTF-8");

    DESedeKeySpec keySpec = new DESedeKeySpec(keyValue);

    IvParameterSpec iv = new IvParameterSpec(new byte[8]);

    SecretKey key = SecretKeyFactory.getInstance(algorithm).generateSecret(keySpec);
    Cipher encrypter = Cipher.getInstance(transformation);
    encrypter.init(Cipher.ENCRYPT_MODE, key, iv);

    byte[] input = PLAIN_TEXT.getBytes("UTF-8");

    byte[] encrypted = encrypter.doFinal(input);

    System.out.println(new String(Hex.encodeHex(encrypted)).toUpperCase());
}
}

I'm getting this value:

82EBC149F298DE55E4FF1540615E60ACDB7743FE79CD2CF4BB6FD232893F83D0

I'm not sure if my Java Code is right. Can you help me?

Thank you very much.

Alberto Vergel
  • 71
  • 1
  • 5

1 Answers1

3

This is my final code, it works like a charm:

import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.util.Arrays;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;

public class TripleDes3 {
    private Cipher cipher = null;
    private SecretKey key = null;
    private byte[] bytes = null;
    private IvParameterSpec iv = null;

    public static void main(String[] args) throws Exception {
        try {
            String hexKey = "GD6GTT56HKY4HGF6FH3JG9J5";
            //TripleDes3 encryptor = new TripleDes3(new String(Hex.decodeHex(hexKey.toCharArray())));
            TripleDes3 encryptor = new TripleDes3(hexKey);
            String original = "ABC";
            System.out.println("Oringal: \"" + original + "\"");

            String enc = encryptor.encrypt(original);
            System.out.println("Encrypted: \"" + enc.toUpperCase() + "\"");

            String dec = encryptor.decrypt(enc);
            System.out.println("Decrypted: \"" + dec.toUpperCase() + "\"");

            if (dec.equals(original)) {
                System.out.println("Encryption ==> Decryption Successful");
            }
        } catch (Exception e) {
            System.out.println("Error: " + e.toString());
        }
    }

    public TripleDes3(String encryptionKey) throws GeneralSecurityException, DecoderException {
        cipher = Cipher.getInstance("DESede/CBC/NoPadding");
        try {
            key = new SecretKeySpec(encryptionKey.getBytes("ISO8859_15"), "DESede");
            iv = new IvParameterSpec(Hex.decodeHex("0123456789abcdef".toCharArray()));

        } catch (UnsupportedEncodingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }

    public String encrypt(String input) throws GeneralSecurityException, UnsupportedEncodingException {
        bytes = input.getBytes("ISO8859_15");
        bytes = Arrays.copyOf(bytes, ((bytes.length+7)/8)*8);
        return new String(Hex.encodeHex(encryptB(bytes)));
    }

    public String decrypt(String input) throws GeneralSecurityException, DecoderException, UnsupportedEncodingException {
        bytes = Hex.decodeHex(input.toCharArray());
        String decrypted = new String(decryptB(bytes), "ISO8859_15");
        if (decrypted.indexOf((char) 0) > 0) {
            decrypted = decrypted.substring(0, decrypted.indexOf((char) 0));
        }
        return decrypted;
    }

    public byte[] encryptB(byte[] bytes) throws GeneralSecurityException {
        cipher.init(Cipher.ENCRYPT_MODE, (Key) key, iv);
        return cipher.doFinal(bytes);
    }

    public byte[] decryptB(byte[] bytes) throws GeneralSecurityException {
        cipher.init(Cipher.DECRYPT_MODE, (Key) key, iv);
        return cipher.doFinal(bytes);
    }
}

And this is the Oracle Code:

   DECLARE
      v_data   VARCHAR2(255);
      v_retval RAW(255);
      p_str   VARCHAR2(255);
      p_key RAW(255);
   BEGIN
      p_str := 'ABC';
      p_key := utl_raw.cast_to_raw('GD6GTT56HKY4HGF6FH3JG9J5F62FT1');
      v_data := RPAD(p_str, CEIL(LENGTH(p_str)/8)*8, CHR(0));
      dbms_obfuscation_toolkit.DES3Encrypt
         (
            input => utl_raw.cast_to_raw(v_data),
            key   => p_key,
            which => 1,
            encrypted_data => v_retval
         );
      dbms_output.put_line(v_retval);
   END;
Alberto Vergel
  • 71
  • 1
  • 5
  • Wondering how you managed to figure out the default initialization vector that Oracle uses? Was trying to do a similar thing in python and was stuck on that until I found this post. – MBryn Nov 21 '16 at 22:20