Skip to main content

3DES/Base64 encryption in java

Last week I need to post data in xml format to one server. For security reason one node[xml] require 3DES encryption and encode to Base64 before send. It's a good idea to encrypt sensitive data before store in database or transfer over internet but I'm not even know what 3DES is. After some search, I found that it's not too hard.

This post is about how i encrypt data in java. 3DES algorithm use symetric key[secret key] to encrypt or decrypt data. So..

First define a key [ length must be 24 bytes ]. I do this by getBytes() from random string. 
byte [] seed_key = (new String("er48nsjhwlG593mjhgdb20ih")).getBytes()

create Cipher object
SecretKeySpec keySpec = new SecretKeySpec(seed_key,"TripleDES");
Cipher nCipher=Cipher.getInstance("TripleDES");
nCipher.init( Cipher.ENCRYPT_MODE, keySpec );

Cipher class provides the functionality of a cryptographic cipher for encryption and decryption. To create cipher object, pass transformation to getInstance method.
Transformation can be in form like "algorithm/mode/padding" or only "algorithm".
for 3DES, algorithm can be "DESede" or "TripleDES". In experiment both give me the same result so I specify only algorithm as "TripleDES".

Now encrypt plaintext and get our cipher bytes by
String plaintxt="My SECRET WORD";
byte[] cipherbyte = cipher.doFinal(plaintxt.getBytes());

From cipher bytes. Our text is encrypted. To be easy to manage[send over internet or store in db] I will transform it with Base64[package from commons codec]
String encodeTxt = new String(Base64.encodeBase64(rawbyte));

Now decryption is just reverse the things we do for encryption, getBytes() from encodeTxt, decode with Base64 class, and doFinal() will give you decrypt text.
Note that for decryption, cipher object will init in DECRYPT_MODE.
nCipher.init( Cipher.DECRYPT_MODE, keySpec );
byte [] encData = Base64.decodeBase64(encodeTxt.getBytes());
decryptedtxt = nCipher.doFinal(encData);
Labels:

Comments

Anonymous said…
Thanks. I will your tip for doing my homework.
February 20, 2008 at 3:35 PM
Anonymous said…
thanks for the tip, well done
February 25, 2008 at 11:07 AM
Michele said…
Hi ! Many thanks for your post. It helped me to understand many things, but I still need some hints and maybe you could help me. How can I decrypt 3des/base64 data stored on a database ? I've two byte[] keys, an IV and the Key but I don't know how to use in my code...I'm really new to java and I'm using Netbeans to interface a simple form to database.
Do you have any tip, link, suggestion for me ? Thank you really much !

Michele
April 8, 2008 at 12:31 AM
pnix said…
Hi OrrendiNinnoli, first sorry for late reply just too busy. i know not much about this too :( . Anyway [i think] to do your job, first you should understand about symmetric and asymmetric cryptography
http://en.wikipedia.org/wiki/Symmetric-key_algorithm
http://en.wikipedia.org/wiki/Public-key_cryptography

then see how to implement it in java
http://java.sun.com/javase/6/docs/technotes/guides/se
curity/certpath/CertPathProgGuide.html
April 9, 2008 at 11:37 PM
Michele said…
Hi pnix ! Thanks for your reply, I'm going to read better JCE documentation and examples I found on the web. Maybe your piece of code could work if I change "String EncodeTxt" from your example pointing to a db string value...maybe, not sure, but I'm going to try ! Bye and thanks again !
April 10, 2008 at 5:54 PM
Bajjuri Koti said…
Hi!!

I am actully new java encryption and decryption, My requirement is like URL will have a parameter of base-64 encoded string using 3des encryption. How can i write a code in java to decrypt that to get my required values. They told me we will have a common key to encrypt and decrypt that parameter.

Please help me!!!
June 26, 2008 at 4:55 AM
Post a Comment

Popular posts from this blog

Fixing sendmail take a long time to start

I notice that my database box[FC6+Oracle10.2] take along time to startup. Sendmail and sm-client very very slow to start[ about 5 minutes ]. There's something wrong in /etc/hosts file. 'newalises' command take long time to update and finish with error below. [root@ora10g ~]# newaliases WARNING: local host name (ora10g) is not qualified; see cf/README: WHO AM I? /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total [root@ora10g ~]# cat /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost 192.168.1.55 ora10g [root@ora10g ~]# To fix this, custom hostname[ora10g] need to append to localhost line in /etc/hosts. [root@ora10g ~]# cat /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ora10g 192.168.1.55 ora10g [root@ora10g ~]# newaliases /etc/alia
11 comments
Read more

Too many open files

Last week tomcat log file report many error about "Too many open files" when it has high traffic. Some in catalina_log say 2007-04-07 16:13:40 HttpProcessor[80][272] Starting background thread 2007-04-07 16:13:40 HttpConnector[80] accept: java.net.SocketException: Too many open files and here is from localhost_log 2007-04-07 16:13:40 StandardWrapperValve[myservlet]: Servlet.service() for servlet myservlet threw exception java.io.FileNotFoundException: /home/log/mylog_070407.log (Too many open files) This is because too many file descriptors're opened by tomcat. File descriptor can be limited in both system level and shell level. To check maximum number of fd in system type 'cat /proc/sys/fs/file-max'. In my case it is 65536(someone said it should set to 200000). Tomcat error when try to open socket number 272 so I think 65536 is ok for me for now. Anyway if u want to set it add 'fs.file-max = 200000' to /etc/sysctl.conf pnix@pnix-a7:~$ cat /proc/sys/fs/fil
15 comments
Read more

using Class.getResource() load resource file in Eclipse

There are many ways to load resource file in java app. What sun recommended is using Class.getResource(" resource_name ") or Class.getResourceAsStream(" resource_name ") then you will get URL and InputStream respectively. If resource_name is specified without "/", it will be prepend with Class package. So resource file must be in same place[folder structure] as the Class. What I love to do is call getResource() with "/" and put resource file at the root of package. This way i can have separate resource folder. below is in Eclipse, 1. From Package explorer right click src folder->click import 2. In import dialog, Choose General->File System ->next 3. from directory:->Browse to your resource folder. 4. to folder:-> I add "resource" as a folder name under src folder. then click "Finish". In the code, load resource with this.getClass().getResource("/resource/buttons1.png") or this.getClass().getResourceAs
37 comments
Read more