This turned out to be user error. Apologies for the post.
lm
On Jan 2, 6:10 pm, lmcghaw <[EMAIL PROTECTED]> wrote:
> I'm trying to encrypt data using DES CBC PKCS#5 packing, but I am
> unable to achive encryption results matching that of java.
>
> For the sake of debugging the issue I'm using an encryption key of 8
> bytes (all zero) and an iv token of 8 bytes (all zero) both in java
> and in C++.
>
> In Java using the SUN JCE security provider and the IBM JCE Security
> provider I get consistent results that are correct. Using Crypto++ I
> must be doing something wrong .. but I cant figure it out.
>
> Here is the java function for reference
> ===========================================================
> // This method encrypts the usreid/password with the middle 8
> bytes of
> // the generated secret key and an encryption token. Then it
> returns the
> // encrypted data in a byte array.
> // plainText The byte array form userid/password to encrypt.
> // initVector The byte array which is used to calculate the
> // encryption token.
> // targetPublicKey DERBY' public key.
> // Returns the encrypted data in a byte array.
> public byte[] encryptData(byte[] plainText,
> int securityMechanism,
> byte[] initVector,
> byte[] targetPublicKey) throws
> SqlException {
>
> byte[] cipherText = null;
> byte[] cipherText2 = null;
> java.security.Key key = null;
>
> if (token_ == null) {
> // token_ = calculateEncryptionToken(securityMechanism,
> initVector);
> // hardcode iv token to all zeros for debugging purposes
> token_ = new byte[8];
> token_[0]=0;
> token_[1]=0;
> token_[2]=0;
> token_[3]=0;
> token_[4]=0;
> token_[5]=0;
> token_[6]=0;
> token_[7]=0;
> }
>
> // Hardcode the security key for debugging purposes - all
> zeros
> secKey_ = new byte[8];
> secKey_[0]=0;
> secKey_[1]=0;
> secKey_[2]=0;
> secKey_[3]=0;
> secKey_[4]=0;
> secKey_[5]=0;
> secKey_[6]=0;
> secKey_[7]=0;
> try {
> // //use this encryption key to initiate a
> SecretKeySpec object
> // secKey_ = generatePrivateKey(targetPublicKey);
> javax.crypto.spec.SecretKeySpec desKey = new
> javax.crypto.spec.SecretKeySpec(secKey_, "DES");
> key = desKey;
> // } else {
> // //use this encryption key to initiate a
> SecretKeySpec object
> // javax.crypto.spec.DESKeySpec desKey = new
> javax.crypto.spec.DESKeySpec(secKey_);
> // if (secretKeyFactory_ == null) {
> // secretKeyFactory_ =
> javax.crypto.SecretKeyFactory.getInstance("DES", providerName);
> // }
> // key = secretKeyFactory_.generateSecret(desKey);
> // }
>
> //We use DES in CBC mode because this is the mode used in
> PROTOCOL. The
> //encryption mode has to be consistent for encryption and
> decryption.
> //CBC mode requires an initialization vector(IV)
> parameter. In CBC mode
> //we need to initialize the Cipher object with an IV,
> which can be supplied
> // using the javax.crypto.spec.IvParameterSpec class.
> javax.crypto.Cipher cipher =
> javax.crypto.Cipher.getInstance("DES/CBC/PKCS5Padding", "SunJCE"); //
> providerName
> javax.crypto.Cipher cipher2 =
> javax.crypto.Cipher.getInstance("DES/CBC/PKCS5Padding", "IBMJCE"); //
> providerName
>
> //generate a IVParameterSpec object and use it to initiate
> the
> //Cipher object.
> javax.crypto.spec.IvParameterSpec ivParam = new
> javax.crypto.spec.IvParameterSpec(token_);
> javax.crypto.spec.IvParameterSpec ivParam2 = new
> javax.crypto.spec.IvParameterSpec(token_);
>
> //initiate the Cipher using encryption mode, encryption
> key and the
> //IV parameter.
> cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, key,
> ivParam);
> cipher2.init(javax.crypto.Cipher.ENCRYPT_MODE, key,
> ivParam2);
>
> //Execute the final phase of encryption
> cipherText = cipher.doFinal(plainText);
> cipherText2 = cipher2.doFinal(plainText);
> } catch (java.security.NoSuchProviderException e) {
> throw new SqlException(agent_.logWriter_, e,
> "java.security.NoSuchProviderException is caught "
> + "when encrypting data '" + e.getMessage() +
> "'");
> } catch (java.security.NoSuchAlgorithmException e) {
> throw new SqlException(agent_.logWriter_, e,
> "java.security.NoSuchAlgorithmException is caught "
> + "when encrypting data '" + e.getMessage() +
> "'");
> } catch (java.security.InvalidKeyException e) {
> throw new SqlException(agent_.logWriter_, e,
> "java.security.InvalidKeyException is caught "
> + "when encrypting data '" + e.getMessage() +
> "'");
> } catch (javax.crypto.NoSuchPaddingException e) {
> throw new SqlException(agent_.logWriter_, e,
> "javax.crypto.NoSuchPaddingException is caught "
> + "when encrypting data '" + e.getMessage() +
> "'");
> } catch (javax.crypto.BadPaddingException e) {
> throw new SqlException(agent_.logWriter_, e,
> "javax.crypto.BadPaddingException is caught "
> + "when encrypting data '" + e.getMessage() +
> "'");
> } catch (java.security.InvalidAlgorithmParameterException e) {
> throw new SqlException(agent_.logWriter_, e,
> "java.security.InvalidAlgorithmParameterException is caught "
> + "when encrypting data '" + e.getMessage() +
> "'");
> } catch (javax.crypto.IllegalBlockSizeException e) {
> throw new SqlException(agent_.logWriter_, e,
> "javax.crypto.IllegalBlockSizeException is caught "
> + "when encrypting data '" + e.getMessage() +
> "'");
> /* } catch (java.security.spec.InvalidKeySpecException e) {
> throw new SqlException(agent_.logWriter_, e,
> "javax.crypto.IllegalBlockSizeException is caught "
> + "when encrypting data '" + e.getMessage() +
> "'"); */
> }
> return cipherText;
> }
>
> ==================================================================
>
> and a snippet of the C++ code for reference as well.
>
> char szEncryptionKey[CryptoPP::DES::DEFAULT_KEYLENGTH];
> char iv[CryptoPP::DES::BLOCKSIZE ];
> char szEncryptedUserID[512];
> char szEncryptedPassword[512];
> char szPaddedUserID[256];
> char szPaddedPassword[256];
>
> char szDecryptedUserID[512];
> char szDecryptedPassword[512];
>
> memset(szEncryptionKey,0,8);
> memset(iv,0,8);
>
> sprintf(szPaddedUserID, "%s", GetDatabaseMessage()->GetDatabaseUserName());
>
> sprintf(szPaddedPassword, "%s", GetDatabaseMessage()->GetDatabasePassword());
>
> int nSizeUserID = strlen(szPaddedUserID);
> int nSizePassword = strlen(szPaddedPassword);
>
> CryptoPP::DESEncryption desE((const byte *)szEncryptionKey,
> CryptoPP::DES::DEFAULT_KEYLENGTH);
>
> CryptoPP::CBC_Mode_ExternalCipher::Encryption modeE(desE, (const byte
> *)iv);
>
> std::string ciphertext;
>
> CryptoPP::StreamTransformationFilter cryptoEnc(modeE, new
> CryptoPP::StringSink( ciphertext ) ,
> CryptoPP::StreamTransformationFilter::PKCS_PADDING);
> cryptoEnc.Put((const byte *)szPaddedUserID,strlen(szPaddedUserID));
> cryptoEnc.MessageEnd();
>
> ==================================================================
>
> ciphertext in C++ does not match the ciphertext in java.
>
> Thanks
>
> lm
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [EMAIL PROTECTED]
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---
