Android encrypt 3DES ECB

0
votes

I need to encrypt some data with a custom key generated from a passphrase.

It MUST be: 3DES Cipher Mode: ECB Padding Mode: Zeros

I can't find any code to do that. Can anyone show me an example?

I've tried this and it show me the following error 

ERROR: java.security.InvalidAlgorithmParameterException: expected IV length of 0


import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;

import javax.crypto.Cipher;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class Encryption {

public static int MAX_KEY_LENGTH = DESedeKeySpec.DES_EDE_KEY_LEN;
private static String ENCRYPTION_KEY_TYPE = "DESede";
private static String ENCRYPTION_ALGORITHM = "DESede/ECB/PKCS5Padding";
private final SecretKeySpec keySpec;

public Encryption(String passphrase) {
    byte[] key;
    try {
        // get bytes representation of the password
        key = passphrase.getBytes("UTF8");
    } catch (UnsupportedEncodingException e) {
        throw new IllegalArgumentException(e);
    }

    key = padKeyToLength(key, MAX_KEY_LENGTH);
    keySpec = new SecretKeySpec(key, ENCRYPTION_KEY_TYPE);
}

// !!! - see post below
private byte[] padKeyToLength(byte[] key, int len) {
    byte[] newKey = new byte[len];
    System.arraycopy(key, 0, newKey, 0, Math.min(key.length, len));
    return newKey;
}

// standard stuff
public byte[] encrypt(byte[] unencrypted) throws GeneralSecurityException {
    return doCipher(unencrypted, Cipher.ENCRYPT_MODE);
}

public byte[] decrypt(byte[] encrypted) throws GeneralSecurityException {
    return doCipher(encrypted, Cipher.DECRYPT_MODE);
}

private byte[] doCipher(byte[] original, int mode) throws GeneralSecurityException {
    Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
    // IV = 0 is yet another issue, we'll ignore it here
    IvParameterSpec iv = new IvParameterSpec(new byte[] { 0, 0, 0, 0, 0, 0, 0, 0 });
    cipher.init(mode, keySpec, iv);
    return cipher.doFinal(original);
}
}

EDITED: Now I have this, and I pass as "passphrase" parameter my custom key (key size=8) The php I call is not accepting the encrypted result (it's not correct).

The correct encryption is the one this web does putting Algorith "tripledes" and mode: ECB https://www.tools4noobs.com/online_tools/encrypt/

I don't know yet what I am doing wrong...

public class Encryption {

public static int MAX_KEY_LENGTH = DESedeKeySpec.DES_EDE_KEY_LEN;
private static String ENCRYPTION_KEY_TYPE = "DESede";
private static String ENCRYPTION_ALGORITHM = "DESede/ECB/NoPadding";
private final SecretKeySpec keySpec; 

public Encryption(String passphrase) {
        byte[] key;
    try {
        // get bytes representation of the password
        key = passphrase.getBytes("UTF8");
    } catch (UnsupportedEncodingException e) {
        throw new IllegalArgumentException(e);
    }

    key = padKeyToLength(key, MAX_KEY_LENGTH);
    keySpec = new SecretKeySpec(key, ENCRYPTION_KEY_TYPE);
}


private byte[] padKeyToLength(byte[] key, int len) {
    byte[] newKey = new byte[len];
    System.arraycopy(key, 0, newKey, 0, Math.min(key.length, len));
    return newKey;
}

// standard stuff
public byte[] encrypt(byte[] unencrypted) throws GeneralSecurityException {
    return doCipher(unencrypted, Cipher.ENCRYPT_MODE);
}

public byte[] decrypt(byte[] encrypted) throws GeneralSecurityException {
    return doCipher(encrypted, Cipher.DECRYPT_MODE);
}

private byte[] doCipher(byte[] original, int mode) throws GeneralSecurityException {
    Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
    int bs = cipher.getBlockSize();
    byte[] padded = new byte[original.length + bs - original.length % bs];
    System.arraycopy(original, 0, padded, 0, original.length);
    cipher.init(mode, keySpec);
    return cipher.doFinal(padded);
}
2
androidsecurityencryption3des
You just posted the key you're using for encryption on the internet... - Relequestual
The error is pretty clear: "expected IV length of 0". ECB mode doesn't use an IV, but you really shouldn't use ECB. It's not semantically secure. Use at the very least CBC mode with a random IV for every encryption. The IV doesn't have to be secret, so you can send it along with the ciphertext, but it has to be unpredictable. - Artjom B.
@Relequestual the key I posted it's a sample, it was not the real key. I don't know why someone has downvoted the question. - Borja
@ArtjomB. I have to use ECB because I have to call a php that needs data encrypted in 3DES. - Borja
Fair enough. Related to your other comment. Do you have no control over the system you're calling? - Relequestual

2 Answers

0
votes

ECB mode doesn't use an IV which makes it a deterministic cipher mode which means that it is not semantically secure. If you still need to use it, remove the IV as a parameter:

int bs = cipher.getBlockSize();
byte[] padded = new byte[original.length + bs - original.length % bs];
System.arraycopy(original, 0, padded, 0, original.length);
cipher.init(mode, keySpec);
return cipher.doFinal(padded);

This will give you a zero padded message that can then be encrypted. This works, because a byte array is always initialized with zeros in them. The padding is the same as BouncyCastle's ZeroPadding. If you want to do zero padding as PHP's mcrypt does it, then use

byte[] padded = new byte[original.length + (bs - original.length % bs) % bs];
0
votes

Here's example of code I use to encrypt something with 3DES. I also use Base64 for my secretKey, but I think you'll figure this out.

public class KeywordsCipher {

private static final String PADDING = "DESede/ECB/NoPadding";
private static final String UTF_F8 = "UTF-8";
private static final String DE_SEDE = "DESede";
private String secretKey;

{...}

public String encrypt(String message, String secretKey) {

    byte[] cipherText = null;

    try {
        final byte[] secretBase64Key = Base64.decodeBase64(secretKey);
        final SecretKey key = new SecretKeySpec(secretBase64Key, DE_SEDE);
        final Cipher cipher = Cipher.getInstance(PADDING);
        cipher.init(Cipher.ENCRYPT_MODE, key);
        final byte[] plainTextBytes = message.getBytes();
        cipherText = cipher.doFinal(plainTextBytes);
    } catch (NoSuchAlgorithmException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchPaddingException e) {
        throw new CipherException("Problem with encryption occured");
    }

    return Hex.encodeHexString(cipherText);
}

public CipherKeywordModel decrypt(String keyToDecrypt, String secretKey) {

    try {
        byte[] message = DatatypeConverter.parseHexBinary(keyToDecrypt);
        final byte[] secretBase64Key = Base64.decodeBase64(secretKey);
        final SecretKey key = new SecretKeySpec(secretBase64Key, DE_SEDE);
        final Cipher decipher = Cipher.getInstance(PADDING);
        decipher.init(Cipher.DECRYPT_MODE, key);
        final byte[] plainText = decipher.doFinal(message);
        String decryptedText = new String(plainText, UTF_F8);
    } catch (UnsupportedEncodingException | NoSuchAlgorithmException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchPaddingException e) {
        throw new CipherException("Problem with encryption occured");
    }
    return decryptedText;
}