Java DESede encrypt/decrypt compatible with openssl

Thu, 26 Oct 2006 19:31:14 -0700 

Can anybody help me to provide DESede compatibility with OpenSSl?

I built DES salted encrypt/decrypt Java program compatible with OpenSSl.
I used BouncyCastleJCE(BC) because SunJCE doesn't 
support binary PBE password files.

Now I have the problems with DESede:
- SunJCE's PBEWithMD5AndTripleDES doesn't support binary passwords;
- BC's PBEWithSHAAnd2-KeyTripleDES-CBC and PBEWithSHAAnd3-KeyTripleDES-CBC 
        produce encrypted files not compatible with OpenSSL, 
        I get an error:
 ---
$ openssl des-ede -d -salt -kfile .myKey -in short_test.enc1
モ詑ク・髞鳶、!Cャャトヤラヒ!nqbad decrypt
4004:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:.\cry
pto\evp\evp_enc.c:450:
$
 ---

Does BC have any solution for the problem?

Thank you in advance,
Yury.


--- My encrypt source -------------------------------------

private void encrypt( String in_file, String out_file ) throws Exception {
    FileInputStream fis = null;
    FileOutputStream fos = null;
    
    try {
        fis = new FileInputStream( in_file );
        fos = new FileOutputStream( out_file );
        fos.write( "Salted__".getBytes() );
        
        byte[]  salt = "01234567".getBytes();
        fos.write( salt );

        // cipher
        PBEParameterSpec pbeParamSpec = 
                new PBEParameterSpec( salt, 1 ); // OpenSSL uses 1 as
iteration count
        PBEKeySpec  keySpec = new PBEKeySpec( getKey() );
        SecretKeyFactory  keyFac = 
                SecretKeyFactory.getInstance( crypt_alg, "BC" );
        SecretKey pbeKey = keyFac.generateSecret( keySpec );
        Cipher pbeCipher = Cipher.getInstance( crypt_alg, "BC" );
        pbeCipher.init( Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec );

        // encryption
        byte[] bin = new byte [4096];
        byte[] bout = null;
        for( int len = fis.read( bin );  len > -1;  len = fis.read( bin ) ) {
            bout = pbeCipher.update( bin, 0, len );
            fos.write( bout );
        }
        
        bout = pbeCipher.doFinal();
        fos.write( bout );
        fos.flush();
    } catch( Exception e ) {
        System.err.println( 
                "Can't encrypt from " + in_file + 
                        " to " + out_file + ": " + e.getMessage() );
        throw  e;
    } finally {
        if( fis != null )  try{
                fis.close();
        } catch( IOException e){}
        if( fos != null )  try{
                fos.close();
        } catch( IOException e){}
    }
}


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to