This content has been marked as final. Show 5 replies
I use DESede/ECB/NoPadding and my code worksDES and DESede require the data length to be a multiple of 8 bytes. Using DESede/ECB/NoPadding, it is your responsibility to force this condition. You could use
correctly. but when i put some string to encrypt that
is not a multiple of 8, as you know, it crash.
and then the padding to an 8 byte boundary will be done for you.
If you need to know how PKCS5 padding works, use Google.
dun forget DESede uses 112 or 168 size keysThis is a little simplistic as far as the SunJCE JCE provider is concerned.
A DES key is 56 bits and Triple DES key is either 2x56 bits or 3x56 bits. The first 56 bits
of 2x56 Bit Triple DES key is used to DES encrypt a block, the second 56 bits is used to
DES decrypt the the result of the first DES encryption and the first 56 bits is then used
again to further DES encrypt the block. A 3x56 Bit Triple DES key uses the first 56 bits to
encrypt a block, the second 56 bits to DES decrypt the result of the first DES encryption
and then finally the 3rd 56 bit key is used to DES encrypt.
Within the SunJCE provider, a DES key is packaged as 8 bytes of 7 bits with the least
significant bit of each byte being a parity bit. I can't remember whether it is even or odd
parity but it does not matter because the SunJCE provider ignores this bit!
A Triple DES key is packages as 24 bytes with the first 8 bytes bring used for the DES
key first encryption stage, the next 8 bytes as the DES key for the decryption stage and
the last 8 bytes used for the final DES encryption stage. If one tries to provide just 16
bytes as a representation of the 2x56 Bit key then one gets a
java.security.InvalidKeyException: Wrong key size
exception. If one wants the same 56 bit key used for both encryption stages of Triple
DES encryption then one must build the appropriate 24 bytes.
997956 wrote:a) DES and DESede are now deprecated in favour of AES.
So, it's a slightly old thread, but maybe could you post the code for doing DESede/ECB/NoPadding?
b) ECB is generally considered insecure since it allows splicing of ciphertext that will decrypt to valid cleartext. One of the feedback modes should be used.
c) This site is not a code mill and Google will find many many of examples of this insecure encryption method.