0

I have this following snippet from c++ code that is used for encryption:

EVP_CIPHER_CTX ctx;
const EVP_CIPHER * cipher = EVP_des_ede3_cbc();
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char key[EVP_MAX_KEY_LENGTH];
String seed;

_config->get_value("crypto_seed", &seed); // uses the seed value from pimp config.

if (seed.is_empty())
{
    return false;
}

EVP_BytesToKey(cipher, EVP_sha1(),
        (unsigned char *) 0, // no salt
        reinterpret_cast<unsigned char *>(const_cast<char *>(seed.chars())), seed.length(),
        1, // hash passphrase just once.
        key, iv);

EVP_CIPHER_CTX_init(&ctx);
EVP_CipherInit_ex(&ctx, cipher, (ENGINE *) 0, key,
        iv,
        1); // encrypt

what s the equivalent of the c++ encryption in java?

I see there is des algorithm, then i see sha1.

This is related to openssl encryption. But not sure what is the equivalent. essentially i would like the same output as c++ code generates.

i m asking the what s the equivalent of EVP_CIPHER_CTX or what s the name of the encrytion being used here so i can take it from there.

EDIT: not asking anyone to convert the code to java, just asking the corresponding package or class that would do the same.

DarthVader
  • 52,984
  • 76
  • 209
  • 300
  • are you asking how to convert the above c++ into java? Or is it a different question? – Woot4Moo Oct 16 '12 at 18:04
  • i m asking the what s the equivalent of `EVP_CIPHER_CTX` or what s the name of the encrytion being used here so i can take it from there. – DarthVader Oct 16 '12 at 18:05
  • @DarthVader - I have that stupid [hammer badge and I can't opt-out of it](http://meta.stackoverflow.com/q/323155). That means I can't cite a potential duplicate without closing the question. Please let me know if you object. – jww May 27 '16 at 21:27
  • [OpenSSL 1.1.0c changed the digest algorithm](http://stackoverflow.com/q/39637388/608639) used in some internal components. Formerly, MD5 was used, and 1.1.0 switched to SHA256. Be careful the change is not affecting you in both `EVP_BytesToKey` and commands like `openssl enc`. – jww Jan 26 '17 at 16:15

4 Answers4

2

The trickiest part of this is the EVP_BytesToKey part, which has been recreated before.

How to decrypt file in Java encrypted with openssl command using AES?

I've also got an object oriented version laying around here, if you are really not up to using that C-like code. For SHA-1, use SHA-1 instead of MD5...

As for the encryption, simply use "DESede/CBC/PKCS5Padding" as algorithm name for your Cipher.getInstance() method and you should be fine.

Community
  • 1
  • 1
Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
0

The encryption being used is Triple DES with cipher block chaining

RSA page: source

A cryptographic identifier which indicates a 3DES EDE CBC symmetric cipher.

Woot4Moo
  • 23,987
  • 16
  • 94
  • 151
0

It looks like EVP_CIPHER_CTX is the “context” structure that's containing the encryption (akin to an object), but the actual cypher being used is EVP_des_ede3_cbc — which would be "des-ede3-cbc" with OpenSSL.encrypt(…) and friends

EDIT: To answer the question (“the corresponding package”), generally you should probably use javax.crypto or (probably “better” for most purposes) bouncycastle (http://www.bouncycastle.org/). But OpenSSL bindings do also exist — just awkward to use and deploy.

BRPocock
  • 13,638
  • 3
  • 31
  • 50
  • Thanks. i m also seeing `EVP_BytesToKey(cipher, EVP_sha1()`, so sha1 is also being used no? – DarthVader Oct 16 '12 at 18:09
  • 1
    It looks like it's using that for the key hashing, yes. I'm afraid I'm not familiar with addressing it via C|C++, but the name seems clear :-) – BRPocock Oct 16 '12 at 18:19
0

The code you are converting from uses the openssl library. It carries out a triple-DES encryption using an Initial Vector. The first thing you need to understand is exactly what it's doing (and preferably why).

Unfortunately the openssl documentation isn't terribly thorough (see here) ... though the O'Reilley book Network Security with OpenSSL is quite a bit better (it's a bit out of date, though).

Once you know what needs to be done, you shouldn't have much difficulty coding it in Java using the standard javax.crypto package.

dajames
  • 2,776
  • 1
  • 20
  • 17