Encrypting string in java - Lotus Domino Integration (Netpay)

Question

I have a tricky problem within my Lotus Domino application. We have been using EPDQ to handle payments for our shopping cart but customer wants to switch to Netpay which works differently in that you encrypt your own transaction information using their encryption key and initialisation vector. They helpfully provided some sample java, the encrytion function from this is below but although Lotus Domino was OK importing the libraries needed for the encryption;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.spec.IvParameterSpec;

It could not resolve the last library I need

import org.apache.commons.codec.binary.Hex;

My Java skills aren't great but my understanding is that all this seems to be doing is generating a byte string for the encryption process. There is a matching decryption function which also needs this library, is there another alternative way of achieving its effect? In my agent you can import loads of different libraries but none so far contain what I need.

public static String encrypt_cbc(String input, String key, String iv){
    byte[] crypted = null;
    try{
         //byte[] key_byte = Hex.decodeHex(key.toCharArray());
         byte[] key_byte = DatatypeConverter.parseHexBinary(key); 
         SecretKeySpec key_spec = new SecretKeySpec(key_byte, "AES");

         //byte[] iv_byte = Hex.decodeHex(iv.toCharArray());
         byte[] iv_byte = DatatypeConverter.parseHexBinary(IV); 
         IvParameterSpec iv_spec = new IvParameterSpec(iv_byte);

         Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

         cipher.init(Cipher.ENCRYPT_MODE, key_spec, iv_spec);
         crypted = cipher.doFinal(input.getBytes());

    }catch(Exception e){
         System.out.println(e.toString());
    }
    String crypted_hex = Hex.encodeHexString(crypted);
    return crypted_hex;
}

Thursday 21:13 - Honing in on a solution, replacing Hex.decodeHex with DatatypeConverter.parseHexBinary seems like a good start although its not liking the call to cipher.init or doFinal so still have work to do. I've not yet gone down the path of incorporating an additional JAR to my Domino Designer as from many years of experience sharing servers, its usually best possible to make do with configuration provided to you, I've got a call into Bluesky Hosting but aren't hopeful.

Or you want [this](http://stackoverflow.com/questions/9655181/convert-from-byte-array-to-hex-string-in-java) and [this](http://stackoverflow.com/questions/140131/convert-a-string-representation-of-a-hex-dump-to-a-byte-array-using-java) — Artjom B., Nov 26 '14 at 22:19
You need to download the jar containing the implementation for the missing import and either add it to your code (it it's an agent, you do this in Domino Designer) or add it to your server's filesystem. A link to the download can be found on the page Artjom B. linked above. — Richard Schwartz, Nov 27 '14 at 02:48
Do you enjoy downvoting, question is very specific. I need an alternative to Hex.decodeHex or a way of adding the implementation to my Lotus Domino developer client. Please reconsider your downvote. — AndrewB, Nov 27 '14 at 13:46
Andrew, I would downvote it too. There are two issues here: a) how to integrate Java code and libraries into Domino, which can be a pain, especially when you start having security issues) - and that's the question Richard has answered, and b) a question about encryption which can only be answered (or perhaps won't exist anymore) once you have solved a. Your question is not clear, I'm afraid. I would have expected that you say what you've done, what's the version of the system, background information. — Andrew Magerman, Nov 27 '14 at 14:19
I found a solution to the problem which is posted below, and importantly this did not require any config changes to my IBM Lotus Domino designer client (Version 8.5.3) — AndrewB, Dec 02 '14 at 09:32

score 0 · Accepted Answer · answered Dec 02 '14 at 09:28

Turned out to have a very simple answer, DatatypeConverter.parseHexBinary(key) was able to create the desired byte stream for the encryption process. This time though I had no problem with the required import javax.xml.bind.DatatypeConverter which was accessible without needing any config changes to my Domino 8.5.3 designer client.

public static String encrypt_cbc(String input, String key, String iv){
    byte[] crypted = null;
    try{
         //byte[] key_byte = Hex.decodeHex(key.toCharArray());
         byte[] key_byte = DatatypeConverter.parseHexBinary(key); 
         SecretKeySpec key_spec = new SecretKeySpec(key_byte, "AES");

         //byte[] iv_byte = Hex.decodeHex(iv.toCharArray());
         byte[] iv_byte = DatatypeConverter.parseHexBinary(iv); 
         IvParameterSpec iv_spec = new IvParameterSpec(iv_byte);

         Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

         cipher.init(Cipher.ENCRYPT_MODE, key_spec, iv_spec);
         crypted = cipher.doFinal(input.getBytes());

    }catch(Exception e){
         System.out.println(e.toString());
    }
    //String crypted_hex = Hex.encodeHexString(crypted);
    String crypted_hex = DatatypeConverter.printHexBinary(crypted);
    return crypted_hex;
}

Its then very easy to use this to build the html form which is submitted to Netpay.

out.print("<input type=\"hidden\" name=\"username\" value=\"");
out.println(encrypt_cbc(username, key, iv) + "\" />");

or where data to be encrypted is numeric

out.print("<input type=\"hidden\" name=\"amount\" value=\""); 
out.println(encrypt_cbc(orderTotal.toString(), key, iv) + "\" />");

My understanding of Java encryption is still fairly high level but that isn't hugely important as above code works great and is more than fast enough for its intended purpose.

Encrypting string in java - Lotus Domino Integration (Netpay)

1 Answers1