Tuesday, January 18, 2011

java equivalent of php encryption with MCRYPT_3DES and MCRYPT_MODE_CBC

if you try to write a java code to produce same encrypted words which are generated with php using TripleDES algorithm and CBC mode, you'll see two main keywords at the end of your search on internet:

  • DESede (as algorithm)
  • DESede/CBC/PKCS5Padding (as transformation method)

key point here is transformation method, because php does not support "PKCS5Padding". It just adds empty bytes at the end of plain text to be encrypted to make it's length multiply of 8. so you must use "DESede/CBC/NoPadding" transformation method and do the same padding php does with hand not to get "invalid length"[1] errors.

you can see php code and it's java equivalent below.


$plaintext = "Some-plain-text-message-to-be-symetrically-encrypted";
$deskey = "secret word with 24 byte";
$ivkey = "12345678";
$td = mcrypt_module_open(MCRYPT_3DES, '', MCRYPT_MODE_CBC, '');
mcrypt_generic_init($td, $deskey, $ivkey);
$encrypted_data = mcrypt_generic($td, $plaintext);
echo strtoupper(bin2hex($encrypted_data));


import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import org.apache.commons.codec.binary.Hex;
import java.util.Date;
import java.util.Arrays;
import java.text.SimpleDateFormat;
import java.text.ParsePosition;

public class Encrypt {

public static void main(String[] args) throws Exception {
String plainText = "Some-plain-text-message-to-be-symetrically-encrypted";
String desKey = "secret word with 24 byte";
String ivKey = "12345678";
String algorithm = "DESede";
// String transformation = "DESede/CBC/PKCS5Padding";
String transformation = "DESede/CBC/NoPadding";
byte[] keyValue = desKey.getBytes("UTF-8");
byte[] ivValue = ivKey.getBytes("UTF-8");
DESedeKeySpec keySpec = new DESedeKeySpec(keyValue);
IvParameterSpec iv = new IvParameterSpec(ivValue);
SecretKey key = SecretKeyFactory.getInstance(algorithm).generateSecret(keySpec);
Cipher encrypter = Cipher.getInstance(transformation);
encrypter.init(Cipher.ENCRYPT_MODE, key, iv);
// byte[] input = plainText.getBytes();
byte[] input = getPaddedBytes(plainText);
byte[] encrypted = encrypter.doFinal(input);
System.out.println(new String(Hex.encodeHex(encrypted)).toUpperCase());

public static byte[] getPaddedBytes(String s) throws java.io.UnsupportedEncodingException {
int n = s.length();
n = n + (8 - (n % 8));
byte[] src = s.getBytes("UTF-8");
byte[] dst = Arrays.copyOf(src, n);
return src;

[1] javax.crypto.IllegalBlockSizeException: Input length not multiple of 8 bytes