Archive for the ‘java’ Category

Create Triple DES SecretKey in Java

For a project at work, I needed to integrate our website with another web application. The web application in question also had their own built in user management system. For seamless integration we wanted our users to only have to log in once.

As the web application was quite a large application, they already had a REST api that allowed you to supply them with a encrypted token in the url that authenticated you on their systems. You simply had to encrypt the user id (on their system) and the current time stamp.

As I had never done anything to do with encryption before in Java. I had to learn from scratch.

The token had to be encrypted with Triple DES CBC scheme. They supply you with an access key. Here is where the problem lay. I could find quite a few examples that allowed you to use the inbuilt key generator in Java, but what about if you have your own key (our access key). This was a bit more difficult to find, so I thought I would blog a code snipit here. In the end it turned out to simple (it always is 🙂

The key needed to be Triple DES (DESede)

String keyString ="4d89g13j4j91j27c582ji69373y788r6"; // I made this key up by the way!

byte[] keyB = new byte[24]; // a Triple DES key is a byte[24] array

for (int i = 0; i < keyString.length() && i < keyB.length; i++) {
keyB[i] = (byte) keyString.charAt(i);

// Make the Key
SecretKey key = new SecretKeySpec(keyB, "DESede");

A good resource that I found was here :