Encryption and Decryption with a 3DES Symmetric Key (ECB Mode)
For details about the algorithm specifications, see 3DES.
Encryption
-
Use cryptoFramework.createSymKeyGenerator and SymKeyGenerator.convertKey to generate a 192-bit 3DES symmetric key (SymKey).
In addition to the example in this topic, 3DES and Converting Binary Data into a Symmetric Key may help you better understand how to generate a 3DES symmetric key pair. Note that the input parameters in the reference documents may be different from those in the example below.
-
Use cryptoFramework.createCipher with the string parameter '3DES192|ECB|PKCS7' to create a Cipher instance. The key type is 3DES192, block cipher mode is ECB, and the padding mode is PKCS7.
-
Use Cipher.init to initialize the Cipher instance. In Cipher.init, set opMode to CryptoMode.ENCRYPT_MODE (encryption) and key to SymKey (the key used for encryption).
When ECB mode is used, pass in null in params.
-
Use Cipher.update to pass in the data to be encrypted (plaintext).
- If the data to be encrypted is short, you can use doFinal immediately after init.
- If the data to be encrypted is considerably long, you can call update() multiple times to pass in the data by segment.
-
Use Cipher.doFinal to obtain the encrypted data.
- If data has been passed in by update(), pass in null in the data parameter of Cipher.doFinal.
- The output of doFinal may be null. To avoid exceptions, always check whether the result is null before accessing specific data.
Decryption
-
Use Cipher.init to initialize the Cipher instance. In Cipher.init, set opMode to CryptoMode.DECRYPT_MODE (decryption) and key to SymKey (the key used for decryption). When ECB mode is used, pass in null in params.
-
Use Cipher.update to pass in the data to be decrypted (ciphertext).
-
Use Cipher.doFinal to obtain the decrypted data.
-
Example (using asynchronous APIs):
import cryptoFramework from '@ohos.security.cryptoFramework'; import buffer from '@ohos.buffer'; // Encrypt the message. async function encryptMessagePromise(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) { let cipher = cryptoFramework.createCipher('3DES192|ECB|PKCS7'); await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, null); let encryptData = await cipher.doFinal(plainText); return encryptData; } // Decrypt the message. async function decryptMessagePromise(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) { let decoder = cryptoFramework.createCipher('3DES192|ECB|PKCS7'); await decoder.init(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, null); let decryptData = await decoder.doFinal(cipherText); return decryptData; } async function genSymKeyByData(symKeyData: Uint8Array) { let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData }; let symGenerator = cryptoFramework.createSymKeyGenerator('3DES192'); let symKey = await symGenerator.convertKey(symKeyBlob); console.info('convertKey success'); return symKey; } async function main() { let keyData = new Uint8Array([238, 249, 61, 55, 128, 220, 183, 224, 139, 253, 248, 239, 239, 41, 71, 25, 235, 206, 230, 162, 249, 27, 234, 114]); let symKey = await genSymKeyByData(keyData); let message = "This is a test"; let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; let encryptText = await encryptMessagePromise(symKey, plainText); let decryptText = await decryptMessagePromise(symKey, encryptText); if (plainText.data.toString() === decryptText.data.toString()) { console.info('decrypt ok'); console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8')); } else { console.error('decrypt failed'); } }