Encryption and Decryption with a 3DES Symmetric Key (ECB Mode)

For details about the algorithm specifications, see 3DES.

Encryption

1. Use cryptoFramework.createSymKeyGenerator and SymKeyGenerator.convertKey to generate a 192-bit 3DES symmetric key (SymKey).

   In addition to the example in this topic, 3DES and Converting Binary Data into a Symmetric Key may help you better understand how to generate a 3DES symmetric key pair. Note that the input parameters in the reference documents may be different from those in the example below.

2. Use cryptoFramework.createCipher with the string parameter '3DES192|ECB|PKCS7' to create a Cipher instance. The key type is 3DES192, block cipher mode is ECB, and the padding mode is PKCS7.

3. Use Cipher.init to initialize the Cipher instance. In Cipher.init, set opMode to CryptoMode.ENCRYPT_MODE (encryption) and key to SymKey (the key used for encryption).

   When ECB mode is used, pass in null in params.

4. Use Cipher.update to pass in the data to be encrypted (plaintext).

   • If the data to be encrypted is short, you can use doFinal immediately after init.
   • If the data to be encrypted is considerably long, you can call update() multiple times to pass in the data by segment.

5. Use Cipher.doFinal to obtain the encrypted data.

   • If data has been passed in by update(), pass in null in the data parameter of Cipher.doFinal.
   • The output of doFinal may be null. To avoid exceptions, always check whether the result is null before accessing specific data.

Decryption

1. Use Cipher.init to initialize the Cipher instance. In Cipher.init, set opMode to CryptoMode.DECRYPT_MODE (decryption) and key to SymKey (the key used for decryption). When ECB mode is used, pass in null in params.

2. Use Cipher.update to pass in the data to be decrypted (ciphertext).

3. Use Cipher.doFinal to obtain the decrypted data.

• Example (using asynchronous APIs):

  import cryptoFramework from '@ohos.security.cryptoFramework';
  import buffer from '@ohos.buffer';
  
  // Encrypt the message.
  async function encryptMessagePromise(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) {
    let cipher = cryptoFramework.createCipher('3DES192|ECB|PKCS7');
    await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, null);
    let encryptData = await cipher.doFinal(plainText);
    return encryptData;
  }
  // Decrypt the message.
  async function decryptMessagePromise(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) {
    let decoder = cryptoFramework.createCipher('3DES192|ECB|PKCS7');
    await decoder.init(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, null);
    let decryptData = await decoder.doFinal(cipherText);
    return decryptData;
  }
  async function genSymKeyByData(symKeyData: Uint8Array) {
    let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData };
    let symGenerator = cryptoFramework.createSymKeyGenerator('3DES192');
    let symKey = await symGenerator.convertKey(symKeyBlob);
    console.info('convertKey success');
    return symKey;
  }
  async function main() {
    let keyData = new Uint8Array([238, 249, 61, 55, 128, 220, 183, 224, 139, 253, 248, 239, 239, 41, 71, 25, 235, 206, 230, 162, 249, 27, 234, 114]);
    let symKey = await genSymKeyByData(keyData);
    let message = "This is a test";
    let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) };
    let encryptText = await encryptMessagePromise(symKey, plainText);
    let decryptText = await decryptMessagePromise(symKey, encryptText);
    if (plainText.data.toString() === decryptText.data.toString()) {
      console.info('decrypt ok');
      console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8'));
    } else {
      console.error('decrypt failed');
    }
  }