Different 3DES standard in Capicom VS .Net System.Security.Cryptography?

StackOverflow https://stackoverflow.com/questions/6329806

  •  27-10-2019
  •  | 
  •  

Question

I am working on standard 3DES 128bit for encryption and decryption a string. It implemented in two different environment; classic ASP (VB6) and .Net.

I think of the 3DES is standard, however, I can't make it compatible between these two (capicom and .Net). Once googling around, I realized that capicom have some own customized magic.

As far I understand, 3DES requires two specifies 128bits (8bytes) of key (password), and 8 bytes of "IV". So, I can't find anywhere which I can specifies the 8 bytes of "IV" in capicom, therefore, I suspect this cause the difference.

.Net System.Security.Cryptography

Dim m_des As New TripleDESCryptoServiceProvider

...

Private ReadOnly str_key As String = "MyPwd1234567890p"
Private ReadOnly iv() As Byte = {8, 7, 6, 5, 4, 3, 2, 1}
Private m_utf8 As New UTF8Encoding
Private m_key() As Byte
Private m_iv() As Byte

Public Sub New(ByVal key() As Byte, ByVal iv() As Byte)
        Me.m_key = key
        Me.m_iv = iv
End Sub

' VB.NET to convert a string to a byte array
Public Shared Function StrToByteArray(ByVal str As String) As Byte()
  Dim encoding As New System.Text.UTF8Encoding()
  Return encoding.GetBytes(str)
End Function

Public Function Encrypt(ByVal input() As Byte) As Byte()        
        Return Transform(input, m_des.CreateEncryptor(StrToByteArray(str_key), m_iv))
End Function

Capicom in VB6 environment:

Dim DecryptData
Set DecryptData = CreateObject("CAPICOM.EncryptedData")

Dim sDAta
sData = "Hello World"

DecryptData.Algorithm.KeyLength = CAPICOM_ENCRYPTION_KEY_LENGTH_128_BITS
DecryptData.Algorithm.Name = CAPICOM_ENCRYPTION_ALGORITHM_3DES
DecryptData.SetSecret("MyPwd1234567890p")

result = DecryptData.Decrypt(sData)

Hope that you can help to provide some ideas.

Was it helpful?

Solution

If the VB6 one does not require an Initialization Vector it is probably because it is using Electronic Cookbook mode (ECB) rather than Cipher Block Chaining mode (CBC) which the .Net version is using. If you switch the .Net version to ECB you will probably be able to encrypt and decrypt cross platform. However, CBC is the more secure encryption mode, so it may be worth trying to figure out how to force CAPICOM to use CBC and specify an initialization vector.

Also you shouldnt hard code an initialization vector (or key, but i'm assuming you are doing that for testing), you should generate one each time you generate a new key.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top