Page 1 of 1

3DES encryption with clear key

Posted: Mon Mar 05, 2018 3:01 pm
by marcusmonteiro
I'm trying to write a Cobol program with the following interface:

Objective
Receives a clear encryption key and a clear text and returns a cyphered text using the 3DES algorithm.

Inputs:
CLEAR_KEY: A 32-character string of hexadecimal characters to be used as the encryption key.
CLEAR_TEXT: A 16-character string.

Output:
CYPHERED_TEXT: A 16-character string.

I have access to DB2 and ICSF callable services.

I tried these three approaches:

Using CSNBSYE

77 CSNBSYE PIC X(7) VALUE 'CSNBSYE'.
01 CSNBSYE-PARAMETERS.
02 RETURN-CODE PIC 9(8) COMP.
02 REASON-CODE PIC 9(8) COMP.
02 EXIT-DATA-LENGTH PIC 9(8) COMP.
02 EXIT-DATA PIC X(32).
02 RULE-ARRAY-COUNT PIC 9(8) COMP.
02 RULE-ARRAY PIC X(8).
02 KEY-IDENTIFIER-LENGTH PIC 9(8) COMP.
02 KEY-IDENTIFIER PIC X(32).
02 KEY-PARMS-LENGTH PIC 9(8) COMP.
02 KEY-PARMS PIC X(32).
02 BLOCK-SIZE PIC 9(8) COMP.
02 INIT-VECTOR-LENGTH PIC 9(8) COMP.
02 INIT-VECTOR PIC X(8).
02 CHAIN-DATA-LENGTH PIC 9(8) COMP.
02 CHAIN-DATA PIC X(16).
02 CLEAR-TEXT-LENGTH PIC 9(8) COMP.
02 CLEAR-TEXT PIC X(16).
02 CYPHERED-TEXT-LENGTH PIC 9(8) COMP.
02 CYPHERED-TEXT PIC X(16).
02 OPTIONAL-DATA-LENGTH PIC 9(8) COMP.
02 OPTIONAL-DATA PIC X(32).

INITIALIZE CSNBSYE-PARAMETERS.

MOVE 1 TO RULE-ARRAY-COUNT.
MOVE 'DES ' TO RULE-ARRAY.
MOVE 16 TO KEY-IDENTIFIER-LENGTH.
MOVE '2DF65FD88EA9E17E3C66950387F91DE2' TO KEY-IDENTIFIER.
MOVE 8 TO BLOCK-SIZE
INIT-VECTOR-LENGTH.
MOVE ALL ZEROS TO INIT-VECTOR.
MOVE 16 TO CHAIN-DATA-LENGTH.
MOVE LOW-VALUES TO CHAIN-DATA.
MOVE 16 TO CLEAR-TEXT-LENGTH
CYPHERED-TEXT-LENGTH.
MOVE ALL ZEROS TO CLEAR-TEXT.

CALL CSNBSYE USING RETURN-CODE,
REASON-CODE,
EXIT-DATA-LENGTH,
EXIT-DATA,
RULE-ARRAY-COUNT,
RULE-ARRAY,
KEY-IDENTIFIER-LENGTH,
KEY-IDENTIFIER,
KEY-PARMS-LENGTH,
KEY-PARMS,
BLOCK-SIZE,
INIT-VECTOR-LENGTH,
INIT-VECTOR,
CHAIN-DATA-LENGTH,
CHAIN-DATA,
CLEAR-TEXT-LENGTH,
CLEAR-TEXT,
CYPHERED-TEXT-LENGTH,
CYPHERED-TEXT,
OPTIONAL-DATA-LENGTH,
OPTIONAL-DATA.

Using CSNBECO

77 CSNBECO PIC X(7) VALUE 'CSNBECO'.
01 CSNBECO-PARAMETERS.
02 RETURN-CODE PIC 9(8) COMP.
02 REASON-CODE PIC 9(8) COMP.
02 EXIT-DATA-LENGTH PIC 9(8) COMP.
02 EXIT-DATA PIC X(32).
02 CLEAR-KEY PIC X(32).
02 CLEAR-TEXT PIC X(16).
02 CYPHERED-TEXT PIC X(16).

INITIALIZE CSNBECO-PARAMETERS.

MOVE '2DF65FD88EA9E17E3C66950387F91DE2' TO CLEAR-KEY.
MOVE ALL ZEROS TO CLEAR-TEXT.

CALL CSNBSYE USING RETURN-CODE,
REASON-CODE,
EXIT-DATA-LENGTH,
EXIT-DATA,
CLEAR-KEY,
CLEAR-TEXT,
CYPHERED-TEXT.

Using DB2's ENCRYPT_TDES

01 WS.
02 CLEAR-TEXT PIC X(16).
02 CYPHERED-TEXT PIC X(16).

MOVE ALL ZEROS TO CLEAR-TEXT.

EXEC SQL
SELECT ENCRYPT_TDES(:CLEAR-TEXT, '2DF65FD88EA9E17E3C66950387F91DE2')
INTO :CYPHERED-TEXT
FROM SYSIBM.SYSDUMMY1
END-EXEC.
But none of these approaches returned the result I expected. The result I'm expecting is the same obtained from testing in this website: http://tripledes.online-domain-tools.com/ , with the following data:

Input type: Text

Input Text: 0000000000000000 (HEX)

Function: 3DES

Mode: CBC

Key: 2DF65FD88EA9E17E3C66950387F91DE2 (HEX)

Init Vector: 00 00 00 00 00 00 00 00

Encrypt!

Encrypted Text (result): 87 30 e1 ef 98 3d f2 b4 (HEX) | . 0 á ï = ò ´ (STRING)

My question is: how can I obtain the result above in a Cobol program, using any of the tools provided by IBM?

Thank you!