Mocking is an essential part of unit testing, and the Mockito library makes it easy to write clean and intuitive unit tests for your Java code.
Get started with mocking and improve your application tests using our Mockito guide:
Handling concurrency in an application can be a tricky process with many potential pitfalls. A solid grasp of the fundamentals will go a long way to help minimize these issues.
Get started with understanding multi-threaded applications with our Java Concurrency guide:
Spring 5 added support for reactive programming with the Spring WebFlux module, which has been improved upon ever since. Get started with the Reactor project basics and reactive programming in Spring Boot:
Since its introduction in Java 8, the Stream API has become a staple of Java development. The basic operations like iterating, filtering, mapping sequences of elements are deceptively simple to use.
But these can also be overused and fall into some common pitfalls.
To get a better understanding on how Streams work and how to combine them with other language features, check out our guide to Java Streams:
Explore Spring Boot 3 and Spring 6 in-depth through building a full REST API with the framework:
Yes, Spring Security can be complex, from the more advanced functionality within the Core to the deep OAuth support in the framework.
I built the security material as two full courses - Core and OAuth, to get practical with these more complex scenarios. We explore when and how to use each feature and code through it on the backing project.
You can explore the course here:
Spring Data JPA is a great way to handle the complexity of JPA with the powerful simplicity of Spring Boot.
Get started with Spring Data JPA through the guided reference course:
Refactor Java code safely — and automatically — with OpenRewrite.
Refactoring big codebases by hand is slow, risky, and easy to put off. That’s where OpenRewrite comes in. The open-source framework for large-scale, automated code transformations helps teams modernize safely and consistently.
Each month, the creators and maintainers of OpenRewrite at Moderne run live, hands-on training sessions — one for newcomers and one for experienced users. You’ll see how recipes work, how to apply them across projects, and how to modernize code with confidence.
Join the next session, bring your questions, and learn how to automate the kind of work that usually eats your sprint time.
1. Introduction
3DES or Triple Data Encryption Algorithm is a symmetric-key block cipher that applies the DES cipher algorithm three times to each data block.
In this tutorial, we’ll learn how to create 3DES keys and use them for encrypting and decrypting Strings and files in Java.
2. Generating Secret Key
Generating a 3DES secret key requires a couple of steps. First, we’ll need to generate a secret key that will be used for the encryption-decryption process. In our case, we’ll use a 24-byte key constructed from random numbers and letters:
byte[] secretKey = "9mng65v8jf4lxn93nabf981m".getBytes();Note that a secret key shouldn’t be shared publicly.
Now, we’ll wrap our key in the SecretKeySpec combining it with a chosen algorithm:
SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey, "TripleDES");In our case, we’re using TripleDES, which is one of the Java Security Standard Algorithms.
Another item we should generate in advance is the Initialization Vector for our key. We’ll use an 8-byte array of random numbers and letters:
byte[] iv = "a76nb5h9".getBytes();And then, we’ll wrap it in the IvParameterSpec class:
IvParameterSpec ivSpec = new IvParameterSpec(iv);3. Encrypting Strings
We’re now ready to encrypt simple String values. Let’s first define a String that we’ll work with:
String secretMessage = "Baeldung secret message";Next, we’ll need a Cipher object initialized with the encryption mode, secret key, and the initialization vector that we generated previously:
Cipher encryptCipher = Cipher.getInstance("TripleDES/CBC/PKCS5Padding");
encryptCipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivSpec);Note that we’re using the TripleDES algorithm with a CBC and a PKCS#5 padding scheme.
With the Cipher, we can run the doFinal method to encrypt our message. Note that it only works with a byte array, so we need to transform our String first:
byte[] secretMessagesBytes = secretMessage.getBytes(StandardCharsets.UTF_8);
byte[] encryptedMessageBytes = encryptCipher.doFinal(secretMessagesBytes);Now, our message is successfully encrypted. If we’d like to store it in a database or send it via a REST API, it would be more convenient to encode it with the Base64 alphabet:
String encodedMessage = Base64.getEncoder().encodeToString(encryptedMessageBytes);Base64 encoding makes the message more readable and easier to work with.
4. Decrypting Strings
Now, let’s see how we can reverse the encryption process and decrypt the message to its original form. For this, we’ll need a new Cipher instance, but this time, we’ll initialize it in decryption mode:
Cipher decryptCipher = Cipher.getInstance("TripleDES/CBC/PKCS5Padding");
decryptCipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);Next, we’ll run the doFinal method:
byte[] decryptedMessageBytes = decryptCipher.doFinal(encryptedMessageBytes);Now, we’ll decode the result to a String variable:
String decryptedMessage = new String(decryptedMessageBytes, StandardCharsets.UTF_8);Finally, we can verify the results to make sure the decryption process performed correctly by comparing it to the initial value:
Assertions.assertEquals(secretMessage, decryptedMessage);5. Working with Files
We can encrypt whole files as well. As an example, let’s create a temp file with some text content:
String originalContent = "Secret Baeldung message";
Path tempFile = Files.createTempFile("temp", "txt");
writeString(tempFile, originalContent);Next, let’s transform its content into a single byte array:
byte[] fileBytes = Files.readAllBytes(tempFile);Now, we can use the encryption cipher the same way we did with a String:
Cipher encryptCipher = Cipher.getInstance("TripleDES/CBC/PKCS5Padding");
encryptCipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivSpec);
byte[] encryptedFileBytes = encryptCipher.doFinal(fileBytes);Finally, let’s overwrite the file content with new, encrypted data:
try (FileOutputStream stream = new FileOutputStream(tempFile.toFile())) {
stream.write(encryptedFileBytes);
}The decryption process looks very similar. The only difference is a cipher initialized in decryption mode:
encryptedFileBytes = Files.readAllBytes(tempFile);
Cipher decryptCipher = Cipher.getInstance("TripleDES/CBC/PKCS5Padding");
decryptCipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);
byte[] decryptedFileBytes = decryptCipher.doFinal(encryptedFileBytes);Once again, let’s overwrite the file content – this time, with the decrypted data:
try (FileOutputStream stream = new FileOutputStream(tempFile.toFile())) {
stream.write(decryptedFileBytes);
}As the last step, we can verify if the file content matches the original value:
String fileContent = readString(tempFile);
Assertions.assertEquals(originalContent, fileContent);6. Summary
In this article, we’ve learned how to create a 3DES key in Java and how to use it to encrypt and decrypt Strings and files.
