Encrypting Certificate
https://stackoverflow.com/questions/10498968
-
06-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am getting issue on Microsoft internet explorer certificate while encrypt with private key and decrypt with public key having issue
1) Encrypt working file
public String encryption(String inputData, String key, String certificate) // Certificate is nothing but aliase name
{
String encriptData = null;
String verify = checkForCertificateConfig();
if (!verify.equals("OK")) {
return verify;
}
System.out.println("ENCRYPTION INPUTDATA : " + inputData);
System.out.println("ENCRYPTION KEY : " + key);
System.out.println("ENCRYPTION CERTIFICATE : " + certificate);
try {
if (key.equalsIgnoreCase("Private")) {
// System.out.println("ENCRYPTION WITH PRIVATE KEY");
PrivateKey privateKey = (PrivateKey) keyStore.getKey(
certificate, null);
encriptData = encryptString(inputData, privateKey);
} else {
// System.out.println("ENCRYPTION WITH PUBLIC KEY");
encriptData = encryptString(inputData,
keyStore.getCertificate(certificate).getPublicKey());
}
} catch (NoSuchPaddingException ex) {
encriptData = ex.getMessage();
ex.printStackTrace();
} catch (IllegalBlockSizeException ex) {
encriptData = ex.getMessage();
ex.printStackTrace();
} catch (NoSuchAlgorithmException ex) {
encriptData = ex.getMessage();
ex.printStackTrace();
} catch (UnrecoverableKeyException ex) {
encriptData = ex.getMessage();
ex.printStackTrace();
} catch (InvalidKeyException ex) {
encriptData = ex.getMessage();
ex.printStackTrace();
} catch (KeyStoreException ex) {
encriptData = ex.getMessage();
ex.printStackTrace();
} catch (BadPaddingException ex) {
encriptData = ex.getMessage();
ex.printStackTrace();
} catch (Exception ex) {
encriptData = ex.getMessage();
ex.printStackTrace();
}
return encriptData;
}
private String encryptString(String encStr, PrivateKey key)
throws NoSuchAlgorithmException, NoSuchPaddingException,
InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
String encoutStr = null;
/**
* first check key generation algorithm and initialize Cipher object
* according algorithm
*/
if (key.getAlgorithm().equalsIgnoreCase("RSA")) {
edCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
} else if (key.getAlgorithm().equalsIgnoreCase("DSA")) {
edCipher = Cipher.getInstance("DSA/ECB/PKCS1Padding");
}
/**
* Initialize Cipher Object with Private key and mode of Encryption
*/
edCipher.init(Cipher.ENCRYPT_MODE, key);
byte[] buff = encStr.getBytes();
/**
* Encrypt the String and get binary data
*/
byte[] encryptedDataStringBytes = edCipher.doFinal(buff);
/**
* Encode the binary data into String formate
*/
encoutStr = this.bASE64Encoder.encode(encryptedDataStringBytes);
return encoutStr;
}
2) Decrypt Getting error like
public String decryption(String inputData, String key, String certificate) {
String decriptData = null;
String verify = checkForCertificateConfig();
if (!verify.equals("OK")) {
return verify;
}
System.out.println("DECRYPTION INPUTDATA : " + inputData);
System.out.println("DECRYPTION KEY : " + key);
System.out.println("DECRYPTION CERTIFICATE : " + certificate);
try {
if (key.equalsIgnoreCase("Private")) {
// System.out.println("DECRYPTION WITH PRIVATE KEY");
PrivateKey privateKey = (PrivateKey) keyStore.getKey(
certificate, null);
decriptData = decryptString(inputData, privateKey);
} else {
// System.out.println("DECRYPTION WITH PUBLIC KEY");
decriptData = decryptString(inputData,
keyStore.getCertificate(certificate).getPublicKey());
}
} catch (NoSuchPaddingException ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
} catch (IllegalBlockSizeException ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
} catch (NoSuchAlgorithmException ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
} catch (UnrecoverableKeyException ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
} catch (InvalidKeyException ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
} catch (KeyStoreException ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
} catch (BadPaddingException ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
} catch (IOException ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
} catch (Exception ex) {
decriptData = ex.getMessage();
ex.printStackTrace();
}
return decriptData;
}
private String decryptString(String dncStr, PrivateKey key)
throws NoSuchAlgorithmException, NoSuchPaddingException,
InvalidKeyException, IOException, IllegalBlockSizeException,
BadPaddingException {
String decStr = null;
/**
* first check key generation algorithm and initialize Cipher object
* according algorithm
*/
if (key.getAlgorithm().equalsIgnoreCase("RSA")) {
edCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
} else if (key.getAlgorithm().equalsIgnoreCase("DSA")) {
edCipher = Cipher.getInstance("DSA/ECB/PKCS1Padding");
}
/**
* Initialize Cipher Object with Private key and mode of Decryption
*/
edCipher.init(Cipher.DECRYPT_MODE, key);
/**
* Decode the encrypted String convert into binary formate
*/
byte[] encryptedDataStringBytes = this.bASE64Decoder
.decodeBuffer(dncStr);
/**
* Decrypt the binary data and get Original encrypted String.
*/
decStr = new String(edCipher.doFinal(encryptedDataStringBytes));
return decStr;
}
Error like...
javax.crypto.BadPaddingException: Blocktype mismatch: 0
at sun.security.rsa.RSAPadding.unpadV15(Unknown Source)
at sun.security.rsa.RSAPadding.unpad(Unknown Source)
at com.sun.crypto.provider.RSACipher.a(DashoA13*..)
at com.sun.crypto.provider.RSACipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at eTokenApplet.decryptString(eTokenApplet.java:1255)
at eTokenApplet.decryption(eTokenApplet.java:1099)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSInvoke.invoke(Unknown Source)
at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Solution
For variable length messages, most encryption/decryption algorithms have a required block size. If the data doesn't fill the block properly - bad things happen - so you need to pad the data
More info about padding at http://www.di-mgt.com.au/cryptopad.html
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
