DEV Community

Claudio Fior
Claudio Fior

Posted on

Decode data encrypted in Java in shell

I have to provide data available in an object storage encrypted by a Java application in a php site.

First of all I get the encrypted data using rclone.

It's an easy tick with the sell command

rclone cat "xda:pre-xda-data/001136/00004578..zip"
Enter fullscreen mode Exit fullscreen mode

when rclone is properly configured.

Now the second step: decrypt the data. I was unable to use openssl: the password is encrypted in a completely different way.

At this point I wrote a small java program that received encrypted data from stdin and writes decrypted data to stdout.

import java.io.InputStream;
import java.io.IOException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.Charset;
import java.lang.IllegalArgumentException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.NoSuchPaddingException;
import java.security.InvalidKeyException;

class Decode {
    public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchPaddingException,InvalidKeyException,IOException {
        if (args.length != 1) {
            throw new IllegalArgumentException("Missing password");
        }
        String storageAesKey = args[0];
        byte[] raw = storageAesKey.getBytes(Charset.forName("UTF-8"));
        if (raw.length != 16) {
            throw new IllegalArgumentException("Invalid key size.");
        }
        SecretKeySpec key = new SecretKeySpec(raw, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.DECRYPT_MODE, key);
        InputStream input = new CipherInputStream(System.in,cipher);
        input.transferTo(System.out);
        input.close();
    }
}
Enter fullscreen mode Exit fullscreen mode

At this point I can concatenate this two commands

rclone cat "xda:pre-xda-data/001136/00004578..zip" | java -cp /opt/javadecript Decode "password"
Enter fullscreen mode Exit fullscreen mode

and execute the php passthru command

passthru ('rclone cat "xda:pre-xda-data/001136/00004578..zip" | java -cp /opt/javadecript Decode "password"');
Enter fullscreen mode Exit fullscreen mode

Someone has a better idea?

Top comments (1)

Collapse
 
thiemaaliou profile image
Alioun Thiema

Hello Claudio.

How are you.

Do you know of a library or a module which allows to encrypt data in php with a public key and to decrypt with javascript (angular) with a private key.
I am currently using openssl_public_encrypt and jsencrypt but there is a problem sometimes. The decryption sometimes returns null.