I have to provide data available in an object storage encrypted by a Java application in a php site.
First of all I get the encrypted data using rclone.
It's an easy tick with the sell command
rclone cat "xda:pre-xda-data/001136/00004578..zip"
when rclone is properly configured.
Now the second step: decrypt the data. I was unable to use openssl: the password is encrypted in a completely different way.
At this point I wrote a small java program that received encrypted data from stdin and writes decrypted data to stdout.
import java.io.InputStream;
import java.io.IOException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.Charset;
import java.lang.IllegalArgumentException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.NoSuchPaddingException;
import java.security.InvalidKeyException;
class Decode {
public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchPaddingException,InvalidKeyException,IOException {
if (args.length != 1) {
throw new IllegalArgumentException("Missing password");
}
String storageAesKey = args[0];
byte[] raw = storageAesKey.getBytes(Charset.forName("UTF-8"));
if (raw.length != 16) {
throw new IllegalArgumentException("Invalid key size.");
}
SecretKeySpec key = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, key);
InputStream input = new CipherInputStream(System.in,cipher);
input.transferTo(System.out);
input.close();
}
}
At this point I can concatenate this two commands
rclone cat "xda:pre-xda-data/001136/00004578..zip" | java -cp /opt/javadecript Decode "password"
and execute the php passthru
command
passthru ('rclone cat "xda:pre-xda-data/001136/00004578..zip" | java -cp /opt/javadecript Decode "password"');
Someone has a better idea?
Top comments (1)
Hello Claudio.
How are you.
Do you know of a library or a module which allows to encrypt data in php with a public key and to decrypt with javascript (angular) with a private key.
I am currently using openssl_public_encrypt and jsencrypt but there is a problem sometimes. The decryption sometimes returns null.