DEV Community

Claudio Fior
Claudio Fior

Posted on

2 2

Decode data encrypted in Java in shell

#java #aes #crypto

I have to provide data available in an object storage encrypted by a Java application in a php site.

First of all I get the encrypted data using rclone.

It's an easy tick with the sell command

rclone cat "xda:pre-xda-data/001136/00004578..zip"
Enter fullscreen mode Exit fullscreen mode

when rclone is properly configured.

Now the second step: decrypt the data. I was unable to use openssl: the password is encrypted in a completely different way.

At this point I wrote a small java program that received encrypted data from stdin and writes decrypted data to stdout.

import java.io.InputStream;
import java.io.IOException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.Charset;
import java.lang.IllegalArgumentException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.NoSuchPaddingException;
import java.security.InvalidKeyException;

class Decode {
    public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchPaddingException,InvalidKeyException,IOException {
        if (args.length != 1) {
            throw new IllegalArgumentException("Missing password");
        }
        String storageAesKey = args[0];
        byte[] raw = storageAesKey.getBytes(Charset.forName("UTF-8"));
        if (raw.length != 16) {
            throw new IllegalArgumentException("Invalid key size.");
        }
        SecretKeySpec key = new SecretKeySpec(raw, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.DECRYPT_MODE, key);
        InputStream input = new CipherInputStream(System.in,cipher);
        input.transferTo(System.out);
        input.close();
    }
}
Enter fullscreen mode Exit fullscreen mode

At this point I can concatenate this two commands

rclone cat "xda:pre-xda-data/001136/00004578..zip" | java -cp /opt/javadecript Decode "password"
Enter fullscreen mode Exit fullscreen mode

and execute the php passthru command

passthru ('rclone cat "xda:pre-xda-data/001136/00004578..zip" | java -cp /opt/javadecript Decode "password"');
Enter fullscreen mode Exit fullscreen mode

Someone has a better idea?

profile
Sentry
 Promoted

Sentry image

Hands-on debugging session: instrument, monitor, and fix

Join Lazar for a hands-on session where you’ll build it, break it, debug it, and fix it. You’ll set up Sentry, track errors, use Session Replay and Tracing, and leverage some good ol’ AI to find and fix issues fast.

RSVP here →

Top comments (1)

Collapse
 
thiemaaliou profile image
Alioun Thiema

Hello Claudio.

How are you.

Do you know of a library or a module which allows to encrypt data in php with a public key and to decrypt with javascript (angular) with a private key.
I am currently using openssl_public_encrypt and jsencrypt but there is a problem sometimes. The decryption sometimes returns null.

profile
Neon
 Promoted

Billboard image

Create up to 10 Postgres Databases on Neon's free plan.

If you're starting a new project, Neon has got your databases covered. No credit cards. No trials. No getting in your way.

Try Neon for Free →

Read next

viksingh profile image

Java Performance Monitoring: How to & Best Tools to Use

Vikas Singh -

ayshriv profile image

Service Registry: Mastering Spring Boot Service Discovery and Registration using Netflix Eureka

Ayush Shrivastava -

kailashnirmal profile image

Understanding BCrypt: The Secure Way to Hash Passwords

Kailash Nirmal -

devnenyasha profile image

Understanding Java Multithreading: Part 1

Melody Mbewe -