Reputation: 357
I have a few methods to encrypt and decrypt files. as far as I know, my encrypt function does its job great, while decrypt usually throws an InvalidKeyException
, particularly on the Cipher.getInstance("AES");
bit. I have switch this around from RSA to "RSA/CBC/PKCS5Padding"
but nothing has worked so far.
Main function:
static String inFile = "";
static String outFile = "";
static String hexKey="";
static String keyStore;
static String keyName;
public static void main(String[] args) {
if (args.length==5 && args[0].equals("-encRSA") ) {
keyStore = args[1];
keyName = args[2];
inFile = args[3];
outFile = args[4];
encryptRSA();
} else if (args.length==5 && args[0].equals("-decRSA") ) {
keyStore = args[1];
keyName = args[2];
inFile = args[3];
outFile = args[4];
decryptRSA();
} else {
System.out.println("This is a simple program to encrypt and decrypt files");
System.out.println("Usage: ");
System.out.println(" -encRSA <keyStore> <keyName> <inputFile> <outputFile> RSA encrypt");
System.out.println(" -decRSA <keyStore> <keyName> <inputFile> <outputFile> RSA decrypt");
}
Encrypt function
private static void encryptRSA() {
try {
//Get the public key from the keyStore and set up the Cipher object
PublicKey publicKey = getPubKey(keyStore,keyName);
Cipher rsaCipher = Cipher.getInstance("RSA");
rsaCipher.init(Cipher.ENCRYPT_MODE, publicKey);
//Read the plainText
System.out.println("Loading plaintext file: "+inFile);
RandomAccessFile rawDataFromFile = new RandomAccessFile(inFile, "r");
byte[] plainText = new byte[(int)rawDataFromFile.length()];
rawDataFromFile.read(plainText);
// Generate a symmetric key to encrypt the data and initiate the AES Cipher Object
System.out.println("Generating AES key");
KeyGenerator sKenGen = KeyGenerator.getInstance("AES"); //ECB is fine here
Key aesKey = sKenGen.generateKey();
Cipher aesCipher = Cipher.getInstance("AES");
aesCipher.init(Cipher.ENCRYPT_MODE, aesKey);
// Encrypt the symmetric AES key with the public RSA key
System.out.println("Encrypting Data");
byte[] encodedKey = rsaCipher.doFinal(aesKey.getEncoded());
// Encrypt the plaintext with the AES key
byte[] cipherText = aesCipher.doFinal(plainText);
//Write the encrypted AES key and Ciphertext to the file.
System.out.println("Writting to file: "+outFile);
FileOutputStream outToFile = new FileOutputStream(outFile);
outToFile.write(encodedKey);
outToFile.write(cipherText);
System.out.println("Closing Files");
rawDataFromFile.close();
outToFile.close();
}
catch (Exception e) {
System.out.println("Doh: "+e);
}
}
Decrypt function (so far):
private static void decryptRSA()
{
FileInputStream cipherfile;
try {
cipherfile = new FileInputStream(inFile);
byte[] ciphertext = new byte[cipherfile.available()];
PrivateKey privatekey = getKeyPair().getPrivate();
/* Create cipher for decryption. */
Cipher decrypt_cipher = Cipher.getInstance("AES");
decrypt_cipher.init(Cipher.DECRYPT_MODE, privatekey);
/* Reconstruct the plaintext message. */
byte[] plaintext = decrypt_cipher.doFinal(ciphertext);
FileOutputStream plainfile = new FileOutputStream(outFile);
plainfile.write(plaintext);
plainfile.close();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
private static KeyPair getKeyPair() throws Exception
{
KeyPair keypair = null;
FileInputStream is = new FileInputStream(keyStore);
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(is, password.toCharArray());
Key key = keystore.getKey(keyName, password.toCharArray());
if (key instanceof PrivateKey) {
Certificate cert = keystore.getCertificate(keyName);
PublicKey publicKey = cert.getPublicKey();
keypair = new KeyPair(publicKey, (PrivateKey) key);
}
return keypair;
}
Upvotes: 0
Views: 598
Reputation: 94058
You need to reverse the encryption process to code the decryption process. Currently you are encrypting an AES key using RSA and then encrypting the plaintext to ciphertext using AES.
In the decryption process you only try and decrypt the ciphertext using AES. You should first extract the encrypted AES key, decrypt that and then decrypt the (rest of the) ciphertext using AES to retrieve the plaintext.
Upvotes: 1