• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

Decryption using private key from jks file

 
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am trying to decrypt a key using the private key in my keystore jks file. I wrote the code but nothing is happening and I am not sure what is wrong. Nothing is printing and I am also not getting any errors




Everything is working correctly except for the decryption at the end.
 
author
Posts: 23958
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
First, your encrypt() method did an object serialization as its first step, and a base64 encoding as its last step. You need to decode that back to cipher text before you run decryption, and you need to reserialize it back to an object after you run decryption, in your decrypt() method.... and ... BTW, what was the purpose of the object serialization in the first place?

And second, where and when do you actually call the decrypt() method?

Henry
 
Jerry Girgich
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Henry Wong wrote:First, your encrypt() method did an object serialization as its first step, and a base64 encoding as its last step. You need to decode that back to cipher text before you run decryption, and you need to reserialize it back to an object after you run decryption, in your decrypt() method.... and ... BTW, what was the purpose of the object serialization in the first place?


Henry




I thought  that was the only way to encrypt the key. How would I do it without the serialization?

I just added the call to the decrypt method and it still in not working. How would I either decode the encoding back to cipher text or how would I encrypt without object serilization?
 
Jerry Girgich
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Instead of the decrypt method, what if I do this instead?




I can get the private key and then use that to decrypt. Only problem is that it again is not doing anything and I don't know why?


[HENRY: Password information deleted on request]
 
Henry Wong
author
Posts: 23958
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Jerry Girgich wrote:Instead of the decrypt method, what if I do this instead?

I can get the private key and then use that to decrypt. Only problem is that it again is not doing anything and I don't know why?



Hmmm.... I appreciate how you did the coding for encryption. Basically, and I am speculating, you probably did a lot of research; found about a few dozen different ways to do the encryption; and while each solution had slightly different inputs and outputs, the basic premise of all of them was that encryption happened, and hence, all the dozen solutions that you found were equally valid (even though the outputs were different).  It is just a matter of picking the encryption code that you liked best.

... unfortunately, you don't get the luxury of doing this for decryption....

With decryption, you have to undo what you did for encryption. This means that you must use the same encoding, encryption algorithm, encryption keys (or in the case of asymmetric encryption, the other key in the pair), and also, the same serialization (since you used it). And in the exact opposite order. The decryption is the *exact* undoing of what you did for encryption.

No choosing of the best decryption code that you like best. The decryption code is determined from your encryption code. So, what do I recommend?

I recommend that you go back to the encryption code -- and try to understand everything about it. What serialization that you used? What encoding? What encryption algorithm? etc. etc.... and .... how to undo everything that is done. Once you understand all of that, then I recommend you take the encryption code, and use the exact opposite order, to code the tasks to undo the encryption.

Hope this helps,
Henry
 
Jerry Girgich
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Okay thank you for that Henry, I will go back and try to understand it more. For the latter code that I posted with getting the private key, would that be the correct way to extract the private key from the keystore? Because that is not working, once I am able to get the private key I should be able to decrypt after understanding my encryption.
 
Bartender
Posts: 15737
368
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
There's no real point in putting a password on your key store if you're going to hard-code the password like that. You might as well hardcode the private exponent of your private key.

Regardless, after you've retrieved your private key, you must use it to unwrap your secret key, and use that for decryption.

Just a friendly reminder that the only scenario in which this makes sense is when you have multiple messages to encrypt/decrypt, and if so, YOU REALLY NEED TO USE A PROPER BLOCK CIPHER MODE. Your current encryption step is NOT SECURE.
 
Henry Wong
author
Posts: 23958
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Stephan van Hulst wrote:
Regardless, after you've retrieved your private key, you must use it to unwrap your secret key, and use that for decryption.



And as already mentioned, the "decryption" must undo what was done during "encryption" -- so, since the encryption did an object serialization and base64 encoding, the decryption must also do a base64 decoding and an object deserialization.

It might be a good idea to deal with that first, than to try to figure out why the private key is/isn't correct.

Henry
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic