S
Susanne Kaufmann
Hello, I generated a RSA-keypair. Each key has been base64-encoded, so
I can save it easily as string into a database (and/or file).
When I am now encrypting a file, I use AES, and after that I wrap the
AES-key with the RSA publickey. The wrapped-Key gets base64-encoded,
too.
My problem is, that I cannot get key back (I think). The error message
I get is "java.security.InvalidKeyException: unknown block type". I
looked for it, and I found some information, that this is a hint to a
wrong key.
One thing I figured out is, that the size of my unwrapped key is too
big (a bytes/bit msitake? ).
Here is my code:
Key-Generation extract:
File publicKeyFile = new File(args[1]);
File privateKeyFile = new File(args[2]);
KeyPairGenerator pairgen = KeyPairGenerator.getInstance("RSA", "BC");
SecureRandom random = new SecureRandom();
pairgen.initialize(KEYSIZE, random);
KeyPair keyPair = pairgen.generateKeyPair();
Base64 b64 = new Base64();
String keyPub = new
String(b64.encode(keyPair.getPublic().getEncoded()),"ASCII");
String keyPri = new
String(b64.encode(keyPair.getPrivate().getEncoded()),"ASCII");
File-encryption:
public String encrypt(FileInputStream fis, FileOutputStream fos, int
contactID)
{
Key publicKey =null;
SecretKey innerKey = null;
String keyForDB ="";
try
{
KeyGenerator keygen = KeyGenerator.getInstance("AES");
SecureRandom random = new SecureRandom();
keygen.init(128, random);
innerKey = keygen.generateKey();
// get recipients publicKey from database
String keyBlob = db.getPublicKey(contactID);
byte[] publicBytes = b64.decode(keyBlob.getBytes());
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicBytes);
try{
KeyFactory keyFactory = KeyFactory.getInstance("RSA","BC");
publicKey = (Key)keyFactory.generatePublic(keySpec);
}
catch(NoSuchAlgorithmException e){}
catch(InvalidKeySpecException e){
e.printStackTrace();
}
Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING","BC");
cipher.init(Cipher.WRAP_MODE, publicKey);
byte[] wrappedKey = cipher.wrap(innerKey);
keyForDB = new String(b64.encode(wrappedKey),"ASCII");
DataOutputStream out = new DataOutputStream(fos);
InputStream in = fis;
cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","BC");
cipher.init(Cipher.ENCRYPT_MODE, innerKey);
crypt(in, out, cipher);
in.close();
out.close();
}
catch (IOException e)
{
e.printStackTrace();
}
catch (GeneralSecurityException e)
{
e.printStackTrace();
}
return keyForDB;
}
File Decryption:
public void decrypt(File file, FileOutputStream fos, String
wrappedKey)
{
try
{
byte[] wrappedKeyBytes = b64.decode(wrappedKey.getBytes());
DataInputStream in = new DataInputStream(new
FileInputStream(file));
String keyString = readFileAsString("keys/privatekey");
byte[] privateKeyBytes = b64.decode(new
String(keyString).getBytes());
PKCS8EncodedKeySpec encKeySpec = new
PKCS8EncodedKeySpec(privateKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC");
Key privateKey = keyFactory.generatePrivate(encKeySpec);
Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING",
"BC");
cipher.init(Cipher.UNWRAP_MODE, privateKey);
SecretKey key = (SecretKey)cipher.unwrap(wrappedKeyBytes, "AES",
Cipher.SECRET_KEY);
OutputStream out = fos;
cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, key);
crypt(in, out, cipher);
in.close();
out.close();
}
catch (IOException e)
{
e.printStackTrace();
}
catch (GeneralSecurityException e)
{
e.printStackTrace();
}
}
Thank you for any help,
Susanne
I can save it easily as string into a database (and/or file).
When I am now encrypting a file, I use AES, and after that I wrap the
AES-key with the RSA publickey. The wrapped-Key gets base64-encoded,
too.
My problem is, that I cannot get key back (I think). The error message
I get is "java.security.InvalidKeyException: unknown block type". I
looked for it, and I found some information, that this is a hint to a
wrong key.
One thing I figured out is, that the size of my unwrapped key is too
big (a bytes/bit msitake? ).
Here is my code:
Key-Generation extract:
File publicKeyFile = new File(args[1]);
File privateKeyFile = new File(args[2]);
KeyPairGenerator pairgen = KeyPairGenerator.getInstance("RSA", "BC");
SecureRandom random = new SecureRandom();
pairgen.initialize(KEYSIZE, random);
KeyPair keyPair = pairgen.generateKeyPair();
Base64 b64 = new Base64();
String keyPub = new
String(b64.encode(keyPair.getPublic().getEncoded()),"ASCII");
String keyPri = new
String(b64.encode(keyPair.getPrivate().getEncoded()),"ASCII");
File-encryption:
public String encrypt(FileInputStream fis, FileOutputStream fos, int
contactID)
{
Key publicKey =null;
SecretKey innerKey = null;
String keyForDB ="";
try
{
KeyGenerator keygen = KeyGenerator.getInstance("AES");
SecureRandom random = new SecureRandom();
keygen.init(128, random);
innerKey = keygen.generateKey();
// get recipients publicKey from database
String keyBlob = db.getPublicKey(contactID);
byte[] publicBytes = b64.decode(keyBlob.getBytes());
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicBytes);
try{
KeyFactory keyFactory = KeyFactory.getInstance("RSA","BC");
publicKey = (Key)keyFactory.generatePublic(keySpec);
}
catch(NoSuchAlgorithmException e){}
catch(InvalidKeySpecException e){
e.printStackTrace();
}
Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING","BC");
cipher.init(Cipher.WRAP_MODE, publicKey);
byte[] wrappedKey = cipher.wrap(innerKey);
keyForDB = new String(b64.encode(wrappedKey),"ASCII");
DataOutputStream out = new DataOutputStream(fos);
InputStream in = fis;
cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","BC");
cipher.init(Cipher.ENCRYPT_MODE, innerKey);
crypt(in, out, cipher);
in.close();
out.close();
}
catch (IOException e)
{
e.printStackTrace();
}
catch (GeneralSecurityException e)
{
e.printStackTrace();
}
return keyForDB;
}
File Decryption:
public void decrypt(File file, FileOutputStream fos, String
wrappedKey)
{
try
{
byte[] wrappedKeyBytes = b64.decode(wrappedKey.getBytes());
DataInputStream in = new DataInputStream(new
FileInputStream(file));
String keyString = readFileAsString("keys/privatekey");
byte[] privateKeyBytes = b64.decode(new
String(keyString).getBytes());
PKCS8EncodedKeySpec encKeySpec = new
PKCS8EncodedKeySpec(privateKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC");
Key privateKey = keyFactory.generatePrivate(encKeySpec);
Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING",
"BC");
cipher.init(Cipher.UNWRAP_MODE, privateKey);
SecretKey key = (SecretKey)cipher.unwrap(wrappedKeyBytes, "AES",
Cipher.SECRET_KEY);
OutputStream out = fos;
cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, key);
crypt(in, out, cipher);
in.close();
out.close();
}
catch (IOException e)
{
e.printStackTrace();
}
catch (GeneralSecurityException e)
{
e.printStackTrace();
}
}
Thank you for any help,
Susanne