9

i want to encrypt a password with a key from server and decrypt the encrypted password in serverside. this is the code i have used in my application

/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
package publicprivatekey;

import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import javax.crypto.*;

/**
 *
 * @author Rajorshi
 */
public class PublicPrivateKey {

    public static String getEncrypted(String data, String Key) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, BadPaddingException {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(Key.getBytes())));
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        byte[] encryptedbytes = cipher.doFinal(data.getBytes());
        return new String(Base64.getEncoder().encode(encryptedbytes));
    }

    public static String getDecrypted(String data, String Key) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        PrivateKey pk = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(Key.getBytes())));
        cipher.init(Cipher.DECRYPT_MODE, pk);
        byte[] encryptedbytes = cipher.doFinal(Base64.getDecoder().decode(data.getBytes()));
        return new String(encryptedbytes);
    }

    public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        // TODO code application logic here
        KeyGenerator keyGenerator = KeyGenerator.getInstance("Blowfish");
        keyGenerator.init(448);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(1024);
        KeyPair keyPair = keyPairGenerator.genKeyPair();

        String pubKey = new String(Base64.getEncoder().encode(keyPair.getPublic().getEncoded()));
        String priKey = new String(Base64.getEncoder().encode(keyPair.getPrivate().getEncoded()));
        System.out.println("Public Key:" + pubKey);
        System.out.println("Private Key:" + priKey);
        String cipherText = getEncrypted("hi this is a string", pubKey);

        System.out.println("CHIPHER:" + cipherText);
        String decryptedText = getDecrypted(cipherText, priKey);
        System.out.println("DECRYPTED STRING:" + decryptedText);

    }

}

i want to encrypt a password with a key from server and decrypt the encrypted password in serverside. this is the code i have used in my application.

user207421
  • 305,947
  • 44
  • 307
  • 483
Rajorshi Biswas
  • 107
  • 1
  • 1
  • 2
  • 1
    Welcome to SO. Please read: [ask] – Fildor Aug 10 '15 at 09:12
  • 4
    What's the problem exactly? – Artjom B. Aug 10 '15 at 09:24
  • 3
    You don't state what your problem is exactly, but you shouldn't be encrypting passwords at a all. See the [tag:password-encryption] tag wiki for why. – user207421 Aug 10 '15 at 09:58
  • You shouldn't do public and private key on plain text, for that we have symmetric key cryptography. Asymmetric key cryptography is used to transfer `symmetric key` secretly. – Milan Sep 29 '20 at 12:01
  • I have some [examples](https://gusto77.wordpress.com/2017/10/30/encryption-reference-project/) at hand. However if you are looking for encryption in transit (safe way to pass somethings over the network), usually the best answer is using https. – gusto2 Dec 15 '21 at 06:41

2 Answers2

30

If you are looking for a java program to encrypt data with public key and decrypt it with private key then here is the code (using RSA algorithm),

import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;

/**
 * @author visruthcv
 *
 */
public class CryptographyUtil {

    private static final String ALGORITHM = "RSA";

    public static byte[] encrypt(byte[] publicKey, byte[] inputData)
            throws Exception {

        PublicKey key = KeyFactory.getInstance(ALGORITHM)
                .generatePublic(new X509EncodedKeySpec(publicKey));

        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, key);

        byte[] encryptedBytes = cipher.doFinal(inputData);

        return encryptedBytes;
    }

    public static byte[] decrypt(byte[] privateKey, byte[] inputData)
            throws Exception {

        PrivateKey key = KeyFactory.getInstance(ALGORITHM)
                .generatePrivate(new PKCS8EncodedKeySpec(privateKey));

        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.DECRYPT_MODE, key);

        byte[] decryptedBytes = cipher.doFinal(inputData);

        return decryptedBytes;
    }

    public static KeyPair generateKeyPair()
            throws NoSuchAlgorithmException, NoSuchProviderException {

        KeyPairGenerator keyGen = KeyPairGenerator.getInstance(ALGORITHM);

        SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");

        // 512 is keysize
        keyGen.initialize(512, random);

        KeyPair generateKeyPair = keyGen.generateKeyPair();
        return generateKeyPair;
    }

    public static void main(String[] args) throws Exception {

        KeyPair generateKeyPair = generateKeyPair();

        byte[] publicKey = generateKeyPair.getPublic().getEncoded();
        byte[] privateKey = generateKeyPair.getPrivate().getEncoded();

        byte[] encryptedData = encrypt(publicKey,
                "hi this is Visruth here".getBytes());

        byte[] decryptedData = decrypt(privateKey, encryptedData);

        System.out.println(new String(decryptedData));

    }

}
Visruth
  • 3,430
  • 35
  • 48
  • I don't think that the init function has the correct values. According to the Java API docs the first argument to the cipher.init() method should be one of: ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE or UNWRAP_MODE. – opeongo Oct 31 '18 at 19:35
  • @opeongo Value of `PUBLIC_KEY` and `ENCRYPT_MODE` is 1 and value of `PRIVATE_KEY` and `DECRYPT_MODE` is 2 so it will work as expected but I modified it with the most appropriate constant names. Thanks for notifying this. – Visruth Nov 01 '18 at 05:58
  • Can you suggest how can I generate public and private key like........... `-----BEGIN PGP PUBLIC KEY BLOCK----- mI0EXEMqFwEEANS1o8wI2kW1bIohbEyygDBkuP0hLo4EE98S2ZfMpM2Fs4m8sHkD =arHQ -----END PGP PUBLIC KEY BLOCK-----` – Prashant Jeet Singh Jan 19 '19 at 16:54
1

you can do with Scala or Spark + scala as:

object App {
  def main(args: Array[String]): Unit = {


    println("************hello*******************\n")


    val generator = KeyPairGenerator.getInstance("RSA")

    generator.initialize(2048)
    val pair = generator.generateKeyPair
    val privateKey = pair.getPrivate
    val publicKey = pair.getPublic
    //println("private key: ",privateKey)
    println("public Key: ", publicKey)

    //Convert the keys to string using encodeToString()
    val publicKeyString = getEncoder.encodeToString(publicKey.getEncoded());

    println("publicKeyString :", publicKeyString)

    val privateKeyString = getEncoder.encodeToString(privateKey.getEncoded());

    println("privateKeyString :", privateKeyString)

    val spark = SparkSession.builder()
      .master("local")
      .appName("rsa_test")
      .enableHiveSupport()
      .config("spark.sql.parquet.compression.codec", "snappy")
      .config("parquet.block.size", 268435456)
      .config("hive.exec.dynamic.partition.mode", "nonstrict")
      .getOrCreate()

    def RsaEncryption(inParm: String): Array[Byte] = {

      //Create a Cipher object.The Cipher will provide the functionality of a
      // cryptographic cipher for encryption and decryption.
      val encryptionCipher = Cipher.getInstance("RSA")
      //init() method initializes the cipher with a key for encryption, decryption, key wrapping,
      // or key unwrapping depending on the value of opmode
      encryptionCipher.init(Cipher.ENCRYPT_MODE, privateKey)
      //The doFinal() method performs the encryption operation depending on how the cipher was initialized
      // and resets once it finishes allowing encrypting more data.

      val encryptedMessage = encryptionCipher.doFinal(inParm.getBytes)

      return encryptedMessage
      //return encryption
    }

    def RsaDecryption(inParm: Array[Byte]): String = {
      val decryptionCipher = Cipher.getInstance("RSA")
      decryptionCipher.init(Cipher.DECRYPT_MODE, publicKey)
      val decryptedMessage = decryptionCipher.doFinal(inParm)
      val decryption = new String(decryptedMessage)
      return decryption
    }

    val secretMessage = "Test string for encryption"
    val encryptedMessage = RsaEncryption(secretMessage)
    println("encryptedMessage is :"+encryptedMessage)
    //The method returns an array of bites which is simply our message, and we can convert it to a string
    // and log it to the console to verify our text is similar to the decrypted text.

    System.out.println("Encrypted Message = " + getEncoder.encodeToString(RsaEncryption(secretMessage)))

    // register udf below
    val clearTxt = "It will be done through spark 2.12"
    spark.udf.register("rsa_encrypt", (clearTxt: String) => getEncoder.encodeToString(RsaEncryption(clearTxt)))
    val text = s"""select rsa_encrypt(\"$clearTxt\") as enc_string"""
    println(text)
    val df1 = spark.sql(text)
    val encString = df1.select(col("enc_string")).collectAsList().get(0)(0).toString().getBytes()
    //val encString1 = df1.withColumn("enc2",col("enc_string").cast(Array[Byte]()))

    println("Showing string : " + encString)
    println("Decoder call "+ getDecoder.decode(encString))
    val decodedString = getDecoder.decode(encString)

    def manOf[T: Manifest](t: T): Manifest[T] = manifest[T]

    println("Data type of df value " + manOf(getEncoder.encodeToString(RsaEncryption(secretMessage))))

    df1.show(truncate=false)
    //Decrypt message

    val decryptionCipher = Cipher.getInstance("RSA")
    decryptionCipher.init(Cipher.DECRYPT_MODE, publicKey)


    val decryptedMessage = decryptionCipher.doFinal(encryptedMessage)
    val decryption = new String(decryptedMessage)
    println("=>"+decryption)
    //System.out.println("decrypted message = " + RsaDecryption(encryptedMessage))

    System.out.println("decrypted message2 = " +RsaDecryption(decodedString))
  }
}
Procrastinator
  • 2,526
  • 30
  • 27
  • 36
Nilay Bhardwaj
  • 41
  • 4