-1

I have a public key for asymmetric encryption in the form of DER (Distinguished Encoding Rules) encoded binary data, which is a restricted form of the ASN.1 (Abstract Syntax Notation One) encoding.

MIIB/DCCAWmgAwIBAgIQpbarEXfe8rVDlWlg2T+ixzAJBgUrDgMCHQUAMBgxFjAUBgNVBAMTDUJBTktESE9GQVIwMDEwIBcNMTMwNzEwMDkxMjU5WhgPMjA5OTEyMjkyMDAwMDBaMBgxFjAUBgNVBAMTDUJBTktESE9GQVIwMDEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALZTB/2vKxWwCGhUdywVvikj8klvlzpZTJbVd0bRIN82bTTzp53SDXczc7mkto4vsqelGqnyjZcigyhj5y60SWYggc83d89I+i2Vo77am6aW8tfx1p/x9Op6bDLIN8V0uyoBK8IhRbuiugHmbP69Fyq4vXQ4+D2EzmmOuPRQfg4BAgMBAAGjTTBLMEkGA1UdAQRCMECAEAMkZd7uwQQG7803GjCmF7yhGjAYMRYwFAYDVQQDEw1CQU5LREhPRkFSMDAxghCltqsRd97ytUOVaWDZP6LHMAkGBSsOAwIdBQADgYEAhau3OD9QPoJm+H8v70WQmGUwJaS2IZORo/f8sMgUnVA6qoiD7BRkv8VVT0No4H+77YnYR2mtlCkU1BenKM3bC4WQXsXawMDSOoJcqBVLBFpYzl/8xpNrRyA8yyLUX37kXmH6mdioGLiNSKhQvX/XBYkTeOnsS2umt+zjS2JDS+g=

How I can encrypt this key to generate the cipher for text 1234.

I tried the below sample code from internet:

public class ATMPINClient{


    public static void main(String[] args) throws Exception {

        String pkey = "MIIB/DCCAWmgAwIBAgIQpbarEXfe8rVDlWlg2T+ixzAJBgUrDgMCHQUAMBgxFjAUBgNVBAMTDUJBTktESE9GQVIwMDEwIBcNMTMwNzEwMDkxMjU5WhgPMjA5OTEyMjkyMDAwMDBaMBgxFjAUBgNVBAMTDUJBTktESE9GQVIwMDEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALZTB/2vKxWwCGhUdywVvikj8klvlzpZTJbVd0bRIN82bTTzp53SDXczc7mkto4vsqelGqnyjZcigyhj5y60SWYggc83d89I+i2Vo77am6aW8tfx1p/x9Op6bDLIN8V0uyoBK8IhRbuiugHmbP69Fyq4vXQ4+D2EzmmOuPRQfg4BAgMBAAGjTTBLMEkGA1UdAQRCMECAEAMkZd7uwQQG7803GjCmF7yhGjAYMRYwFAYDVQQDEw1CQU5LREhPRkFSMDAxghCltqsRd97ytUOVaWDZP6LHMAkGBSsOAwIdBQADgYEAhau3OD9QPoJm+H8v70WQmGUwJaS2IZORo/f8sMgUnVA6qoiD7BRkv8VVT0No4H+77YnYR2mtlCkU1BenKM3bC4WQXsXawMDSOoJcqBVLBFpYzl/8xpNrRyA8yyLUX37kXmH6mdioGLiNSKhQvX/XBYkTeOnsS2umt+zjS2JDS+g=";

        String atmPin = "1234";
        byte[] key = pkey.getBytes();
        encrypt(atmPin, key);


    }

    public static byte[] encrypt(String atmPin, byte[] keyCode)
            throws Exception {
        X509Certificate cert = X509Certificate.getInstance(keyCode);
         RSAPublicKey rk = (RSAPublicKey) cert.getPublicKey();
        System.out.println("Algorithm: " + rk.getAlgorithm());
        System.out.println("Modules : " + rk.getModulus());
        System.out.println("Hex - Modules : " + rk.getModulus().toString(16).toUpperCase());

        System.out.println("Exponent : " + rk.getPublicExponent());
        System.out.println("Name : " + cert.getSubjectDN().getName());
        System.out.println("Issuer Name : " + cert.getIssuerDN().getName());
        System.out.println("Not After : " + cert.getNotAfter());
        System.out.println("Not Before : " + cert.getNotBefore());
        System.out.println("Format : " + cert.getPublicKey().getFormat());
        Cipher cipher = Cipher.getInstance("RSA");

        cipher.init(Cipher.ENCRYPT_MODE, rk);
        System.out.println("Actual PIN : " + atmPin);
        byte[] PIN = cipher.doFinal(atmPin.getBytes("UTF-8"));

        String encPIN = new sun.misc.BASE64Encoder().encode(PIN);
        System.out.println("Encrypted Pin : " + encPIN);

        return PIN;

    }
}

Getting below error:

    Exception in thread "main" javax.security.cert.CertificateException: InvocationTargetException: javax.security.cert.CertificateException: invalid DER-encoded certificate data
    at javax.security.cert.X509Certificate.getInst(X509Certificate.java:226)
    at javax.security.cert.X509Certificate.getInstance(X509Certificate.java:186)
    at atmpinclient.ATMPINClient.encrypt(ATMPINClient.java:33)
    at atmpinclient.ATMPINClient.main(ATMPINClient.java:26)
Java Result: 1

Please advise how to achieve this encryption.

Mak
  • 9
  • 5
  • I think the fact that you call **AESUtils**.`encrypt` inside a class called **RSAEncrypter** might have something to do with it. Additionally, the line that says "Invalid AES key length" might prompt you to consider why your RSA encryption method is talking about AES errors... Please read your errors and look at your code, put in a little research effort? – Luke Joshua Park Feb 16 '17 at 09:58
  • I have updated my encrypt method, now i am getting the different exception, please advise – Mak Feb 16 '17 at 12:30
  • Pass in the full X509Certificate, not just the base64 data. – Luke Joshua Park Feb 16 '17 at 20:52
  • can you guide me how? – Mak Feb 17 '17 at 03:18
  • Look up what the contents of a PEM X509 Certificate look like and compare it to what you are passing in. – Luke Joshua Park Feb 17 '17 at 03:19

1 Answers1

0

I am able to encrypt by appending the begin and end certificate to the public key

String beignKey = "-----BEGIN CERTIFICATE-----"+System.getProperty("line.separator");;
        String pkey = "MIIB/DCCAWmgAwIBAgIQpbarEXfe8rVDlWlg2T+ixzAJBgUrDgMCHQUAMBgxFjAUBgNVBAMTDUJBTktESE9GQVIwMDEwIBcNMTMwNzEwMDkxMjU5WhgPMjA5OTEyMjkyMDAwMDBaMBgxFjAUBgNVBAMTDUJBTktESE9GQVIwMDEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALZTB/2vKxWwCGhUdywVvikj8klvlzpZTJbVd0bRIN82bTTzp53SDXczc7mkto4vsqelGqnyjZcigyhj5y60SWYggc83d89I+i2Vo77am6aW8tfx1p/x9Op6bDLIN8V0uyoBK8IhRbuiugHmbP69Fyq4vXQ4+D2EzmmOuPRQfg4BAgMBAAGjTTBLMEkGA1UdAQRCMECAEAMkZd7uwQQG7803GjCmF7yhGjAYMRYwFAYDVQQDEw1CQU5LREhPRkFSMDAxghCltqsRd97ytUOVaWDZP6LHMAkGBSsOAwIdBQADgYEAhau3OD9QPoJm+H8v70WQmGUwJaS2IZORo/f8sMgUnVA6qoiD7BRkv8VVT0No4H+77YnYR2mtlCkU1BenKM3bC4WQXsXawMDSOoJcqBVLBFpYzl/8xpNrRyA8yyLUX37kXmH6mdioGLiNSKhQvX/XBYkTeOnsS2umt+zjS2JDS+g=";

String endKey = System.getProperty("line.separator")+"-----END CERTIFICATE-----" ;


pkey = beignKey + pkey + endKey;
Mak
  • 9
  • 5