unix - How to decrypt an encrypted file in java with openssl with AES? -
i need decrypt in java file encrypted in unix next command:
openssl aes-256-cbc -a -salt -in password.txt -out password.txt.enc mypass mypass i have decrypt in java here in unix
openssl aes-256-cbc -d -a -in password.txt.enc -out password.txt.new mypass someone can give me java code this?
openssl uses own password based key derivation method, specified in evp_bytestokey, please see code below. in general should forcefulness openssl utilize nist approved pbkdf2 algorithm though.
import java.io.file; import java.io.ioexception; import java.nio.charset.charset; import java.nio.file.files; import java.security.generalsecurityexception; import java.security.messagedigest; import java.util.arrays; import java.util.list; import javax.crypto.badpaddingexception; import javax.crypto.cipher; import javax.crypto.illegalblocksizeexception; import javax.crypto.spec.ivparameterspec; import javax.crypto.spec.secretkeyspec; import org.bouncycastle.util.encoders.base64; /** * class created stackoverflow owlstead. * open source, free re-create , utilize purpose. */ public class openssldecryptor { private static final charset ascii = charset.forname("ascii"); private static final int index_key = 0; private static final int index_iv = 1; private static final int iterations = 1; private static final int arg_index_filename = 0; private static final int arg_index_password = 1; private static final int salt_offset = 8; private static final int salt_size = 8; private static final int ciphertext_offset = salt_offset + salt_size; private static final int key_size_bits = 256; /** * go ola bini releasing source on blog. * source obtained <a href="http://olabini.com/blog/tag/evp_bytestokey/">here</a> . */ public static byte[][] evp_bytestokey(int key_len, int iv_len, messagedigest md, byte[] salt, byte[] data, int count) { byte[][] both = new byte[2][]; byte[] key = new byte[key_len]; int key_ix = 0; byte[] iv = new byte[iv_len]; int iv_ix = 0; both[0] = key; both[1] = iv; byte[] md_buf = null; int nkey = key_len; int niv = iv_len; int = 0; if (data == null) { homecoming both; } int addmd = 0; (;;) { md.reset(); if (addmd++ > 0) { md.update(md_buf); } md.update(data); if (null != salt) { md.update(salt, 0, 8); } md_buf = md.digest(); (i = 1; < count; i++) { md.reset(); md.update(md_buf); md_buf = md.digest(); } = 0; if (nkey > 0) { (;;) { if (nkey == 0) break; if (i == md_buf.length) break; key[key_ix++] = md_buf[i]; nkey--; i++; } } if (niv > 0 && != md_buf.length) { (;;) { if (niv == 0) break; if (i == md_buf.length) break; iv[iv_ix++] = md_buf[i]; niv--; i++; } } if (nkey == 0 && niv == 0) { break; } } (i = 0; < md_buf.length; i++) { md_buf[i] = 0; } homecoming both; } public static void main(string[] args) { seek { // --- read base of operations 64 encoded file --- file f = new file(args[arg_index_filename]); list<string> lines = files.readalllines(f.topath(), ascii); stringbuilder sb = new stringbuilder(); (string line : lines) { sb.append(line.trim()); } string database64 = sb.tostring(); byte[] headersaltandciphertext = base64.decode(database64); // --- extract salt & encrypted --- // header "salted__", ascii encoded, if salt beingness used (the default) byte[] salt = arrays.copyofrange( headersaltandciphertext, salt_offset, salt_offset + salt_size); byte[] encrypted = arrays.copyofrange( headersaltandciphertext, ciphertext_offset, headersaltandciphertext.length); // --- specify cipher , digest evp_bytestokey method --- cipher aescbc = cipher.getinstance("aes/cbc/pkcs5padding"); messagedigest md5 = messagedigest.getinstance("md5"); // --- create key , iv --- // iv useless, openssl might have utilize zero's final byte[][] keyandiv = evp_bytestokey( key_size_bits / byte.size, aescbc.getblocksize(), md5, salt, args[arg_index_password].getbytes(ascii), iterations); secretkeyspec key = new secretkeyspec(keyandiv[index_key], "aes"); ivparameterspec iv = new ivparameterspec(keyandiv[index_iv]); // --- initialize cipher instance , decrypt --- aescbc.init(cipher.decrypt_mode, key, iv); byte[] decrypted = aescbc.dofinal(encrypted); string reply = new string(decrypted, ascii); system.out.println(answer); } grab (badpaddingexception e) { // aka "something went wrong" throw new illegalstateexception( "bad password, algorithm, mode or padding;" + " no salt, wrong number of iterations or corrupted ciphertext."); } grab (illegalblocksizeexception e) { throw new illegalstateexception( "bad algorithm, mode or corrupted (resized) ciphertext."); } grab (generalsecurityexception e) { throw new illegalstateexception(e); } grab (ioexception e) { throw new illegalstateexception(e); } } } java unix openssl aes
No comments:
Post a Comment