RSA Assymmetric Key Encryption


In addition to the standard X509 *.cer certificates there are also certificate files ending with *.PFX or *.P12.The later ones are X509 certs as well, but may in addition contain a private key, too. PFX was a Microsoft extension, while P12 was the Netscape one.

Generating from Scratch using OpenSSL


1. Generate a 2048-bit RSA private key
$ openssl genrsa -out private_key.pem 2048
This will generate a key file in traditional key format also called ssLeay private key format.
2. Convert private Key to PKCS#8 format (so Java can read it)
$ openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt
3. Output public key portion in DER format (so Java can read it)
$ openssl rsa -in private_key.pem -pubout -outform DER -out public_key.der



Generating from the .p12 File


  • Private key:
    openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem
    This will generate the private key alone 
  • Certificates:
    openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem
    this will generate the certificate and private key in one .pem file. 
After this use the Steps 2 and 3 above to generate the certificate files.



Sample Code to Test


public class TestAssymmetric {

public static void main(String[] args) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, InvalidKeyException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException
{
AssymmetricEncryptor encypter=new AssymmetricEncryptor();
PublicKey publicKey = encypter.getPublicKey("C:\\Users\\apillai\\Documents\\Assets\\public_key.der");
System.out.println(publicKey);

String clearText = "hello world";
System.out.println("Clear Text:" + clearText);
String encryptedString = encypter.encrypt(clearText,publicKey);
System.out.println("Encrypted String:" + encryptedString);
System.out.println("Encrypted String: Encoded" + Base64.encode(encryptedString.getBytes()));

PrivateKey privateKey = encypter.getPrivateKey("C:\\Users\\apillai\\Documents\\Assets\\private_key.der");
System.out.println(privateKey);
String decryptedString = encypter.decrypt(encryptedString,privateKey);
System.out.println(decryptedString);
}

}

Comments

Post a Comment

Popular posts from this blog

'jasypt.encryptor.password' or one of ['jasypt.encryptor.privateKeyString', 'jasypt.encryptor.privateKeyLocation'] must be provided for Password-based or Asymmetric encryption

Image
      Intellij spring boot build failing not seeing the jasypt password. The same is working fine with the normal startup and is also working with mvn command.     Caused by: org.springframework.boot.context.properties.ConfigurationPropertiesBindException: Error creating bean with name 'spring.security-org.springframework.boot.autoconfigure.security.SecurityProperties': Could not bind properties to 'SecurityProperties' : prefix=spring.security, ignoreInvalidFields=false, ignoreUnknownFields=true; nested exception is org.springframework.boot.context.properties.bind.BindException: Failed to bind properties under 'spring.security.user.password' to java.lang.String Caused by: org.springframework.boot.context.properties.bind.BindException: Failed to bind properties under 'spring.security.user.password' to java.lang.String Caused by: org.springframework.cache.Cache$ValueRetrievalException: Value for key 'spring.security.user.password' could not be load...
Read more

Field or property 'jobParameters' cannot be found on object of type 'org.springframework.beans.factory.config.BeanExpressionContext' - Spring Batch

This Error happens when you are trying to retrieve a Job Execution parameter and inject it into a Bean. The bean can be anything a Task let, or a StatmentSetter the error can happen. E.g Implementation <bean id = "flatFileItemReader" scope="step" class="org.springframework.batch.item.file.FlatFileItemReader"> <property name = "resource" value = "#{jobParameters[input.file.name]}" /> </bean> The error is because of the Scope parameter missing Using a scope of  Step  is required in order to use late binding since the bean cannot actually be instantiated until the  Step  starts, which allows the attributes to be found. Because it is not part of the Spring container by default, the scope must be added explicitly. Check out the Documentation here ..  http://docs.spring.io/spring-batch/reference/html/configureStep.html#step-scope
Read more

Couldn't store job: Unable to serialize JobDataMap for insertion into database because the value of property 'jobLauncher' is not serializable

This occurs during the quartz - spring-batch integration when we are trying to pass in the JobLauncher object into the quartz class that extens the quartz bean. this can be overcome like below <bean id="fetchTransaction_quartz" class="org.springframework.scheduling.quartz.JobDetailFactoryBean"> <property name="jobClass" value="com.incomm.chase.settlement.quartz.FetchTransaction"> </property>   <property name="jobDataAsMap">       <map>       entry key="timeout" value="5"/>       <entry key="jobName" value="chaseSettlement"></entry>       <!--the entries added here will cause a serialization exception -->           <!--  <entry key="jobLocator" value-ref="jobRegistry"/>            <entry key="jobLauncher" value-ref="jobLauncher"/> -->      </map>  </pro...
Read more