Encrypt/Decrypt String with RSA and X509Certificate

Discussion in 'Java' started by b.croissant@gmail.com, Jun 22, 2005.

  1. Guest

    Hi,
    I've 2 files : CA.cert (X509 certificate) and CA.key (contains private
    key)
    I want to encrypt a string "secret message" with the public key of the
    certificate and decrypt this string with the private key.
    I think encryption is ok, but I can't import the private key from the
    file.
    Here is my code:
    --------------------------------------------------------------------
    [...]

    InputStream inStream = new FileInputStream("./CA.crt"); //The X509
    certificate
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    X509Certificate cert =
    (X509Certificate)cf.generateCertificate(inStream);
    inStream.close();

    RSAPublicKey rsaPublicKey = (RSAPublicKey)cert.getPublicKey();
    BouncyCastleProvider bcp = new BouncyCastleProvider();
    Security.addProvider(bcp);
    Cipher encryptCipher = Cipher.getInstance("RSA", bcp);
    encryptCipher.init(Cipher.ENCRYPT_MODE, rsaPublicKey);

    String message = "secret message";
    byte[] messageACrypter = message.getBytes();
    byte[] messageCrypte = encryptCipher.doFinal(messageACrypter);

    System.out.println("\nSource : "+message);
    System.out.println("Source crypted: "+new String(messageCrypte)+"\n");

    File keyFile = new File("./CA.key");
    DataInputStream in = new DataInputStream(new FileInputStream(keyFile));
    byte [] fileBytes = new byte[(int) keyFile.length()];
    in.readFully(fileBytes);
    in.close();
    KeyFactory kf = KeyFactory.getInstance("RSA");
    KeySpec ks = new X509EncodedKeySpec(fileBytes);
    RSAPrivateKey rsaPrivateKey = (RSAPrivateKey)kf.generatePrivate(ks);

    Cipher decryptCipher = Cipher.getInstance("RSA", bcp);
    decryptCipher.init(Cipher.DECRYPT_MODE,rsaPrivateKey);

    byte[] messageDecrypte = decryptCipher.doFinal(messageCrypte);
    System.out.println("Source decrypted: "+new
    String(messageDecrypte)+"\n");
    [...]
    -------------------------------------------------------------
    I've an error :

    java.security.spec.InvalidKeySpecException: Key spec not RSA.

    How to correct this?
    Thanks a lot.
    , Jun 22, 2005
    #1
    1. Advertising

  2. Guest

    escreveu:
    > Hi,
    > I've 2 files : CA.cert (X509 certificate) and CA.key (contains private
    > key)
    > I want to encrypt a string "secret message" with the public key of the
    > certificate and decrypt this string with the private key.
    > I think encryption is ok, but I can't import the private key from the
    > file.


    OK. I store my Certs in LDAP and the private key as a serialized object
    in LDAP. When I create my certs/private key and store them in LDAP - I
    use the keystore file created by the java tool keygen. So this may not
    help you - but the general idea is:

    pk = (PrivateKey)ks.getKey(privateKeyAlias,
    privateKeyPass.toCharArray());

    I can show you the rest if you decide you want to go that route.

    HTH,
    iksrazal
    http://www.braziloutsource.com/




    > Here is my code:
    > --------------------------------------------------------------------
    > [...]
    >
    > InputStream inStream = new FileInputStream("./CA.crt"); //The X509
    > certificate
    > CertificateFactory cf = CertificateFactory.getInstance("X.509");
    > X509Certificate cert =
    > (X509Certificate)cf.generateCertificate(inStream);
    > inStream.close();
    >
    > RSAPublicKey rsaPublicKey = (RSAPublicKey)cert.getPublicKey();
    > BouncyCastleProvider bcp = new BouncyCastleProvider();
    > Security.addProvider(bcp);
    > Cipher encryptCipher = Cipher.getInstance("RSA", bcp);
    > encryptCipher.init(Cipher.ENCRYPT_MODE, rsaPublicKey);
    >
    > String message = "secret message";
    > byte[] messageACrypter = message.getBytes();
    > byte[] messageCrypte = encryptCipher.doFinal(messageACrypter);
    >
    > System.out.println("\nSource : "+message);
    > System.out.println("Source crypted: "+new String(messageCrypte)+"\n");
    >
    > File keyFile = new File("./CA.key");
    > DataInputStream in = new DataInputStream(new FileInputStream(keyFile));
    > byte [] fileBytes = new byte[(int) keyFile.length()];
    > in.readFully(fileBytes);
    > in.close();
    > KeyFactory kf = KeyFactory.getInstance("RSA");
    > KeySpec ks = new X509EncodedKeySpec(fileBytes);
    > RSAPrivateKey rsaPrivateKey = (RSAPrivateKey)kf.generatePrivate(ks);
    >
    > Cipher decryptCipher = Cipher.getInstance("RSA", bcp);
    > decryptCipher.init(Cipher.DECRYPT_MODE,rsaPrivateKey);
    >
    > byte[] messageDecrypte = decryptCipher.doFinal(messageCrypte);
    > System.out.println("Source decrypted: "+new
    > String(messageDecrypte)+"\n");
    > [...]
    > -------------------------------------------------------------
    > I've an error :
    >
    > java.security.spec.InvalidKeySpecException: Key spec not RSA.
    >
    > How to correct this?
    > Thanks a lot.
    , Jun 22, 2005
    #2
    1. Advertising

  3. Thanks.
    I use keystore generated with keytool.
    Your solution with LDAP is interresting but a little complex in my
    case.
    I keep your email if I'me interrested later

    Bye
    =?iso-8859-1?B?QmVub+50?=, Jun 23, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. gg
    Replies:
    0
    Views:
    2,693
  2. sweety
    Replies:
    9
    Views:
    1,011
    Richard Heathfield
    Feb 7, 2006
  3. hanusoftware hanu

    encrypt and decrypt query string

    hanusoftware hanu, Jun 28, 2007, in forum: ASP .Net
    Replies:
    0
    Views:
    591
    hanusoftware hanu
    Jun 28, 2007
  4. Replies:
    1
    Views:
    424
    Daniel Martin
    Jun 16, 2007
  5. Jerry Krinock
    Replies:
    1
    Views:
    358
    Jerry Krinock
    Aug 20, 2008
Loading...

Share This Page