How to Decrypt OpenSSL-Encrypted Files in Java using AES?-javaTutorial-php.cn

Home

Java

javaTutorial

How to Decrypt OpenSSL-Encrypted Files in Java using AES?

Dec 03, 2024 am 08:42 AM

How to Decrypt OpenSSL-Encrypted Files in Java using AES?

Decrypting OpenSSL-Encrypted Files using JAVA with AES

In UNIX, you can encrypt files using the following OpenSSL command:

openssl aes-256-cbc -a -salt -in password.txt -out password.txt.enc

Copy after login

To decrypt this file in JAVA, you cannot replicate the exact UNIX command. Instead, you must follow a different yet functional approach to decryption.

JAVA Implementation

Below is a Java code snippet that demonstrates how to decrypt an OpenSSL-encrypted file using AES:

import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.List;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import org.bouncycastle.util.encoders.Base64;

public class OpenSSLDecryptor {
    private static final Charset ASCII = Charset.forName("ASCII");
    private static final int INDEX_KEY = 0;
    private static final int INDEX_IV = 1;
    private static final int ITERATIONS = 1;

    private static final int ARG_INDEX_FILENAME = 0;
    private static final int ARG_INDEX_PASSWORD = 1;

    private static final int SALT_OFFSET = 8;
    private static final int SALT_SIZE = 8;
    private static final int CIPHERTEXT_OFFSET = SALT_OFFSET + SALT_SIZE;

    private static final int KEY_SIZE_BITS = 256;

    ...

    public static void main(String[] args) {
        ...
        // Parse command-line arguments
        File f = new File(args[ARG_INDEX_FILENAME]);

        // Read and decode base 64 encoded file
        String dataBase64 = new String(Files.readAllBytes(f.toPath()), ASCII);
        byte[] headerSaltAndCipherText = Base64.decode(dataBase64);

        ...

        // Decrypt the file using the provided password and encryption parameters
        byte[] decrypted = aesCBC.doFinal(encrypted);

        // Convert decrypted bytes to a string and print the result
        String answer = new String(decrypted, ASCII);
        System.out.println(answer);
    }
}

Copy after login

This code leverages the EVP_BytesToKey method to derive encryption keys and initialization vectors (IVs) based on the given password. The Cipher class is then used to perform AES decryption with CBC mode and PKCS5 padding.

Additional Notes

Beware of character sets: Ensure that the code uses the same character set specified in the OpenSSL command (ASCII in this case).
Consider NIST-approved PBKDF2: It's more secure than the default OpenSSL password derivation method.
Be mindful of digest algorithm changes: OpenSSL versions may use different digest algorithms, so specify the digest explicitly in both the command line interface and the Java code.

The above is the detailed content of How to Decrypt OpenSSL-Encrypted Files in Java using AES?. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn