Our customer complains about stored encryption key in the Tomcat context.xml as plain text (well, he is definitely right at this point).
And he wants to use external keystore to store this encryption key.
I was able to create a keystore and put a symmetric key in there with following command:
keytool -importpassword -alias encryption-key -keystore your.keystore -storetype pkcs12
This keystore has the 'PSCS12' type and, actually, can store symmetric keys.
My stored password has an alias, which is 'encryption-key'.
'your.keystore' is a keystore file.
But i have a problem - i can not extract it.
If i will try to extract if from the java code - then i will need to provide salt and iterations count, like this:
final SecretKey secretKey = (SecretKey) keyStore.getKey(alias, password.toCharArray());
System.out.println("[*] Encryption algorithm: " + secretKey.getAlgorithm());
Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());
AlgorithmParameterSpec algorithmParameterSpec = new PBEParameterSpec(SALT, ITERATION_COUNT);
cipher.init(Cipher.DECRYPT_MODE, secretKey, algorithmParameterSpec);
String decryptedData = Arrays.toString(cipher.doFinal(secretKey.getEncoded()));
System.out.println("Decrypted Key: " + decryptedData);
But i'm not sure which values i should provide to it, because i was storing my passphrase using the command line.
Encryption algorithm that are being used is PBEWithMD5AndDES.
I can see my stored passphrase in a debugger session, i can actually see even a passphrase length, but i can not decrypt it.
So, what are my options here? Customer wants to have a standard implementation (JCA).
How can i extract my passphrase that was generated with a command above?
forget it, i'm stupid. it turns out that i always had the right value, it just was in the HEX format.
So, if you want to have a keystore and put there some value (just a string, not keys pair), then you will need to:
$ keytool -importpassword -alias encryption-key -keystore your.keystore -storetype pkcs12 -storepass testtest # create a keystore and store a single value
where -importpassword is used to store single passphrase
-alias is an alias for your passphrase
-keystore is a keystore file obviously
- storetype pkcs12 is used to store symmetric key (just a passphrase, not a key pair)
-storepass is a password for your keystore (not for your passphrase)
Then you can use following code example to extract your key:
import javax.crypto.SecretKey;
import java.io.FileInputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
public class Main {
private static final String WORKING_DIRECTORY = "/path/to/directory/where/keystore/is/placed/";
private static final String FILE_NAME = "your.keystore";
private static final String KEYSTORE_PASSWORD = "testtest";
private static final String SECRET_KEY_ALIAS = "encryption-key";
public static void main(String[] argv) throws Exception {
final FileInputStream is = new FileInputStream(WORKING_DIRECTORY + FILE_NAME); // load a keystore from file
final KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); // initialize a keystore
keystore.load(is, KEYSTORE_PASSWORD.toCharArray()); // authorize in the keystore
extract(SECRET_KEY_ALIAS, KEYSTORE_PASSWORD, keystore); // extract stored password from the keystore
}
static void extract(final String alias, final String password, final KeyStore keyStore) throws Exception {
final SecretKey secretKey = (SecretKey) keyStore.getKey(alias, password.toCharArray());
System.out.println("[*] Encryption algorithm: " + secretKey.getAlgorithm());
System.out.println("[*] Converting stored key from HEX to string");
System.out.println("[+] Stored key: " + new String(secretKey.getEncoded(), StandardCharsets.UTF_8));
}
}
Related
I have created a PEMParser object to which I pass a PEM string containing chain certificate, encrypted private key etc. Which is the way to retrieve the decrypted private key and the certificate X509? I have tried with :
pemParser.readObject()
I am able to get a x509CertificateHolder (how to get the certificate from it?) and at the second call an encrypted privatekey info.
Thanks in advance.
assuming that your pem file has two entries first is cert and second is key.
another assumption is that key is of type pkcs8 and it is password protected.
first call to pemParser.readObject() is done with assumption that first entry in pem file is of x509 certificate
second call to pemParser.readObject() is done with assumption that second entry in pem file is of pkcs8 password protected key
variable certificate will contain the x509 certificate and variable finalKey will contain the private key
private void getCertAndKeyFromPemFile(String fileName, String keyPassword) throws Exception {
Security.addProvider(new BouncyCastleProvider());
PEMParser pemParser = new PEMParser(new FileReader(fileName));
JcaX509CertificateConverter x509Converter = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider());
X509Certificate certificate =x509Converter.getCertificate((X509CertificateHolder) pemParser.readObject());
PKCS8EncryptedPrivateKeyInfo privateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) pemParser.readObject();
InputDecryptorProvider decryptorProvider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(keyPassword.toCharArray());
PrivateKey finalKey = new JcaPEMKeyConverter().getPrivateKey(privateKeyInfo.decryptPrivateKeyInfo(decryptorProvider));
}
I have this code to generate a CER file using the alias:
public class TestFromAliasToCER {
public static final int KEY_SIZE = 1024;
public static final String BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
public static final String END_CERT = "-----END CERTIFICATE-----";
public final static String LINE_SEPARATOR = System.getProperty("line.separator");
public static void main(String[] args) throws FileNotFoundException, IOException, NoSuchAlgorithmException, NoSuchProviderException, KeyStoreException, CertificateException {
KeyStore keyStore = KeyStore.getInstance ("Windows-MY");
keyStore.load (null, null);
Enumeration<String> aux = keyStore.aliases();
String alias = aux.nextElement();
X509Certificate certificate = (X509Certificate) keyStore.getCertificate (alias);
String certString = formatCrtFileContents(certificate);
PrintWriter out = new PrintWriter("cert.CER");
out.println(certString);
out.close();
}
public static String formatCrtFileContents(final Certificate certificate) throws CertificateEncodingException {
final Base64.Encoder encoder = Base64.getMimeEncoder(64, LINE_SEPARATOR.getBytes());
final byte[] rawCrtText = certificate.getEncoded();
final String encodedCertText = new String(encoder.encode(rawCrtText));
final String prettified_cert = BEGIN_CERT + LINE_SEPARATOR + encodedCertText + LINE_SEPARATOR + END_CERT;
return prettified_cert;
}
}
This creates the cer file with
-----BEGIN CERTIFICATE-----
data
-----END CERTIFICATE-----
I want to be able to create a PEM Certificate with the private key included, is it possible? If not, why?
I'm not restricted to Java only and free to use any Java API, but preferable with the least user interaction as possible.
Although I don't see it documented, according to the source the SunMSCAPI provider implements only a stub for getEncoded and cannot export Windows privatekey so you can't do this with JCA.
You could of course write JNI or JNA to call Windows CAPI, but that's not simple.
To use existing tools without user interaction you can use Runtime or ProcessBuilder to
run certutil with arguments -exportpfx -user -p password certid filename
run powershell and tell it to select an object in cert:\currentuser\my and invoke the Export('PFX','password') method -- examples for machine rather than user cert here
or in (only) recent powershell use Export-PFXCertificate cmdlet documentation here
and after any of these, extract from pkcs12 to PEM with openssl pkcs12, or if you prefer with Java by:
load the PKCS12 keystore and get the PrivateKey entry
call getEncoded and encode the result in folded (MIME) base64 like you did for the certificate except use -----BEGIN/END PRIVATE KEY-----
Warning: Java produces an unencrypted (PKCS8) privatekey, so make certain no unauthorized user or program ever has access to this file, your disk/filesystem or any backup(s).
A digital certificate doesn't have the private key inside it (the private key is not part of the certificate fields). The certificate and the private key are separate entities, although they're related (one can't exist without the other).
If you take a look at the certificate fields in RFC 5280, you'll see that only the public key is part of it:
Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING }
TBSCertificate ::= SEQUENCE {
... lots of fields
subjectPublicKeyInfo SubjectPublicKeyInfo,
... lots of other fields
}
The subjectPublicKeyInfo is the public key, and there's no field for the private key.
That's because certificates are meant to be public (you can have more details on why they're public taking a look at how a Public Key Infrastructure works).
Although the certificate is public, there's always a correspondent private key somewhere, usually held by the certificate's owner (and ideally by no one else).
Anyway, the file you've got (with BEGIN CERTIFICATE and END CERTIFICATE headers) in only the digital certificate (but not the private key).
If you have the private key and the corresponding certificate, you can create a file that contains both. The most common formats for such file are: JKS (also known as Keystore) and PFX.
There are also another "format": the Windows repository (the one you're reading when you do KeyStore.getInstance("Windows-MY")). I don't know exactly in what format its files are, but the KeyStore class abstracts it.
If the private key is present, it will be together with its corresponding certificate, in the same alias. You can check if the key is present with this code:
String alias = aux.nextElement();
if (keyStore.isKeyEntry(alias)) { // alias contains a private key
Key key = keyStore.getKey(alias, "password".toCharArray()); // need to know the password
// key is the private key
// cert is the key's corresponding certificate
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
} else if (keyStore.isCertificateEntry(alias)) { // alias doesn't contain a key
X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
}
After having the key, you can save it to another keystore with the following code:
// create another keystore
KeyStore output = KeyStore.getInstance("JKS");
// "alias" - choose to whatever name you want
// privateKey is the object you've got from keyStore.getKey()
// "password" is the password for this alias
// cert will be stored in the same alias
output.setKeyEntry("alias", privateKey, "password".toCharArray(), new Certificate[] { cert });
// save the keystore to a file
output.store(new FileOutputStream("outputfile.jks"), "keystore password".toCharArray());
The code above creates the file outputfile.jks containing the certificate and the private key.
If you want the file to be a PFX, you can change the code above to:
// PKCS12 == PFX format
KeyStore output = KeyStore.getInstance("PKCS12");
// alternative: in pfx, I think that alias can't have specific passwords
// so you can use this as it doesn't require a password for the alias entry
output.setKeyEntry("alias", privateKey.getEncoded(), new Certificate[] { cert });
// change file extension to ".pfx"
output.store(new FileOutputStream("outputfile.pfx"), "keystore password".toCharArray());
I would like to generate and store a HMacSHA256 key for testing purposes in the Java keystore.
I would normally do this via the keytool:
keytool -genseckey -keystore keystore.jceks -storetype jceks -storepass secret -keyalg HMacSHA256 -keysize 2048 -alias HS256 -keypass secret
So far I found that I can generate the key using:
SecretKey key = new SecretKeySpec("secret".getBytes(), "HmacSHA256");
That key is unfortunately not an instance of PrivateKey and thus storing the key fails:
KeyStore ks = ...
ks.setEntry("HS256", new SecretKeyEntry(key), new PasswordProtection("secret".toCharArray()));
Exception:
java.security.KeyStoreException: Cannot store non-PrivateKeys
at sun.security.provider.JavaKeyStore.engineSetKeyEntry(JavaKeyStore.java:258)
at sun.security.provider.JavaKeyStore$JKS.engineSetKeyEntry(JavaKeyStore.java:56)
at java.security.KeyStoreSpi.engineSetEntry(KeyStoreSpi.java:550)
at sun.security.provider.KeyStoreDelegator.engineSetEntry(KeyStoreDelegator.java:179)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineSetEntry(JavaKeyStore.java:70)
at java.security.KeyStore.setEntry(KeyStore.java:1557)
at com.gentics.mesh.SecretKeyTest.testSHA(SecretKeyTest.java:31)
I believe that SecretKey represents a symmetric key. And PrivateKey is part of a PublicKey and Private-Key Pair. Is there a way to store a single symmetric key?
Yes, you can. But until Java 9 comes out, PKCS#12 key stores will be limited in functionality. JCEKS key stores as you are using in the command line keytool do however support symmetric (HMAC) keys:
public class HMACKeyStore {
public static void gen( String thePath, String thePassword ) throws Exception {
KeyGenerator keygen = KeyGenerator.getInstance("HmacSHA256");
SecretKey key = keygen.generateKey();
KeyStore keystore = KeyStore.getInstance("jceks");
keystore.load(null, null);
// This call throws an exception
keystore.setKeyEntry("theKey", key, thePassword.toCharArray(), null);
keystore.store( new FileOutputStream(thePath), thePassword.toCharArray() );
SecretKey keyRetrieved = (SecretKey) keystore.getKey("theKey", thePassword.toCharArray());
System.out.println(keyRetrieved.getAlgorithm());
}
public static void main(String[] args) throws Exception {
gen("hmac_store.jceks", "password");
}
}
should work fine on Java 8.
Private key generation
public PrivateKey getStoredPrivateKey(String filePath) {
PrivateKey privateKey = null;
byte[] keydata = getKeyData(filePath);
PKCS8EncodedKeySpec encodedPrivateKey = new PKCS8EncodedKeySpec(keydata);
KeyFactory keyFactory = null;
try {
keyFactory = KeyFactory.getInstance("RSA");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
try {
System.out.println("hello");
privateKey = keyFactory.generatePrivate(encodedPrivateKey);
} catch (InvalidKeySpecException e) {
e.printStackTrace();
}
return privateKey;
}
I am using it here
PrivateKey privateKey = new KryptoUtil().getStoredPrivateKey(privateKeyFilePath);
but its showing error
hello
java.security.spec.InvalidKeySpecException:
java.security.InvalidKeyException: IOException : version mismatch: (supported: 00, parsed: 03
at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(Unknown Source)
I am passing a (.p12) file in getStoredPrivateKey(String filePath) function.
why its giving error?
P12 is is keystore type where multiple keys and certificates can be stored and a password can be used to protect them. You can search about P12 (PKCS12) on Internet. Your file is P12 file, so most likely it is PKCS12 format file.
To get private key from P12 file use below code. You need below things before calling this code.
filePath. String path (absolute) of P12 file.
filePassword. It is a char[]. Represents password of p12 file.
keyPassword. It is a char[]. Represents password for private key. Most
likely it is same as filePassword.
alias. A String. Represents by which alias a private key stored in P12
archive/keystore.
To check what is the alias of your private key you can use below command
keytool -list -v -keystore <yourfile>.p12 -storetype pkcs12
It will ask for password then print multiple lines. Look for
Entry Type: PrivatKeyEntry
There you will find the alias.
Initialize these variables and then use below code to get private key. You can also get Certificates/Public key associate with this key. Look for API of PrivateKeyEntry
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(new FileInputStream(filePath), filePassword);
PrivateKeyEntry keyEntry = (PrivateKeyEntry) ks.getEntry(alias, new KeyStore.PasswordProtection(keyPassword));
PrivateKey key = privateKeyEntry.getPrivateKey();
I have .p12 file, I am extracting the private key using openssl, I have a password for extracting it.
openssl pkcs12 -in my.p12 -nocerts -out privateKey.pem
And after I get my private key, I'm trying to use that key for encryption:
public static void main(String[] args) throws Exception {
Security.addProvider(new BouncyCastleProvider());
KeyPair keyPair = readKeyPair(privateKey, "testpassword".toCharArray());
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
byte[] textEncrypted = cipher.doFinal("hello world".getBytes());
System.out.println("encrypted: "+new String(textEncrypted));
cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
byte[] textDecrypted = cipher.doFinal(textEncrypted);
System.out.println("decrypted: "+new String(textDecrypted));
}
private static KeyPair readKeyPair(File privateKey, char[] keyPassword) throws IOException {
FileReader fileReader = new FileReader(privateKey);
PEMReader r = new PEMReader(fileReader, new DefaultPasswordFinder(keyPassword));
try {
return (KeyPair) r.readObject(); // this returns null
} catch (IOException ex) {
throw new IOException("The private key could not be decrypted", ex);
} finally {
r.close();
fileReader.close();
}
}
r.readObject(); returns null. But when I create a private key by myself by this command:
openssl genrsa -out privkey.pem 2048
The above code works fine.
How can I extract private key from p12 file properly?
Or is there any way to use p12 file for encrypt/decrypt the text
without extracting through command line?
I know it is just PKCS#12 is just archaive file which stores keys.
I don't know what is wrong with your code, but I have code that reads stuff from a key store. I read the file into a KeyStore instance and then access the key or entry as appropriate. Here are some of the relevant calls:
char[] password;
String alias;
java.security.KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
keyStore.load(inputStream, password);
java.security.PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, password);
java.security.keystore.PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry) keyStore.getEntry(alias, new KeyStore.PasswordProtection(password));
To find the alias of the entry you are interested in, I suggest using keytool (comes with JDK):
keytool -list -v -keystore keystore.pkcs12 -storetype pkcs12
You will be prompted for the keystore password and then get information like this:
Keystore type: PKCS12
Keystore provider: SunJSSE
Your keystore contains 1 entry
Alias name: thealias
Creation date: Aug 30, 2013
Entry type: PrivateKeyEntry
Certificate chain length: 2
[... lots of info about the certificates deleted ...]