I am trying to decrypt the data using RSA Algorithm. While doing the decryption, I am getting an exception.That is,
java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS5Padding
at javax.crypto.Cipher.getInstance(DashoA13*..)
How to solve this exception? Currently, I am using java version "1.6.0_26".
It's a typo. The correct name for RSA with PKCS #1 v1.5 padding is "RSA/ECB/PKCS1Padding".
Generally, it is a good idea to compare with a list of available algorithms.
E.g. this question contains some ways to print such a list.
(And of course using OAEP instead of v1.5 padding would be preferable, especially if your
main field is not cryptography).
The error means that the library you use cna't decrypt the data because there isn't an algorithm in the Lib which decrypts RSA.
You can use a library like Bouncy Calste or GNU Crypto to decrypt data using RSA. There are plenty of samples how to do this on the web.
Related
Recently I have some files which are piped from a remote connection as encrypted files and loaded onto an Android app which are decrypted on runtime. I have found that the exact same decryption code is available here along with the keys. Unfortunately it is in Java and hence one that I am not familiar with, I have no experience with encryption. The link for the module is here
https://github.com/fukata/AES-256-CBC-Example/blob/master/java/src/AESUtil.java
The encrypted example is here
https://zerobin.net/?c5fd41740c9301ef#iNG7oNExRZwK4hBEKP7ZORDBj1fcPZxyjLQZeAihGZ8=
I have been trying to decrypt it by using AES utilities found in VB.NET but unfortunately it doesn't seem to work. So my question is are AES encryption methods different from language to language? IE is something encoded by AES in Java different from one in VB.NET - which would mean i would have to translate the java code directly?
Thanks!
You must use the bit-for-bit identical key and initialization vector as well as the same block chaining mode, but other than that, the language in which an encryption algorithm is written does not matter.
"Is AES Encryption different from language to language?" no.
aes is only an algorithm (computation instruction). aes has maybe a reference-implementation, but it has no "one only correct standardized implementation".
the implementation of aes may be a little bit different in any language. for example in vb.net you would typically use "Byte" as type for an unsigned number in an aes-implementation. however java has no unsigned datatypes, so you have to convert the bytes which are representing negative numbers to avoid encoding-problems. but you do not change the real encryption-algorithm. so you can encrypt your data with an aes-implementation in an arbitrary language and decrypt it with an aes-implementation which is written in another language. if this does not work one of the implementations is flawed.
I tried to use AES/ECB/PKCS7Padding to encrypt a file, but am getting the following exception.
java.security.NoSuchAlgorithmException: Cannot find any provider supporting AES/ECB/PKCS7Padding
Apparently PKCS7Padding is not supported. If I use AES/ECB/PKCS5Padding, then it works fine.
The requirement given to me is that EBC and PKCS7 with padding are to be used.
Someone answered in the below question that "Java is actually performing PKCS #7 padding, but in the JCA specification, PKCS5Padding is the name given"
AES-256 and PKCS7Padding fails in Java
In the below question, someone said that " I will point out that PKCS#5 and PKCS#7 actually specify exactly the same type of padding ..."
java.security.NoSuchAlgorithmException:Cannot find any provider supporting AES/ECB/PKCS7PADDING
What does that mean? AES/ECB/PKCS5Padding and AES/ECB/PKCS7Padding are the same? So both will produce exactly the same encrypted output?
TIA.
I'm creating a web service that stores a list of users with their public keys online, as well as encrypted messages. My end goal was end-to-end encryption.
I initially thought this would be pretty easy -- "Oh, OpenSSL and RSA private/public key asymmetric encryption is great." False. RSA will only encrypt a tiny bit of data, presumably to pass a regular, symmetric key back and forth.
Okay, so I tried to find solutions online. Most of them either ended without a functioning example or pointed at using the command line, all of which seemed excessive and incomplete.
Is there a way to use end-to-end encryption on data with asymmetric keys, or is it all a personal pipe dream? OpenSSL in PHP has a way to do this already, and it's kludgy but it works.
Is there some method I'm missing here?
The common way to encrypt larger amount of data with a asymmetric keys (eg. RSA) is by use of hybrid encryption. In hybrid encryption you mix symmetric and asymmetric encryption. First you generated a random symmetric key, that is used to encrypt the data. Then you encrypt the symmetric key with the asymmetric key. The encrypted data + the encrypted random key are then put together and makes up the full encrypted data.
The openssl_seal() in PHP you refer to, uses hybrid encryption where the symmetric algorithm is RC4. How data is encoded and put together in the encrypted files have been defined by the openssl implementation, and might not necessarily be the way you would want to do it. PGP, as an other example of hybrid encryption, uses it's own way of packing the data.
In any case, hybrid encryption is not something you get out of the box in java, and you typically need to implement each of the encryption + packaging steps yourself, or use one of the libraries that implements there version of this. An example of doing it yourself is this Java code I found that can decrypt messages encrypted with the above mentioned openssl_seal().
An example of using a library for hybrid encryption, could be using the PGP support in Bouncy Castle.
Ebbe's answer is very good, however this question was highly ranked in Google in my attempt to try and find a decent hybrid encryption library (Bouncy Castle's documentation is non-existent and not straight-forward, and GnuPG for Java relies on the OS and is not fully tested). So I thought I'd add on to Ebbe's answer for the weary traveller.
If you can use them, JWTs (JavaScript Web Tokens) could be handy for this. It's also an IETF Standard. There are two different types:
JWS, which is a signed JWT. Plain-text message, but you can verify its authenticity. Which has its own IETF Standard
JWE, which is an encrypted JWT. Which also has its own IETF Standard
Support for JWEs are unfortunately a bit poor at this point in time. However this should hopefully improve. At this point in time (2017-04-11), the only Java JWT library that supports JWEs is BitBucket's Jose4j.
I'm not really sure what you're trying to en- and decrypt, but GnuPG for Java might be a good choice.
It supports public and private keys and can en- and decrypt bigger files and data.
I need help using Bouncy Castle RSA Libraries for a school assignment, but it looks very complicated and I'm trying to learn and need some guidance.
For my assignment I need to just generate a public and private key. Then encrypt a block of message and do timing measurements. Then do the same for decryption.
Could someone point me in the right direction?
The Crypto Library is huge and I'm confused on how to go about this.
Thank you very much.
PS: Basically I need to generate the Key Pairs, Execute the encryption and decryption using different key pairs that are randomly generated.
I would appreaciate any guidance, thanks
Normally with Java you would use the Java Cryptography API's, in the java.security.* and javax.crypto.* packages.
BouncyCastle includes a provider (i.e. an implementation) for this API, but for RSA the one delivered with your JRE should be fine, too. (BouncyCastle additionally also has an own API which does things in other ways.)
You would need the KeyPair and KeyPairGenerator classes for the key generation, and the Cipher class for the actual encryption and decryption operation.
For the timing measurement, repeat the encryption/decryption some thousand times to get reliable data.
I need encrypt data using exactly the PKCS#1 V2.0 encryption method (defined in item 7.2.1 of the PKCS#1V2 specification).
Is it already implemented for Java?
I'm thinking in something like just pass a parameter to javax.crypto.Cipher specifying "PKCS#1V2", I wonder if there is something like this?
PKCS#1 v2.0 encryption is usually called OAEP encryption. So:
Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
The place to look is the Java Cryptography Architecture documents: Standard Algorithm Name Documentation or Sun Providers Documentation.
As you can see the SunJCE provider supports the following variations of OAEP:
OAEPWITHMD5ANDMGF1PADDING
OAEPWITHSHA1ANDMGF1PADDING
(OAEPWITHSHA-1ANDMGF1PADDING)
OAEPWITHSHA-256ANDMGF1PADDING
OAEPWITHSHA-384ANDMGF1PADDING
OAEPWITHSHA-512ANDMGF1PADDING