Decrypt encypted data
EHR.network encrypts some critical secret data when shared with the apps. This is to improve security of the APIs. An example use case is the email & resetToken returned in the forgot password API.
This page explains how these can be decrypted in Java for further processing by the applications.
Requirements
- Server public key - This can be obtained from the server admin
Java implementation
Java dependencies
import java.security.*;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.security.spec.*;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.io.FileUtils;
Code snippet
publicKey = getKey(LoadConfig.getConfigValue("PUBLIC_KEY_PATH"));
String email = decrypt(objPass.getEmail());
String token = decrypt(objPass.getResetToken());
public static String decrypt(String data)
throws IllegalBlockSizeException, InvalidKeyException, BadPaddingException, NoSuchAlgorithmException,
NoSuchPaddingException, IOException, InvalidKeySpecException {
return decrypt(data, getPublicKey(publicKey));
}
public static String decrypt(String data, PublicKey publicKey) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
String decryptedPassword = null;
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.DECRYPT_MODE, publicKey);
byte[] decryptedPasswordByte = cipher.doFinal(Base64.getDecoder().decode(data));
decryptedPassword = new String(decryptedPasswordByte, StandardCharsets.UTF_8);
return decryptedPassword;
}
private static String getKey(String filename) throws IOException {
// Read key from file
String strKeyPEM = "";
BufferedReader br = new BufferedReader(new FileReader(filename));
String line;
while ((line = br.readLine()) != null) {
strKeyPEM += line + "\n";
}
br.close();
return strKeyPEM;
}
public static PublicKey getPublicKey(String base4096PublicKey)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
// String filename = LoadConfig.getConfigValue("PUBLIC_KEY_PATH");
// String publicKeyPEM = FileUtils.readFileToString(new File(filename));
String publicKeyPEM = base4096PublicKey;
// strip of header, footer, newlines, whitespace
publicKeyPEM = publicKeyPEM.replace("-----BEGIN PUBLIC KEY-----", "").replace("-----END PUBLIC KEY-----", "")
.replaceAll("\\s", "");
// decode to get the binary DER representation
byte[] publicKeyDER = Base64.getDecoder().decode(publicKeyPEM);
X509EncodedKeySpec keySpecX509 = new X509EncodedKeySpec(publicKeyDER);
PublicKey pubKey = KeyFactory.getInstance("RSA").generatePublic(keySpecX509);
return pubKey;
}
Last update:
2022-12-02