Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 321
  • Last Modified:

Encrypting data from Java to PHP?

Anyone know of a way to encrypt data, so the data (not just the communication) is encrypted moving from Java to a PHP page via a rest call / web service?

For instance, the java app can encrypt values before building them into a URL, that php can decode:
https://server.com/?value1=QWER&value2=ASDF
etc..
0
ecuguru
Asked:
ecuguru
1 Solution
 
mbodewesCommented:
Well you could:

Server:
Let PHP script import a previously generated key pair (you only need one key pair)
Let PHP script send base54 encoded public key (public exponent & modulus) using page

Client:
Let Java parse page and load public key pair
Let Java generate a AES secret key
Let Java encrypt the values using the AES key and CBC mode
Let Java encrypt the AES secret key using the previously parsed public key using RSA PKCSv1.5 encryption
Send the GET request with the required encrypted values and an additional value containing the encrypted AES secret key

Server:
Let PHP script retrieve the encrypted values
Let PHP script decrypt the AES secret key using the RSA PKCSv1.5 decryption and the previously generated private key
Let PHP script decrypt the values using the previously decrypted AES secret key

Note that this does not help against man in the middle attack if the receiver of the AES public key cannot validate its origin. It may be better to first distribute this key to the Java side and use this as a static value.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now