Solved

Encrypting data from Java to PHP?

Posted on 2008-10-09
1
297 Views
Last Modified: 2013-12-13
Anyone know of a way to encrypt data, so the data (not just the communication) is encrypted moving from Java to a PHP page via a rest call / web service?

For instance, the java app can encrypt values before building them into a URL, that php can decode:
https://server.com/?value1=QWER&value2=ASDF
etc..
0
Comment
Question by:ecuguru
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 9

Accepted Solution

by:
mbodewes earned 500 total points
ID: 22694773
Well you could:

Server:
Let PHP script import a previously generated key pair (you only need one key pair)
Let PHP script send base54 encoded public key (public exponent & modulus) using page

Client:
Let Java parse page and load public key pair
Let Java generate a AES secret key
Let Java encrypt the values using the AES key and CBC mode
Let Java encrypt the AES secret key using the previously parsed public key using RSA PKCSv1.5 encryption
Send the GET request with the required encrypted values and an additional value containing the encrypted AES secret key

Server:
Let PHP script retrieve the encrypted values
Let PHP script decrypt the AES secret key using the RSA PKCSv1.5 decryption and the previously generated private key
Let PHP script decrypt the values using the previously decrypted AES secret key

Note that this does not help against man in the middle attack if the receiver of the AES public key cannot validate its origin. It may be better to first distribute this key to the Java side and use this as a static value.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question