Link to home
Create AccountLog in
Avatar of joe_suganth
joe_suganthFlag for India

asked on

Decrypting a PGP file in UNIX using java

I have a file "Sample.DAT.txt" which is decrypted by PGP.
Inwindows by replacing the ".txt" extension with ".com"  which when double  clicked opens the "PGP Self Decrypting Archive - Enter passphrase" window,
where i enter the passphrase and click OK creates a "Sample.DAT" . This file when appended with the ".txt"
extension gives me the required decrypted file.


I'm using JAVA running in Window's to execute all this with the below code.

            String cmd = FileToBeDecrypted; // ".com" file which has to be decrypted
            Runtime run = Runtime.getRuntime();
            Process pr = run.exec(cmd);
            
            
            Robot robot = new Robot();  
            robot.delay(5000);
              
                  robot.keyPress(KeyEvent.VK_SHIFT);
            robot.keyPress(KeyEvent.VK_TAB);

            robot.keyRelease(KeyEvent.VK_SHIFT);
            robot.keyRelease(KeyEvent.VK_TAB);

            robot.keyPress(KeyEvent.VK_SHIFT);
            robot.keyPress(KeyEvent.VK_TAB);

            robot.keyRelease(KeyEvent.VK_SHIFT);
            robot.keyRelease(KeyEvent.VK_TAB);
            
            //KeyPress and KeyRelease events for specifying the detination path

            robot.keyPress(KeyEvent.VK_TAB);

            robot.keyRelease(KeyEvent.VK_TAB);

            robot.keyPress(KeyEvent.VK_TAB);

            robot.keyRelease(KeyEvent.VK_TAB);

            //KeyPress and KeyRelease events for specifying the passphrase
 
                  robot.keyPress(KeyEvent.VK_TAB);
            robot.keyRelease(KeyEvent.VK_TAB);
            robot.keyPress(KeyEvent.VK_ENTER);
            robot.keyRelease(KeyEvent.VK_ENTER);                              
            robot.delay(5000);


And now we are in the position to move the logic from Window's based JAVA to UNIX based Java ...
I'm using the below code to replicate the same action.

            sExe = "pgp"
                       + " --decrypt "
                       + " "
                       + inputfile                  
                       + " --symmetric-passphrase "
                       + "passphrase"
                       + " --output "
                       + outputFile;
            Runtime run = Runtime.getRuntime();
            Process pr = run.exec(sExe);
      
            //inputfile---> "Sample.DAT.pgp" (Replacing ".txt" with ".pgp" from the original encrypted file "Sample.DAT.txt")
            //outputfile---> "Sample.DAT"

But it throws some error's,

      java.io.IOException: java.io.IOException: pgp: not found

while running the code

Pelase let me know how to decrypt the file in UNIX based Java?
Avatar of for_yan
for_yan
Flag of United States of America image

You want to execute external executable - you need to make sure that in th environemnt where you start yout java program from you should be able to execite pgp

Are you running java from command line ?
If you are running from command line, try to start pgp from the saem command line before starting java
Does it work?
If not it sdhould be in the PATH
Avatar of joe_suganth

ASKER

Could you please tell me how to start the pgp?
How do you start your java program?
Probably

java some_class_name

so befoere doing t from the same prompt type

pgp

If it syas - unrecognized symbols then you doin't have pgp.exe (or pgp.com or pgp.bat) in path
 sExe = "pgp"
                       + " --decrypt "
                       + " "
                       + inputfile                  
                       + " --symmetric-passphrase "
                       + "passphrase"
                       + " --output "
                       + outputFile;
this is just a command which is paassed to winodws (afte substitution of some varaibles by their values)
if you cannot execute this command from dos prompt, then
it would not beexecuted from java program for sure

Im really new to this, Can you please let me know, what should i do to work decrypt the files using PGP in Java (Unix Environment)
please, do the expriment i asked.
how do you execute java program - please explain to me
Avatar of CEHJ
It's normally gpg in the Unix world. You might find the following wrapper class makes life easier

http://www.macnews.co.il/mageworks/java/gnupg/GnuPG.java
Looks like you can go more directly still and use Bouncy Castle's PGP

http://cephas.net/blog/2004/04/01/pgp-encryption-using-bouncy-castle/
please explain how you run your java program
>>please explain how you run your java program

Don't repeat questions please. You've already asked that
Hi , I have the code in UNIX box.
I connect UNIX server through putty and try to execute that file using JAVA filename.

If you still want to use the executable (which since you're posting this question, you should see is not a portable solution) then you should establish what it is. Either


which gpg

or

which pgp

need to work at the command line to have any chance of Java being able to do it
so you connect through putty and then type

java class_name

correct - ?

if so, then type

pgp

instead of java
and post the result
I really sorry for repeating the questions again !!!

I was not sure how to check the feasibility of running the pgp in JAVA runs in UNIX box. Is there any basic commands that i can execute in UNIX to find whethe PGP is available?
But that's what I suggest you do to cvheck.

Type

pgp

at the same command line you are starting java and let's see what is going on
I just gave you them in my last comment
when i type the pgp , the below is wat i got

$ pgp
ksh: pgp: not found
No. That's unsurprising
See my comments at http:#37072562 and http:#37072647
If you get nothing from

which gpg

then install gpg
You need to be able to executer pgp form command line then you'll not get errors from inside java
Did you ever excute pgp on this host?
Maybe you need to have correct PATH set up?
I tried running the below command in UNIX

gpg 1q2.DAT

AND i have got the below error..

gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: no valid OpenPGP data found.
gpg: processing message failed: eof


Now I'm confused .. should I use PGP or GPG ...  when i go for pgp i didnt get anything but gt sometin in GPG!!!
pgp is a Windows programme afaik. You have no choice.

What you do have a choice about is whether you use native code (see my earlier comments)
It is probably still easier for you to run the native program the way you have it in your java
change pgp to gpg in here

sExe = "pgp"
                       + " --decrypt "
                       + " "
                       + inputfile                  
                       + " --symmetric-passphrase "
                       + "passphrase"
                       + " --output "
                       + outputFile;

and see what you observe


I have tried changing the "pgp" as "gpg" but could not get output. And its not throwing any exceptions.
This is the code that i'm currently trying to execute.

String outputFile = "Sample.DAT"
String inputFile = outputFile+ ".pgp";

sExe = "gpg"
                       + " --decrypt "
                       + " "
                       + inputFile                  
                       + " --symmetric-passphrase "
                       + "sprint"
                       + " --output "
                       + outputFile;
                      Runtime run = Runtime.getRuntime();
      Process pr = run.exec(sExe);

I have attached a sample file which has to be decrypted.

Sample.DAT.txt
you rather post the exception which you see
>>I have attached a sample file which has to be decrypted.

If that's the file you're intending to deal with on Unix, you're going to have a problem. It's a self-decrypting *Windows* executable
There is no possibility of decrypting that file in UNIX environment ??
Well, in the world of computing, 'impossible' is not a word to use lightly. For all practical purposes, attempting to treat that particular file type in Unix would be a waste of time. Have you run it on Windows?
probably very difficult - maybe you can set up some connection through Remote Method Invocation - to have this
file decrypted on Wuindows and to send it back to Unix - but it is not so easy to do either
I mean, i can tell you how you'd go about trying to do it, but i certainly wouldn't want to do it
Do you have some way of connection - like fileshare which can be accsessed both from your windows and Unix ?
>>There is no possibility of decrypting that file in UNIX environment ??

It's not an encrypted file. It's a Windows program that embeds an encrypted file
ya ... i did run it on windows using java robot class.....
No havent got any filesharing connection between unix and windows as of now .....
Will that be my only option to go ahead???
theoretically you can sensd the file to winodws in smome way put it in some place there, rename to .exe call java method which will execite it and resend
bak to you the result - but implemantation of such system would require really some work.
With file share at least the fisrt most doubrtful part (sending it over there) would be much easier, but still some work

You should rather try to find some diffeerent design and continue running it on windows

>>No havent got any filesharing connection between unix and windows as of now .....

I'm not sure how that's going to help in any way.

If you're determined to deal with that file *programmatically* on Unix, you need to

a. run a Windows emulator or api implementation like Wine
b. programmatically get the handle to the window
c. programmatically enter the necessaries for decrypting
An alternative (possibly better if you can find out how) would be to extract the encrypted file from the Windows app and work on it directly
Strangely enough, with certain files of this type, encryption can be bypassed:


http://homepage.mac.com/adonismac/Advisory/pgp/proof_of_concept_PGP_Authentication_BYPASS.html
ASKER CERTIFIED SOLUTION
Avatar of for_yan
for_yan
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
>>Perhpas you can influence the process of creation of this file, so that it comes to you

That would help, but you'd still need to make window-oriented calls from a Java app
No, probably not;  if they creates it as Self-Decrypting archive for a particular Unix system whichn they are now
using - they'll need to call native non-java program to self-decrypt, true,  but why windows ?
As I understood you can even on Winodws create SDA suitable for self-decrypting on another platform
>> but why windows ?

Because a SDA is a windowed application. The best thing to do is not to use anything other than plain encryption in the first place. SDA is to make things easier for humans (including cracking the encryption by the looks). They make things difficult for machines