Decrypt Camunda Sealed Object in Scala
Camunda runs on JVM and some variables appear encrypted as javax.crypto.SealedObject
.
You can decrypt it, having encryption key, and here is a code in Scala to do that:
import org.bouncycastle.jce.provider.BouncyCastleProvider
import java.io._
import java.util.Base64
import java.security.Security
import javax.crypto.spec.{PBEKeySpec, PBEParameterSpec}
import javax.crypto.{Cipher, SealedObject, SecretKeyFactory}
val sealedString = "rO0ABX..."
// sealed object
val xBytes = Base64.getDecoder.decode(sealedString)
val xOis = new ObjectInputStream(new ByteArrayInputStream(xBytes))
val xSO = xOis.readObject().asInstanceOf[SealedObject]
Security.addProvider(new BouncyCastleProvider())
val phrase = "secret phrase value".toCharArray
val salt = "salt value".getBytes
val pbeParamSpec = new PBEParameterSpec(salt, 20)
val pbeKeySpec = new PBEKeySpec(phrase)
val keyFactory = SecretKeyFactory.getInstance(xSO.getAlgorithm)
val key = keyFactory.generateSecret(pbeKeySpec)
val cipher = Cipher.getInstance(xSO.getAlgorithm)
cipher.init(Cipher.DECRYPT_MODE, key, pbeParamSpec)
val raw = xSO.getObject(cipher) // <- decrypted string
For this to work you need to reference BouncyCastle in your sbt file:
libraryDependencies += "org.bouncycastle" % "bcprov-jdk16" % "1.46"
Result:
To contact me, send an email anytime or leave a comment below.