Decrypting the result of system.getRsaEncrypted outside ITDI

Answer

The system.getRsaEncrypted method returns the hexadecimal representation (as an ASCII string) of the byte array resulting from the encryption.
Here is an example of a simple Java stand alone program which can be called to decrypt:

******************************
package test;

import java.io.File;
import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyStore;
import javax.crypto.Cipher;

public class Decript {

private static byte[] convertToBinary (String asci) {
int len = asci.length() / 2;
byte[] hexData = new byte[len];
for (int i = 0; i < len; i++) {
int asciInx = 2 * i;
int digit = Integer.parseInt(asci.substring(asciInx, asciInx+ 2), 16);
hexData[i] = ((byte)digit);
}
return hexData;
}

private static void doIt (String path, String password, String certAlias, String certPassword, byte[] encrText) throws Exception {
KeyStore keyStore = KeyStore.getInstance("JKS", "IBMJCE");
FileInputStream streamIn = new FileInputStream(path);
keyStore.load(streamIn, password.toCharArray());
Key key = keyStore.getKey(certAlias, certPassword.toCharArray());
Cipher cipher = Cipher.getInstance("RSA", "IBMJCE");
cipher.init(2,key);
byte[] clearText = cipher.doFinal(encrText);
System.out.println(new String(clearText));
}

public static void main(String[] args) {
try {
doIt(args[0],args[1],args[2],args[3],convertToBinary(args[4]));
} catch (Exception e) {
e.printStackTrace();
}
}

}
******************************

The arguments which need to be passed are (in the order):
- path of the jks keystore
- password of the keystore
- alias of the certificate within the keystore
- certificate password (if defined, or the keystore one)
- string to be decrypted

You can note the convertToBinary function, which actually returns the byte array corresponding to the hexadecimal representation (as an ASCII string) passed as input.