Background
The idisrv.sth file that's included in IBM Directory Integrator isn't a normal stash file. A normal stash file can be decrypted with a simple Perl script (see my previous post). However, this one is different. Happily, IBM does include a method to read this file, though it's hidden in a Jar file and requires some Java know-how.
Java Code
Here's the Java code required to read the file (in a file named ftStashFile.java - the name of the file must match the name of the class):
import com.ibm.di.server.StashFile;
import java.util.Vector;
public class ftStashFile extends StashFile {
public static void main(String[] args) throws Exception {
try {
Vector thePassword = readPasswords();
System.out.println(thePassword.firstElement());
} catch (Exception e) {
System.out.println("Exception encountered: " + e.toString());
}
}
}
The command to compile it is:
javac -cp .:/opt/IBM/TDI/V7.1.1/jars/common/miserver.jar ftStashFile.java
Then the command to run it is:
java -cp .:/opt/IBM/TDI/V7.1.1/jars/common/miserver.jar:/opt/IBM/TDI/V7.1.1/jars/common/tdiresource.jar:/opt/IBM/TDI/V7.1.1/jars/3rdparty/IBM/icu4j-4_4_2.jar ftStashFile
NOTE: You need to have the idisrv.sth file in the same directory as ftStashFile.class when you run it.
NOTE2: You will have problems if the JDK you're using is older than the JDK that was used to compile the IDI jar files. You'll get an error similar to this if that's the case:
bad class file: ../jars/common/miserver.jar(com/ibm/di/server/StashFile.class)
class file has wrong version 55.0, should be 52.0
Please remove or make sure it appears in the correct subdirectory of the classpath.
JD-GUI Download:
Perl script for decrypting a GSKit-created stash file:
Keystore Explorer (open-source tool similar to iKeyMan):
