一個用JAVA開發的會話金鑰程式
/*
執行本程式你需要下載JCE,Bouncy Castle的JCE with Provider and Lightweight API
網址是 http://www.bouncycastle.org
配置如下:
在Windows中,你需要把下載的bcprov-JDK14-119.jar檔案拷貝到兩個地方:
一個在你安裝的JDK目錄中,比如說我的是C:/j2sdk1.4.0-rc/jre/lib/ext
另一個在你的JDK執行環境中,我的是在
C:/Program Files/Java/j2re1.4.0-rc/lib/ext;
另外還要在對兩個java.security進行修改:
我的在 C:/j2sdk1.4.0-rc/jre/lib/security/java.security;
C:/Program Files/Java/j2re1.4.0-rc/lib/security/java.security;
在java.security中加入 security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider
如果一切順利,你就可以執行本程式了。
該程式具有對你的檔案加解密功能。需要你指定的資料,程式中已給了介面。
比如說你指定了要加密的檔名"4.txt",加密後的檔案存放位置"6.txt",
還有口令password如"liufeng"後,執行該程式,那麼"6.txt" 中將是"4.txt"的密文。
注意口令是解密的鑰匙,不要忘記。
其他解密過程自己參考。
本程式利用會話金鑰加密,提供很多介面。如果你專案中需要加密過程,可以稍加改進為你所用
*/
import java.security.*;
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;
import java.util.*;
public class FileEncryptorRSA {
private static final int ITERATIONS=1000;//計算次數,在加鹽中用到
private static byte[] publicKeyBytes;//公鑰
private static byte[] privateKeyBytes;//私鑰
private static String SessionKey;//會話金鑰
public static String ENCRYPT_PRIVATEKEY_FILE="1.txt";//該檔案放置加密的私鑰
private static String TEXT_FILE="4.txt";//要加密的檔案
private static String ENCRPTOR_TEXT_FILE="5.txt";//被加密後的檔案
private static String DENCRYPTOR_TEXT_FILE="6.txt";//解密後的檔案
private static String password="liufeng";//口令用於加密私鑰
public void setTEXT_FILE(String fileName){
TEXT_FILE=fileName;
}
public void setENCRYPT_PRIVATEKEY_FILE(String fileName){
ENCRYPT_PRIVATEKEY_FILE=fileName;
}
public String getENCRYPT_PRIVATEKEY_FILE(){
return ENCRYPT_PRIVATEKEY_FILE;
}
public void setENCRPTOR_TEXT_FILE(String fileName){
ENCRPTOR_TEXT_FILE=fileName;
}
public String getENCRPTOR_TEXT_FILE(){
return ENCRPTOR_TEXT_FILE;
}
public void setDENCRYPTOR_TEXT_FILE(String fileName){
DENCRYPTOR_TEXT_FILE=fileName;
}
public String getDENCRYPTOR_TEXT_FILE(){
return DENCRYPTOR_TEXT_FILE;
}
public void setPassword(String password){
this.password=password;
}
//create a RSA secretKey
public static void createKey()throws Exception{
KeyPairGenerator keyPairGenerator=KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair keyPair=keyPairGenerator.genKeyPair();
//得到公鑰的位元組陣列
publicKeyBytes=keyPair.getPublic().getEncoded();
//得到私鑰
byte[] privateKeyBytes=keyPair.getPrivate().getEncoded();
byte[] encrytedPrivatekey=passwordEncrypt(password.toCharArray(),privateKeyBytes);
FileOutputStream fos=new FileOutputStream(ENCRYPT_PRIVATEKEY_FILE);
fos.write(encrytedPrivatekey);
fos.close();
}
//通過給的口令加密私鑰
private static byte[] passwordEncrypt(char[] password,byte[] privateKeyBytes)
throws Exception{
//create 8 byte salt
byte[] salt=new byte[8];
Random random=new Random();
random.nextBytes(salt);
//create a PBE key and cipher
PBEKeySpec keySpec=new PBEKeySpec(password);
SecretKeyFactory keyFactory=SecretKeyFactory.getInstance("PBEWithSHAAndTwofish-CBC");
SecretKey key=keyFactory.generateSecret(keySpec);
PBEParameterSpec paramSpec=new PBEParameterSpec(salt,ITERATIONS);
Cipher cipher=Cipher.getInstance("PBEWithSHAAndTwofish-CBC");
cipher.init(Cipher.ENCRYPT_MODE,key,paramSpec);
//Encrypt the byte[]
byte[] ciphERPriKey=cipher.doFinal(privateKeyBytes);
//write out salt ,and then the cipherPriKey
ByteArrayOutputStream baos=new ByteArrayOutputStream();
baos.write(salt);
baos.write(cipherPriKey);
return baos.toByteArray();
}
//用會話金鑰加密給定的檔案,然後用公鑰加密會話金鑰,並存入檔案中
//最後加密後的檔案由金鑰長度+已加密的金鑰(會話金鑰)+密文
public static void encrypt()throws Exception{
//轉換成RSA金鑰
X509EncodedKeySpec keySpec=new X509EncodedKeySpec(publicKeyBytes);
KeyFactory keyFactory=KeyFactory.getInstance("RSA");
PublicKey publickey=keyFactory.generatePublic(keySpec);
//開啟存貯密文的檔案
DataOutputStream output=new DataOutputStream(new FileOutputStream(ENCRPTOR_TEXT_FILE));
//建立RSA的CIpher
Cipher rsaCipher=Cipher.getInstance("RSA/ECB/PKCS1Padding");
rsaCipher.init(Cipher.ENCRYPT_MODE,publickey);
//建立會話金鑰(Rijndael)
KeyGenerator rijndaelKeyGenerator=KeyGenerator.getInstance("Rijndael");
rijndaelKeyGenerator.init(256);
Key rijndaelKey=rijndaelKeyGenerator.generateKey();
//公鑰加密會話金鑰
byte[] encodedKeyBytes=rsaCipher.doFinal(rijndaelKey.getEncoded());
output.writeInt(encodedKeyBytes.length);
output.write(encodedKeyBytes);
//產生IV向量
SecureRandom random=new SecureRandom();
byte[] iv=new byte[16];
random.nextBytes(iv);
output.write(iv);
//加密正文
IvParameterSpec spec=new IvParameterSpec(iv);
Cipher symmetricCipher=Cipher.getInstance("Rijndael/CBC/PKCS5Padding");
symmetricCipher.init(Cipher.ENCRYPT_MODE,rijndaelKey,spec);
CipherOutputStream cos=new CipherOutputStream(output,symmetricCipher);
FileInputStream input=new FileInputStream(TEXT_FILE);
int theByte=0;
while((theByte=input.read())!=-1){
cos.write(theByte);
}
input.close();
cos.close();
return;
}
//得到私鑰
private static byte[] passwordDecrypt(char[] password,byte[] ciphertext)
throws Exception{
byte[] salt=new byte[8];
ByteArrayInputStream bais=new ByteArrayInputStream(ciphertext);
bais.read(salt,0,8);
byte[] remainingCiphertext=new byte[ciphertext.length-8];
bais.read(remainingCiphertext,0,ciphertext.length-8);
PBEKeySpec keySpec=new PBEKeySpec(password);
SecretKeyFactory keyFactory=SecretKeyFactory.getInstance("PBEWithSHAAndTwofish-CBC");
SecretKey key=keyFactory.generateSecret(keySpec);
PBEParameterSpec paramSpec=new PBEParameterSpec(salt,ITERATIONS);
Cipher cipher=Cipher.getInstance("PBEWithSHAAndTwofish-CBC");
cipher.init(Cipher.DECRYPT_MODE,key,paramSpec);
return cipher.doFinal(remainingCiphertext);
}
//解密加密的檔案
public static void decrypt()
throws Exception{
FileInputStream fis=new FileInputStream(ENCRYPT_PRIVATEKEY_FILE);
ByteArrayOutputStream baos=new ByteArrayOutputStream();
int theByte=0;
while((theByte=fis.read())!=-1){
baos.write(theByte);
}
fis.close();
//得到被加密的私鑰
byte[] keyBytes=baos.toByteArray();
baos.close();
//得到私鑰
byte[] sKey=passwordDecrypt(password.toCharArray(),keyBytes);
//產生RSA私鑰
PKCS8EncodedKeySpec keySpec=new PKCS8EncodedKeySpec(sKey);
KeyFactory keyFactory=KeyFactory.getInstance("RSA");
PrivateKey privateKey=keyFactory.generatePrivate(keySpec);
Cipher rsaCipher=Cipher.getInstance("RSA/ECB/PKCS1Padding");
DataInputStream dis=new DataInputStream(new FileInputStream(ENCRPTOR_TEXT_FILE));
//讀密文中密碼長度和密碼
byte[] encryptedKeyBytes=new byte[dis.readInt()];
dis.readFully(encryptedKeyBytes);
rsaCipher.init(Cipher.DECRYPT_MODE,privateKey);
byte[] rijdaelKeyBytes=rsaCipher.doFinal(encryptedKeyBytes);
//得到會話金鑰
SecretKey rijndaelKey=new SecretKeySpec(rijdaelKeyBytes,"Rijndael");
byte[] iv=new byte[16];
dis.read(iv);
IvParameterSpec spec=new IvParameterSpec(iv);
//用會話金鑰解密正文
Cipher cipher=Cipher.getInstance("Rijndael/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE,rijndaelKey,spec);
CipherInputStream cis=new CipherInputStream(dis,cipher);
FileOutputStream fos=new FileOutputStream(DENCRYPTOR_TEXT_FILE);
theByte=0;
while((theByte=cis.read())!=-1){
fos.write(theByte);
}
cis.close();
fos.close();
return;
}
public static void main(String[] args)throws Exception{
createKey();
encrypt();
decrypt();
}
}