bouncycastle(4)Learn from others BPE
bouncycastle(4)Learn from others BPE
PBE (Password-based Encryption)
A will create password and generate random number, encrypt the data with password and random number. Send the password first to B. Then send the random number and encryption data to B.
B will use password and random number to decrypt the data.
The import implementation class is as follow:
package com.sillycat.easycastle.encryption;
import java.security.Key;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
public abstract class PBECoder extends Coder {
/**
* provide all the algorithm
* <pre>
* PBEWithMD5AndDES
* PBEWithMD5AndTripleDES
* PBEWithSHA1AndDESede
* PBEWithSHA1AndRC2_40
* </pre>
*/
public static final String ALGORITHM = "PBEWITHMD5andDES";
/**
* random salt number
* @return
* @throws Exception
*/
public static byte[] initSalt() throws Exception {
byte[] salt = new byte[8];
Random random = new Random();
random.nextBytes(salt);
return salt;
}
/**
* convert to the key
*
* @param password
* @return
* @throws Exception
*/
private static Key toKey(String password) throws Exception {
PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
SecretKey secretKey = keyFactory.generateSecret(keySpec);
return secretKey;
}
/**
* encryption
* @param data
* @param password
* @param salt
* @return
* @throws Exception
*/
public static byte[] encrypt(byte[] data, String password, byte[] salt)
throws Exception {
Key key = toKey(password);
PBEParameterSpec paramSpec = new PBEParameterSpec(salt, 100);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
return cipher.doFinal(data);
}
/**
* decryption
*
* @param data
* @param password
* @param salt
* @return
* @throws Exception
*/
public static byte[] decrypt(byte[] data, String password, byte[] salt)
throws Exception {
Key key = toKey(password);
PBEParameterSpec paramSpec = new PBEParameterSpec(salt, 100);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
return cipher.doFinal(data);
}
}
And the test class is as follow:
package com.sillycat.easycastle.encryption;
import static org.junit.Assert.assertEquals;
import org.junit.Test;
public class PBECoderTest {
@Test
public void test() throws Exception {
String inputStr = "abcdefghijklmn";
System.out.println("original: " + inputStr);
byte[] input = inputStr.getBytes();
String pwd = "password_hello";
System.out.println("password: " + pwd);
byte[] salt = PBECoder.initSalt();
byte[] data = PBECoder.encrypt(input, pwd, salt);
System.out.println("encryption: " + PBECoder.encryptBASE64(data));
byte[] output = PBECoder.decrypt(data, pwd, salt);
String outputStr = new String(output);
System.out.println("decryption: " + outputStr);
assertEquals(inputStr, outputStr);
}
}
This project is also host in project easycastle.
references:
http://snowolf.iteye.com/blog/380761