The padding mode is: PKCS5Padding
package com.FRNX.base.util;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.ResourceBundle;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import com.FRNX.arch.exception.FRNXException;
/**
* This class has the following functions:
* 1. Loads or generates key store.
* 2. Loads or generates symmetric secret key from or to the specified key store.
* 3. Encrypt data by 3DES.
*
* When encrypt data by 3DES, just call the public method: "encryptDataBy3DES".
* For example:
* String ciperText = FRNXSecurityUtil.encryptDataBy3DES(plainText);
*/
public class FRNXSecurityUtil
{
private static final String keyStoreFilePath;
private static final String CIPHER_ALGORITHM_3DES = "DESede";
private static final String CIPHER_KEYSTORE_TYPE = "JCEKS";
private static final String CIPHER_KEYSTORE_PASSWORD = "********";
private static final String CIPHER_3DESKEY_PASSWORD = "********";
private static final String CIPHER_3DESKEY_ALIAS = "3DESKey";
private static final int CIPHER_3DESKEY_SIZE = 168;
private static final String CIPHER_TRANSFORMATION = "DESede/ECB/PKCS5Padding";
private static final int CIPHER_ENCRYPT_MODE = Cipher.ENCRYPT_MODE;
static
{
ResourceBundle resourceBundle = ResourceBundle.getBundle("FRNXSecurity");
keyStoreFilePath = resourceBundle.getString("FRNX.keystore.location");
}
/**
* Load the secret key from the key store file.
* The key store file is configured in the "FRNXSecurity.properties".
* If the key store file exists, retrieve the secret key;
* otherwise generate the secret key and key store file, store the secrete key in the key store.
* @return - Secret key which is generated or retrieved from the key store file.
* @throws FRNXException
*/
private static SecretKey loadSecretKeyFromKeyStore() throws FRNXException
{
SecretKey DESedeKey = null;
File keyStoreFile = new File(keyStoreFilePath);
FileInputStream keyStoreFileInput = null;
FileOutputStream keyStoreFileOutput = null;
try
{
char[] keyStorePassword = CIPHER_KEYSTORE_PASSWORD.toCharArray();
KeyStore keyStoreInstance = KeyStore.getInstance(CIPHER_KEYSTORE_TYPE);
KeyStore.PasswordProtection passwordProtectionInstance = new KeyStore.PasswordProtection(CIPHER_3DESKEY_PASSWORD.toCharArray());
/*Retrieve the secret key from the key store file if the file exists.*/
if(keyStoreFile.exists())
{
keyStoreFileInput = new FileInputStream(keyStoreFile);
keyStoreInstance.load(keyStoreFileInput, keyStorePassword);
KeyStore.SecretKeyEntry DESedeKeyEntry = (KeyStore.SecretKeyEntry)keyStoreInstance.getEntry(CIPHER_3DESKEY_ALIAS, passwordProtectionInstance);
DESedeKey = DESedeKeyEntry.getSecretKey();
}
/*Generate the key store file and the secret key and store the key in the key store file.*/
else
{
keyStoreInstance.load(null, null);
KeyGenerator keyGeneratorInstance = KeyGenerator.getInstance(CIPHER_ALGORITHM_3DES);
keyGeneratorInstance.init(CIPHER_3DESKEY_SIZE);
DESedeKey = keyGeneratorInstance.generateKey();
KeyStore.SecretKeyEntry DESedeKeyEntry = new KeyStore.SecretKeyEntry(DESedeKey);
keyStoreInstance.setEntry(CIPHER_3DESKEY_ALIAS, DESedeKeyEntry, passwordProtectionInstance);
if(!keyStoreFile.getParentFile().exists())
{
keyStoreFile.getParentFile().mkdirs();
}
keyStoreFileOutput = new FileOutputStream(keyStoreFile);
keyStoreInstance.store(keyStoreFileOutput, keyStorePassword);
}
}
catch(KeyStoreException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(FileNotFoundException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(IOException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(CertificateException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(NoSuchAlgorithmException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(UnrecoverableEntryException e)
{
throw new FRNXException(e.getMessage(), e);
}
finally
{
try
{
if(keyStoreFileInput != null)
{
keyStoreFileInput.close();
}
if(keyStoreFileOutput != null)
{
keyStoreFileOutput.close();
}
}
catch(IOException e)
{
throw new FRNXException(e.getMessage(), e);
}
}
return DESedeKey;
}
/**
* Encrypt the plain text by the 3DES algorithm.
* @param plainText - The data to be encrypted.
* @return - The encrypted data.
* @throws FRNXException
*/
public static String encryptDataBy3DES(String plainText) throws FRNXException
{
String cipherText = null;
try
{
Cipher cipherInstance = Cipher.getInstance(CIPHER_TRANSFORMATION);
SecretKey DESedeKey = loadSecretKeyFromKeyStore();
cipherInstance.init(CIPHER_ENCRYPT_MODE, DESedeKey);
byte[] plainTextBytes = plainText.getBytes();
byte[] cipherTextBytes = cipherInstance.doFinal(plainTextBytes);
cipherText = new String(cipherTextBytes);
}
catch(NoSuchPaddingException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(NoSuchAlgorithmException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(InvalidKeyException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(BadPaddingException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(IllegalBlockSizeException e)
{
throw new FRNXException(e.getMessage(), e);
}
return cipherText;
}
}
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.ResourceBundle;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import com.FRNX.arch.exception.FRNXException;
/**
* This class has the following functions:
* 1. Loads or generates key store.
* 2. Loads or generates symmetric secret key from or to the specified key store.
* 3. Encrypt data by 3DES.
*
* When encrypt data by 3DES, just call the public method: "encryptDataBy3DES".
* For example:
* String ciperText = FRNXSecurityUtil.encryptDataBy3DES(plainText);
*/
public class FRNXSecurityUtil
{
private static final String keyStoreFilePath;
private static final String CIPHER_ALGORITHM_3DES = "DESede";
private static final String CIPHER_KEYSTORE_TYPE = "JCEKS";
private static final String CIPHER_KEYSTORE_PASSWORD = "********";
private static final String CIPHER_3DESKEY_PASSWORD = "********";
private static final String CIPHER_3DESKEY_ALIAS = "3DESKey";
private static final int CIPHER_3DESKEY_SIZE = 168;
private static final String CIPHER_TRANSFORMATION = "DESede/ECB/PKCS5Padding";
private static final int CIPHER_ENCRYPT_MODE = Cipher.ENCRYPT_MODE;
static
{
ResourceBundle resourceBundle = ResourceBundle.getBundle("FRNXSecurity");
keyStoreFilePath = resourceBundle.getString("FRNX.keystore.location");
}
/**
* Load the secret key from the key store file.
* The key store file is configured in the "FRNXSecurity.properties".
* If the key store file exists, retrieve the secret key;
* otherwise generate the secret key and key store file, store the secrete key in the key store.
* @return - Secret key which is generated or retrieved from the key store file.
* @throws FRNXException
*/
private static SecretKey loadSecretKeyFromKeyStore() throws FRNXException
{
SecretKey DESedeKey = null;
File keyStoreFile = new File(keyStoreFilePath);
FileInputStream keyStoreFileInput = null;
FileOutputStream keyStoreFileOutput = null;
try
{
char[] keyStorePassword = CIPHER_KEYSTORE_PASSWORD.toCharArray();
KeyStore keyStoreInstance = KeyStore.getInstance(CIPHER_KEYSTORE_TYPE);
KeyStore.PasswordProtection passwordProtectionInstance = new KeyStore.PasswordProtection(CIPHER_3DESKEY_PASSWORD.toCharArray());
/*Retrieve the secret key from the key store file if the file exists.*/
if(keyStoreFile.exists())
{
keyStoreFileInput = new FileInputStream(keyStoreFile);
keyStoreInstance.load(keyStoreFileInput, keyStorePassword);
KeyStore.SecretKeyEntry DESedeKeyEntry = (KeyStore.SecretKeyEntry)keyStoreInstance.getEntry(CIPHER_3DESKEY_ALIAS, passwordProtectionInstance);
DESedeKey = DESedeKeyEntry.getSecretKey();
}
/*Generate the key store file and the secret key and store the key in the key store file.*/
else
{
keyStoreInstance.load(null, null);
KeyGenerator keyGeneratorInstance = KeyGenerator.getInstance(CIPHER_ALGORITHM_3DES);
keyGeneratorInstance.init(CIPHER_3DESKEY_SIZE);
DESedeKey = keyGeneratorInstance.generateKey();
KeyStore.SecretKeyEntry DESedeKeyEntry = new KeyStore.SecretKeyEntry(DESedeKey);
keyStoreInstance.setEntry(CIPHER_3DESKEY_ALIAS, DESedeKeyEntry, passwordProtectionInstance);
if(!keyStoreFile.getParentFile().exists())
{
keyStoreFile.getParentFile().mkdirs();
}
keyStoreFileOutput = new FileOutputStream(keyStoreFile);
keyStoreInstance.store(keyStoreFileOutput, keyStorePassword);
}
}
catch(KeyStoreException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(FileNotFoundException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(IOException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(CertificateException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(NoSuchAlgorithmException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(UnrecoverableEntryException e)
{
throw new FRNXException(e.getMessage(), e);
}
finally
{
try
{
if(keyStoreFileInput != null)
{
keyStoreFileInput.close();
}
if(keyStoreFileOutput != null)
{
keyStoreFileOutput.close();
}
}
catch(IOException e)
{
throw new FRNXException(e.getMessage(), e);
}
}
return DESedeKey;
}
/**
* Encrypt the plain text by the 3DES algorithm.
* @param plainText - The data to be encrypted.
* @return - The encrypted data.
* @throws FRNXException
*/
public static String encryptDataBy3DES(String plainText) throws FRNXException
{
String cipherText = null;
try
{
Cipher cipherInstance = Cipher.getInstance(CIPHER_TRANSFORMATION);
SecretKey DESedeKey = loadSecretKeyFromKeyStore();
cipherInstance.init(CIPHER_ENCRYPT_MODE, DESedeKey);
byte[] plainTextBytes = plainText.getBytes();
byte[] cipherTextBytes = cipherInstance.doFinal(plainTextBytes);
cipherText = new String(cipherTextBytes);
}
catch(NoSuchPaddingException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(NoSuchAlgorithmException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(InvalidKeyException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(BadPaddingException e)
{
throw new FRNXException(e.getMessage(), e);
}
catch(IllegalBlockSizeException e)
{
throw new FRNXException(e.getMessage(), e);
}
return cipherText;
}
}
1 comment:
Surprising ! I am speechless and is thankful to you for sharing the complete source code. I really appreciate your programming skills and is thankful to you for sharing the code.
electronic signature
Post a Comment