http://siberean.livejournal.com/14788.html

Java encryption-decryption examples, I've seen so far in Internet, are having IV been hard coded, i.e. not changed every time. However randomization of the initialization vector (IV) is a must for AES and for strong security (WEP was compromised because of hardcoding of IV). Notice that IV is not a "salt", and is not a secret, but like a cryptographic nonce - must be randomized each time.
In simple example below - IV is attached in the beginning of the stream.

import java.io.BufferedInputStream;

import java.io.BufferedOutputStream;

import java.io.ByteArrayInputStream;

import java.io.ByteArrayOutputStream;

import java.io.FileInputStream;

import java.io.FileOutputStream;

import java.io.File;

import java.io.InputStream;

import java.io.OutputStream;

import java.security.SecureRandom;

import java.util.Arrays;

import javax.crypto.Cipher;

import javax.crypto.CipherInputStream;

import javax.crypto.CipherOutputStream;

import javax.crypto.spec.IvParameterSpec;

import javax.crypto.spec.SecretKeySpec;

public class Encryption {

    private static final int IV_LENGTH=16;

    /* A helper - to reuse the stream code below - if a small String is to be encrypted */

    public static byte[] encrypt(String plainText, String password) throws Exception {

        ByteArrayInputStream bis = new ByteArrayInputStream(plainText.getBytes("UTF8"));

        ByteArrayOutputStream bos = new ByteArrayOutputStream();

        encrypt(bis, bos, password);

        return bos.toByteArray();

    }

    public static byte[] decrypt(String cipherText, String password) throws Exception {

        byte[] cipherTextBytes = cipherText.getBytes();

        ByteArrayInputStream bis = new ByteArrayInputStream(cipherTextBytes);

        ByteArrayOutputStream bos = new ByteArrayOutputStream();

        decrypt(bis, bos, password);

        return bos.toByteArray();

    }

    public static void encrypt(InputStream in, OutputStream out, String password) throws Exception{

        SecureRandom r = new SecureRandom();

        byte[] iv = new byte[IV_LENGTH];

        r.nextBytes(iv);

        out.write(iv); //write IV as a prefix

        out.flush();

        //System.out.println(">>>>>>>>written"+Arrays.toString(iv));

        Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding"); //"DES/ECB/PKCS5Padding";"AES/CBC/PKCS5Padding"

        SecretKeySpec keySpec = new SecretKeySpec(password.getBytes(), "AES");

        IvParameterSpec ivSpec = new IvParameterSpec(iv);

        cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);        

        out = new CipherOutputStream(out, cipher);

        byte[] buf = new byte[1024];

        int numRead = 0;

        while ((numRead = in.read(buf)) >= 0) {

            out.write(buf, 0, numRead);

        }

        out.close();

    }

    public static void decrypt(InputStream in, OutputStream out, String password) throws Exception{

        byte[] iv = new byte[IV_LENGTH];

        in.read(iv);

        //System.out.println(">>>>>>>>red"+Arrays.toString(iv));

        Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding"); //"DES/ECB/PKCS5Padding";"AES/CBC/PKCS5Padding"

        SecretKeySpec keySpec = new SecretKeySpec(password.getBytes(), "AES");

        IvParameterSpec ivSpec = new IvParameterSpec(iv);

        cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);

        in = new CipherInputStream(in, cipher);

        byte[] buf = new byte[1024];

        int numRead = 0;

        while ((numRead = in.read(buf)) >= 0) {

            out.write(buf, 0, numRead);

        }

        out.close();

    }

    public static void copy(int mode, String inputFile, String outputFile, String password) throws Exception {

        BufferedInputStream is = new BufferedInputStream(new FileInputStream(inputFile));

        BufferedOutputStream os = new BufferedOutputStream(new FileOutputStream(outputFile));

        if(mode==Cipher.ENCRYPT_MODE){

            encrypt(is, os, password);

        }

        else if(mode==Cipher.DECRYPT_MODE){

            decrypt(is, os, password);

        }

        else throw new Exception("unknown mode");

        is.close();

        os.close();

    }

    public static void main(String[] args){

        if(args.length<1){

            System.out.println("Pass at least one argument (filename)");

            return;

        }

        try{

            //check files - just for safety

            String fileName=args[0];

            String tempFileName=fileName+".enc";

            String resultFileName=fileName+".dec";

            File file = new File(fileName);

            if(!file.exists()){

                System.out.println("No file "+fileName);

                return;

            }

            File file2 = new File(tempFileName);

            File file3 = new File(resultFileName);

            if(file2.exists() || file3.exists()){

                System.out.println("File for encrypted temp file or for the result decrypted file already exists. Please remove it or use a different file name");

                return;

            }

            copy(Cipher.ENCRYPT_MODE, fileName, tempFileName, "password12345678");

            copy(Cipher.DECRYPT_MODE, tempFileName, resultFileName, "password12345678");

            System.out.println("Success. Find encrypted and decripted files in current directory");

        }

        catch(Exception e){

            e.printStackTrace();

        }

    }    

}

Usage:

$ javac Encryption.java

Pass any existing file, you want to encrypt through command line argument (test.sh in the following example):

$ java Encryption test.sh

Success. Find encrypted and decripted files in current directory

Encrypted file (test.enc):

$ cat test.sh.enc

&X▒b▒▒▒▒_▒▒$Z▒▒f▒XboM▒  ▒_f§R▒s▒♣▒▒K▒M;▒▒▒▒'L▒ZS◄;▒▒i

▒▒|VØ▒:?▒▒▒?▒9y{7"▒▒▒▒+▒▒e}▒▒yi▒▒y_/jjU:▒▒_▒ ►p▒?▒▒▒;\[lE▒▒▒▒Cpc▒46▒▒▒▒@▒<▒n▒↓I▒

▒▒s▒?b▒p▒O▒▒▒▒▒▒▒\d▒4n3'▒▒▒Y♦<▒▒▒▒▒▒>▒▒▒▒Ih▒▒▒´\▒↓_R▒vGW▒▒▒V▒▒?(Q♥G     J◄DMS▒▒▒

zC;*

Let's check the decrypted file (test.dec):

$ cat test.sh.dec

#!/bin/sh

i=0

depth=6

nodes_number=$(echo "2^$depth" | bc)

#echo "total nodes: $nodes_number"

while [ $i -lt $nodes_number ] ;do

        number=$(echo "obase=2;$i" | bc)

        printf "%0${depth}o\n" 0$number

        i=`expr $i + 1`

done

The file is readable.

AES encryption of files (and strings) in java with randomization of IV (initialization vector)的更多相关文章

  1. AES加密解密通用版Object-C / C# / JAVA

    1.无向量 128位 /// <summary> /// AES加密(无向量) /// </summary> /// <param name="plainByt ...

  2. [转](.NET Core C#) AES Encryption

    本文转自:https://www.example-code.com/dotnet-core/crypt2_aes.asp Chilkat.Crypt2 crypt = new Chilkat.Cryp ...

  3. Java中List,ArrayList、Vector,map,HashTable,HashMap区别用法

    Java中List,ArrayList.Vector,map,HashTable,HashMap区别用法 标签: vectorhashmaplistjavaiteratorinteger ArrayL ...

  4. Java集合类源码解析:Vector

    [学习笔记]转载 Java集合类源码解析:Vector   引言 之前的文章我们学习了一个集合类 ArrayList,今天讲它的一个兄弟 Vector.为什么说是它兄弟呢?因为从容器的构造来说,Vec ...

  5. Java容器类List、ArrayList、Vector及map、HashTable、HashMap的区别与用法

    Java容器类List.ArrayList.Vector及map.HashTable.HashMap的区别与用法 ArrayList 和Vector是采用数组方式存储数据,此数组元素数大于实际存储的数 ...

  6. [JavaSecurity] - AES Encryption

    1. AES Algorithm The Advanced Encryption Standard (AES), also as known as Rijndael (its original nam ...

  7. too many open files linux服务器 golang java

    1. 现象 服务的cpu跑满(golang实现), 并大量报too many open files错误.服务使用systemd来运行,部署在阿里ecs上. 2.分析 从日志来看,cpu的上升主要为到达 ...

  8. LeetCode算法题-Add Strings(Java实现)

    这是悦乐书的第223次更新,第236篇原创 01 看题和准备 今天介绍的是LeetCode算法题中Easy级别的第90题(顺位题号是415).给定两个非负整数num1和num2表示为字符串,返回num ...

  9. LeetCode算法题-Isomorphic Strings(Java实现)

    这是悦乐书的第191次更新,第194篇原创 01 看题和准备 今天介绍的是LeetCode算法题中Easy级别的第50题(顺位题号是205).给定两个字符串s和t,确定它们是否是同构的.如果s中的字符 ...

随机推荐

  1. Python简要标准库(2)

    集合 堆 和 双端队列 1.集合 创建集合 s = set(range(10)) 和字典一样,集合元素的顺序是随意的,因此不能以元素的顺序作为依据编程 集合支持的运算 a = set([1,2,3]) ...

  2. 【转】APP推广什么是cpa,cps,cpm

    转载自:http://www.apptg.cn 经常做做APP推广和做运营的同学对于cpa,cps,cpm,cpc这些名词肯定不会陌生,也基本都知道其表示的含义,但是对于新手来说,这几个词的含义还是不 ...

  3. 【CSVRead】-jmeter

    csv     read 读取文件

  4. 腾讯云ubuntu安装使用MySQL

    安装步骤 ubuntu@VM---ubuntu:~$ sudo apt-get install mysql-server (密码: root/root) ubuntu@VM---ubuntu:~$ s ...

  5. Hadoop第一课:Hadoop集群环境搭建

    一. 检查列表 1.1.网络访问 设置电脑IP以及可以访问网络设置:进入etc/sysconfig/network-scripts/,使用命令“ls -all” 查看文件.会看到ifcfg-lo文件然 ...

  6. 创新手机游戏《3L》开发点滴(1)——道具、物品、装备表设计

    一.游戏物品/道具系统数据模型设计特点 为了让游戏更加的丰富,我们1201团队的新手机游戏设计了道具系统.于是丰富了游戏.取悦了玩家,哭了开发——道具/物品数据子系统是简单的.复杂的.不确定的: 简单 ...

  7. c# html 导出excel

    [CustomAuthorize]        public FileResult ExportCustomerManagerVisitExcel(string dateType, string r ...

  8. java.net.ProtocolException: Server redirected too many times

    网页爬虫时,原来正常的代码,可能是因为网站做了cookie校验处理,报异常:java.net.ProtocolException: Server redirected too many times 表 ...

  9. codeforces 359E Neatness(DFS+构造)

    Simon loves neatness. So before he goes to bed, Simon wants to complete all chores in the house. Sim ...

  10. 软件工程课堂作业(十一)——NABC分析

    一.团队开发项目:基于Android的重力感应的解锁APP 二.项目特点:区别于一般解锁软件用开机按钮开锁解锁,我们的重力解锁软件根据动作实现解锁,减少了开机按钮的使用频率,提高寿命. 三.NABC分 ...