http://siberean.livejournal.com/14788.html

Java encryption-decryption examples, I've seen so far in Internet, are having IV been hard coded, i.e. not changed every time. However randomization of the initialization vector (IV) is a must for AES and for strong security (WEP was compromised because of hardcoding of IV). Notice that IV is not a "salt", and is not a secret, but like a cryptographic nonce - must be randomized each time.
In simple example below - IV is attached in the beginning of the stream.

import java.io.BufferedInputStream;

import java.io.BufferedOutputStream;

import java.io.ByteArrayInputStream;

import java.io.ByteArrayOutputStream;

import java.io.FileInputStream;

import java.io.FileOutputStream;

import java.io.File;

import java.io.InputStream;

import java.io.OutputStream;

import java.security.SecureRandom;

import java.util.Arrays;

import javax.crypto.Cipher;

import javax.crypto.CipherInputStream;

import javax.crypto.CipherOutputStream;

import javax.crypto.spec.IvParameterSpec;

import javax.crypto.spec.SecretKeySpec;

public class Encryption {

    private static final int IV_LENGTH=16;

    /* A helper - to reuse the stream code below - if a small String is to be encrypted */

    public static byte[] encrypt(String plainText, String password) throws Exception {

        ByteArrayInputStream bis = new ByteArrayInputStream(plainText.getBytes("UTF8"));

        ByteArrayOutputStream bos = new ByteArrayOutputStream();

        encrypt(bis, bos, password);

        return bos.toByteArray();

    }

    public static byte[] decrypt(String cipherText, String password) throws Exception {

        byte[] cipherTextBytes = cipherText.getBytes();

        ByteArrayInputStream bis = new ByteArrayInputStream(cipherTextBytes);

        ByteArrayOutputStream bos = new ByteArrayOutputStream();

        decrypt(bis, bos, password);

        return bos.toByteArray();

    }

    public static void encrypt(InputStream in, OutputStream out, String password) throws Exception{

        SecureRandom r = new SecureRandom();

        byte[] iv = new byte[IV_LENGTH];

        r.nextBytes(iv);

        out.write(iv); //write IV as a prefix

        out.flush();

        //System.out.println(">>>>>>>>written"+Arrays.toString(iv));

        Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding"); //"DES/ECB/PKCS5Padding";"AES/CBC/PKCS5Padding"

        SecretKeySpec keySpec = new SecretKeySpec(password.getBytes(), "AES");

        IvParameterSpec ivSpec = new IvParameterSpec(iv);

        cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);        

        out = new CipherOutputStream(out, cipher);

        byte[] buf = new byte[1024];

        int numRead = 0;

        while ((numRead = in.read(buf)) >= 0) {

            out.write(buf, 0, numRead);

        }

        out.close();

    }

    public static void decrypt(InputStream in, OutputStream out, String password) throws Exception{

        byte[] iv = new byte[IV_LENGTH];

        in.read(iv);

        //System.out.println(">>>>>>>>red"+Arrays.toString(iv));

        Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding"); //"DES/ECB/PKCS5Padding";"AES/CBC/PKCS5Padding"

        SecretKeySpec keySpec = new SecretKeySpec(password.getBytes(), "AES");

        IvParameterSpec ivSpec = new IvParameterSpec(iv);

        cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);

        in = new CipherInputStream(in, cipher);

        byte[] buf = new byte[1024];

        int numRead = 0;

        while ((numRead = in.read(buf)) >= 0) {

            out.write(buf, 0, numRead);

        }

        out.close();

    }

    public static void copy(int mode, String inputFile, String outputFile, String password) throws Exception {

        BufferedInputStream is = new BufferedInputStream(new FileInputStream(inputFile));

        BufferedOutputStream os = new BufferedOutputStream(new FileOutputStream(outputFile));

        if(mode==Cipher.ENCRYPT_MODE){

            encrypt(is, os, password);

        }

        else if(mode==Cipher.DECRYPT_MODE){

            decrypt(is, os, password);

        }

        else throw new Exception("unknown mode");

        is.close();

        os.close();

    }

    public static void main(String[] args){

        if(args.length<1){

            System.out.println("Pass at least one argument (filename)");

            return;

        }

        try{

            //check files - just for safety

            String fileName=args[0];

            String tempFileName=fileName+".enc";

            String resultFileName=fileName+".dec";

            File file = new File(fileName);

            if(!file.exists()){

                System.out.println("No file "+fileName);

                return;

            }

            File file2 = new File(tempFileName);

            File file3 = new File(resultFileName);

            if(file2.exists() || file3.exists()){

                System.out.println("File for encrypted temp file or for the result decrypted file already exists. Please remove it or use a different file name");

                return;

            }

            copy(Cipher.ENCRYPT_MODE, fileName, tempFileName, "password12345678");

            copy(Cipher.DECRYPT_MODE, tempFileName, resultFileName, "password12345678");

            System.out.println("Success. Find encrypted and decripted files in current directory");

        }

        catch(Exception e){

            e.printStackTrace();

        }

    }    

}

Usage:

$ javac Encryption.java

Pass any existing file, you want to encrypt through command line argument (test.sh in the following example):

$ java Encryption test.sh

Success. Find encrypted and decripted files in current directory

Encrypted file (test.enc):

$ cat test.sh.enc

&X▒b▒▒▒▒_▒▒$Z▒▒f▒XboM▒  ▒_f§R▒s▒♣▒▒K▒M;▒▒▒▒'L▒ZS◄;▒▒i

▒▒|VØ▒:?▒▒▒?▒9y{7"▒▒▒▒+▒▒e}▒▒yi▒▒y_/jjU:▒▒_▒ ►p▒?▒▒▒;\[lE▒▒▒▒Cpc▒46▒▒▒▒@▒<▒n▒↓I▒

▒▒s▒?b▒p▒O▒▒▒▒▒▒▒\d▒4n3'▒▒▒Y♦<▒▒▒▒▒▒>▒▒▒▒Ih▒▒▒´\▒↓_R▒vGW▒▒▒V▒▒?(Q♥G     J◄DMS▒▒▒

zC;*

Let's check the decrypted file (test.dec):

$ cat test.sh.dec

#!/bin/sh

i=0

depth=6

nodes_number=$(echo "2^$depth" | bc)

#echo "total nodes: $nodes_number"

while [ $i -lt $nodes_number ] ;do

        number=$(echo "obase=2;$i" | bc)

        printf "%0${depth}o\n" 0$number

        i=`expr $i + 1`

done

The file is readable.

AES encryption of files (and strings) in java with randomization of IV (initialization vector)的更多相关文章

  1. AES加密解密通用版Object-C / C# / JAVA

    1.无向量 128位 /// <summary> /// AES加密(无向量) /// </summary> /// <param name="plainByt ...

  2. [转](.NET Core C#) AES Encryption

    本文转自:https://www.example-code.com/dotnet-core/crypt2_aes.asp Chilkat.Crypt2 crypt = new Chilkat.Cryp ...

  3. Java中List,ArrayList、Vector,map,HashTable,HashMap区别用法

    Java中List,ArrayList.Vector,map,HashTable,HashMap区别用法 标签: vectorhashmaplistjavaiteratorinteger ArrayL ...

  4. Java集合类源码解析:Vector

    [学习笔记]转载 Java集合类源码解析:Vector   引言 之前的文章我们学习了一个集合类 ArrayList,今天讲它的一个兄弟 Vector.为什么说是它兄弟呢?因为从容器的构造来说,Vec ...

  5. Java容器类List、ArrayList、Vector及map、HashTable、HashMap的区别与用法

    Java容器类List.ArrayList.Vector及map.HashTable.HashMap的区别与用法 ArrayList 和Vector是采用数组方式存储数据,此数组元素数大于实际存储的数 ...

  6. [JavaSecurity] - AES Encryption

    1. AES Algorithm The Advanced Encryption Standard (AES), also as known as Rijndael (its original nam ...

  7. too many open files linux服务器 golang java

    1. 现象 服务的cpu跑满(golang实现), 并大量报too many open files错误.服务使用systemd来运行,部署在阿里ecs上. 2.分析 从日志来看,cpu的上升主要为到达 ...

  8. LeetCode算法题-Add Strings(Java实现)

    这是悦乐书的第223次更新,第236篇原创 01 看题和准备 今天介绍的是LeetCode算法题中Easy级别的第90题(顺位题号是415).给定两个非负整数num1和num2表示为字符串,返回num ...

  9. LeetCode算法题-Isomorphic Strings(Java实现)

    这是悦乐书的第191次更新,第194篇原创 01 看题和准备 今天介绍的是LeetCode算法题中Easy级别的第50题(顺位题号是205).给定两个字符串s和t,确定它们是否是同构的.如果s中的字符 ...

随机推荐

  1. 180709-Java实现获取本机Ip的工具类

    180709-Java实现获取本机Ip的工具类 获取本机Ip算是比较常见的一个需求场景了,比如业务报警,可能就会带上出问题的机器IP,方便直接上去看日志定位问题,那么问题来了,如何获取机器IP呢? I ...

  2. JMeter自学笔记2-图形界面介绍

    一.写在前面的话: 上篇我们已经学会了如何安装JMeter和打开JMeter,那么这篇我们将对JMeter的图形界面做一个简单的介绍.大家只要简单的了解即可,无需死记硬背,在今后的学习和使用中慢慢熟悉 ...

  3. 关于maven项目中修改的JS不生效的解决方案

    1. 问题描述 昨天下午博主在开发学习的过程中,碰到一个修改了JS无法生效的问题,折腾我不少的时间,现将百度到的解决方案总结一下,以便下次碰到类似问题能够最快的找到解决方案 2 解决方案 2.1 方案 ...

  4. lintcode172 删除元素

    删除元素   给定一个数组和一个值,在原地删除与值相同的数字,返回新数组的长度. 元素的顺序可以改变,并且对新的数组不会有影响. 您在真实的面试中是否遇到过这个题? Yes 样例 给出一个数组 [0, ...

  5. MyBatis 插件 : 打印 SQL 及其执行时间

    Plugins 摘一段来自MyBatis官方文档的文字. MyBatis允许你在某一点拦截已映射语句执行的调用.默认情况下,MyBatis允许使用插件来拦截方法调用: Executor(update. ...

  6. vue学习笔记之:为何data是一个方法

    vue学习笔记之:为何data是一个方法 在vue开发中,我们可以发现,data中的属性值是在function中return出来的.可为何data必须是一个函数呢?我们先看官方的解释: 当一个组件被定 ...

  7. mysql入门 — (2)

    创建表 CREATE TABLE 表名称 [IF NOT EXISTS]( 字段名1 列类型[属性] [索引] 字段名2 列类型[属性] [索引] ... 字段名n 列类型[属性] [索引] )[表类 ...

  8. 在用js拼接html时,给元素加不上事件的问题

    问题描述:有时,发起ajax请求成功后,需要用js去拼接一小段html字符串,然后给某些元素添加事件时,事件总是加不上. 解决办法:在success 回调函数内,给元素添加事件绑定. 代码如下: $. ...

  9. thrift多平台安装

    thrift支持多语言的RPC,一直都想深入学习了解thrift,最近有空,就上网查了些资料,学习了一下,对它的使用有了一些了解.本篇是写thrift的安装,使用方法会另起一篇来写. 本文使用thri ...

  10. C#创建Window服务图解,安装、配置、以及C#操作Windows服务

    一.首先打开VS2013,创建Windows服务项目 二.创建完成后对"Service1.cs"重命名位"ServiceDemo":然后切换到代码视图,写个服务 ...