跳到主要內容

玩玩DES及RSA

最近有個需求,就是希望能把儲存在文字檔中的密碼,增加一些安全機制,想說之前(參考JavaWorld@TW的一些資料)有玩過一下下DES及RSA說不定可以試試看,流程大概先產生一把KEY(DES)或是一對KEY(RSA),使用KEY針對資料進行加密,加過密的文字有可能會是非法字元,所以用BASE64進行encode或是decode,應用程式要使用加個密的資料,需要兩個要素第一個就是key,另外就是API,缺一不可(盡量防止Developer).

DES部分

DESGenerator
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;

import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;

import entiebank.utils.Utils;

public class DESKeyGenerator {

public static void genDESKey(String keyFileName,String alg){
try {
KeyGenerator kpg = KeyGenerator.getInstance(alg);
//TODO Default alg maybe can change
//SecureRandom random = SecureRandom.getInstance("SHA1PRNG","SUN");
//常用的
// random.setSeed(101L);
// kpg.init(56,random);
SecretKey sKey = kpg.generateKey();
System.out.println(sKey.hashCode());
// SecretKeyFactory kfactory = SecretKeyFactory.getInstance(alg);
//DESKeySpec kspec = (DESKeySpec)kfactory.getKeySpec(sKey, DESKeySpec.class);
Utils.writeKeyFile(keyFileName, sKey);
//output File
// FileOutputStream fos = new FileOutputStream(keyFileName);
// ObjectOutputStream oos  = new ObjectOutputStream(fos);
// oos.writeObject(sKey);
// oos.close();
//// fos.write(sKey.getEncoded());
// fos.close();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
public static void main(String[] arg){
DESKeyGenerator.genDESKey("louisz.des", "DES");
}
}

DESUtils

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.DESKeySpec;

import entiebank.utils.Utils;

import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

public class DESUtils {
private static SecretKey sKey = null; 
public static void loadDESKey(String keyFileName){
sKey = (SecretKey)Utils.readKeyFile(keyFileName);
}
private static void readKey(){
System.out.println(sKey.hashCode());
}
public static SecretKey getDESKey(){
return sKey;
}
public static String encrypt(String clearString){
try {
Cipher desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
desCipher.init(Cipher.ENCRYPT_MODE,getDESKey());
//System.out.println("clearStr="+encryptString);
//System.out.println("encrypt=="+new String(desCipher.doFinal(encryptString.getBytes())));
return bytesToBase64Str(desCipher.doFinal(clearString.getBytes()));
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static String decrypt(String encryptString){
try {
Cipher desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
desCipher.init(Cipher.DECRYPT_MODE,getDESKey());
return new String(desCipher.doFinal(base64StrToBytes(encryptString)));
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static String decrypt(String keyFilename,String encryptString){
try {
SecretKey desKey = (SecretKey)Utils.readKeyFile(keyFilename);
Cipher desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
desCipher.init(Cipher.DECRYPT_MODE,desKey);
return new String(desCipher.doFinal(base64StrToBytes(encryptString)));
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static String bytesToBase64Str(byte[] bytes){
return new BASE64Encoder().encode(bytes);
}
public static byte[] base64StrToBytes(String base64Str){
try {
return new BASE64Decoder().decodeBuffer(base64Str);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static void main(String[] arg){
// DESUtils des = new DESUtils();
DESUtils.loadDESKey("Key");
DESUtils.readKey();
//System.out.println(DESUtils.encrypt("hehe it's can works"));
System.out.println(DESUtils.decrypt("l+M1yV2Mf4yaTlSxmPU3GA=="));
}
}


RSA部分

RSAGenerator
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;

import entiebank.utils.Utils;

public class RSAKeyGenerator {
public static void genRSAPairKey(String keyFileName,String alg){
try {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance(alg);
keyGen.initialize(1024);
KeyPair keyPair =keyGen.generateKeyPair();
PublicKey  pubKey = keyPair.getPublic();
System.out.println(pubKey.hashCode());
Utils.writeKeyFile(keyFileName+".pub", pubKey);
PrivateKey priKey= keyPair.getPrivate();
System.out.println(priKey.hashCode());
Utils.writeKeyFile(keyFileName+".pri", priKey);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public static void main(String[] arg){
RSAKeyGenerator.genRSAPairKey("louisz","RSA");
}
}


RSAUtils

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;

import entiebank.security.des.DESUtils;
import entiebank.utils.Utils;

public class RSAUtils {
private static PublicKey pubKey = null; 
private static PrivateKey priKey = null;
public static void loadRSAPubKey(String keyFileName){
pubKey=(PublicKey)Utils.readKeyFile(keyFileName);
}
public static void loadRSAPriKey(String keyFileName){
priKey=(PrivateKey)Utils.readKeyFile(keyFileName);
}
public static PublicKey getPublicKey(){
return pubKey;
}
public static PrivateKey getPrivateKey(){
return priKey;
}
public static String encrypt(String clearString){
try {
Cipher desCipher = Cipher.getInstance("RSA");
desCipher.init(Cipher.ENCRYPT_MODE,getPublicKey());
//System.out.println("clearStr="+encryptString);
//System.out.println("encrypt=="+new String(desCipher.doFinal(encryptString.getBytes())));
return Utils.bytesToBase64Str(desCipher.doFinal(clearString.getBytes()));
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static String decrypt(String encryptString){
try {
Cipher desCipher = Cipher.getInstance("RSA");
desCipher.init(Cipher.DECRYPT_MODE,getPrivateKey());
return new String(desCipher.doFinal(Utils.base64StrToBytes(encryptString)));
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static void main(String[] arg){
//RSAUtils rsa = new RSAUtils();
RSAUtils.loadRSAPriKey("louisz.pri");
RSAUtils.loadRSAPubKey("louisz.pub");
System.out.println(RSAUtils.encrypt("hehe it's can works"));
//System.out.println(rsa.decrypt("m/krh4KOgSNrDWpUrgUQ0ifVYmBnDAhdYU/B9HFZGiPsHDKOob/oQaJWyQX0a+VrC4igFq2a7zERrqUBjrImGgknMgjlko6NAufOHMu4BP4wblY68pIFPdIb1VZrN38vLgrtUjk1eXok7akn89Lu6NksBrlKoYEy2rOW/BfrCGs="));
}
}


Utils
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;

import javax.crypto.SecretKey;

import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

public class Utils {
public static Object readKeyFile(String keyFileName){
Object obj = null;
try {
FileInputStream fin = new FileInputStream(keyFileName);
ObjectInputStream ios = new ObjectInputStream(fin);
// DESKeySpec kSpec = (DESKeySpec)ios.readObject();
// kSpec.getKey();
obj= ios.readObject();
ios.close();
fin.close();
return obj;
} catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static void writeKeyFile(String keyFileName,Object sKey){
try {
FileOutputStream fos = new FileOutputStream(keyFileName);
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(sKey);
oos.close();
// fos.write(sKey.getEncoded());
fos.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public static String bytesToBase64Str(byte[] bytes){
return new BASE64Encoder().encode(bytes);
}
public static byte[] base64StrToBytes(String base64Str){
try {
return new BASE64Decoder().decodeBuffer(base64Str);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
}


留言

張貼留言

這個網誌中的熱門文章

使用Apache Http Server進行Proxy和LoadB alance

環境概述 OS:Linux Apache Http Server:2.2.21 安裝可以使用rpm或是抓source下來compile,建議前者 rpm –ivh apache-http-xxx.rpm 這裡請注意一下安裝的版本 http.conf 參數設定 Proxy < VirtualHost *:80>      ProxyPass targetPath fromPath | fromUrl < VirtualHost/>  範例如下 < VirtualHost *:80>      ProxyPass /app http://DomainName或IP:8888/app      ProxyPassReverse /app http://DomainName或IP:8888/app < VirtualHost/> 上述的參數設定為,將某主機的http通訊協定下的Web application(app),對應到本台Web Server的app下。這樣的Proxy架構的設定對企業內的Web應用程式相當有用處,若是遇到Web Application Server掛點只需要修改Proxy對應,不需要動到dns等等,是個滿便宜的Proxy架構設定喔。﹝不過要注意Web Application要注意redirectc和forward等的撰寫,盡量不要有絕對IP的出現﹞
張貼留言
閱讀完整內容

IBM MQ Server To Server的簡易設定

IBM MQ 的STS建置方式,IBM Red Book已經說明的滿完整的,這裡稍微整理一下,步驟如下 在 MQ-A Server MQ QMGR(MQA) 上需要建立的物件定義如下: • 遠端佇列定義 PAYROLL.QUERY • 傳輸佇列定義 MQB(預設 = 遠端佇列管理程式名稱) • 程序定義 MQA.TO.MQB.PROCESS(對於 WebSphere MQ for AIX、HP-UX、Solaris 與 Windows,及 MQSeries for Compaq Tru64 UNIX 與 OS/2 Warp,並非必要) • 傳送端通道定義 MQA.TO.MQB • 接收端通道定義 MQB.TO.MQA • 本端佇列定義 MQ2 以下是必須建立在 MQ-B Server MQ QMGR(MQB) 中的物件定義: • 遠端佇列定義 PAYROLL.RESPONE • 傳輸佇列定義 MQA(預設值=遠端佇列管理程式名稱) • 程序定義 MQB.TO.MQA.PROCESS(對於 WebSphere MQ for AIX、HP-UX、Solaris 與 Windows,及 MQSeries for Compaq Tru64 UNIX 與 OS/2 Warp,並非必要) • 傳送端通道定義 MQB.TO.MQA • 接收端通道定義 MQA.TO.MQB • 本端佇列定義 MQ4 1.先啟動MQ-A Server上的QMGR(MQA),並使用Runmqsc進入。 2.在佇列管理程式 MQA 上執行下列指令。 遠端佇列定義 DEFINE QREMOTE(PAYROLL.QUERY) DESCR('MQA 的遠端佇列') REPLACE + PUT(ENABLED) XMITQ(MQB) RNAME(MQ4) RQMNAME(MQB) 註: 遠端佇列定義並非實體的佇列,但卻是引導訊息至傳輸佇列 (MQB) 的一種方式,以便能將訊息送至佇列管理程式 MQB。 傳輸佇列定義 DEFINE QLOCAL(MQB) DESCR('對 MQB 的傳輸佇列') REPLACE + USAGE(XMITQ) PUT(ENABLED) GET(ENABLED) TRIGGER TRIGTYPE(FIRST) + INITQ(SYSTEM.CHANN
張貼留言
閱讀完整內容

IReport字型下拉選單中文亂碼

這個問題其實也不是很大啦,不過當你有很多的中文字型檔的時候可能就不知道要選哪一個,啟動IReport後,開啟報表後會發現左邊下拉選單中,最下面的字型清單中有出現方框,顯示不出該字型的名稱,這幾個字型應該是判斷新細明體,標楷體及細明體,如下圖 下載IReport的Source Code來檢查一下,it.businesslogic.ireport.gui.MainFrame發現這個JComboBox有特別設定Arial字型,當然只要是中文的都顯示不出來ㄚ,所以點掉這一行後重新編譯,嘿嘿就可以了。 jComboBoxFont.setFont(new java.awt.Font("Arial", 0, 11)); 我目前使用的版本為 IReport-3.0.0-src
1 則留言
閱讀完整內容