Bouncycastle JCE practice (5)

?

Implementation of symmetric decryption

Symmetric encryption/decryption algorithms have several problems in the e-commerce transaction process:

(1 )?????? A secure channel is required for both parties to negotiate a common key during the first communication. Direct face-to-face negotiation may be unrealistic and difficult to implement. Therefore, both parties may need to negotiate through emails, phone calls, and other relatively insecure means;

(2 )?????? The number of keys is difficult to manage. Because different keys are required for each partner, it is difficult to adapt to a large amount of information exchange in the open society;

(3 )?????? Symmetric encryption algorithms generally do not provide information integrity identification. It cannot verify the identity of the sender and receiver;

The management and distribution of symmetric keys is a potentially dangerous and cumbersome process. Symmetric encryption is implemented based on mutual protection of secrets. The trade sides that adopt symmetric encryption technology must ensure that the same key is used and that the exchange of keys between them is secure and reliable, you must also set a program to prevent key leaks and change the key.

The symmetric decryption code is implemented as follows:

// Read the key from the key file

?? Secretkey key = NULL;

?? Try

?? {Objectinputstream Keyfile = new objectinputstream (

???? New fileinputstream ("C: // security file //" + misclass. username + "// symmetric key // yhb. Des "));

??? Key = (secretkey) Keyfile. readobject ();

??? Keyfile. Close ();

??? }

??? Catch (filenotfoundexception ey1)

??? {

??? System. Out. println ("error when read Keyfile ");

??? System. Exit (0 );

??? }

??? Catch (exception EY2)

??? {

??? System. Out. println ("error when read the Keyfile ");

??? System. Exit (0 );

??? }

?? // Generate cipher with key

??? Cipher cipher = NULL;

??? Try

{

// Set the algorithm. It should be the same as the setting during encryption.

Cipher = cipher. getinstance ("des ");

// Set the decryption Mode

???? Cipher. INIT (Cipher. decrypt_mode, key );

???? } Catch (exception ey3)

???? {

???? System. Out. println ("error when create the cipher ");

???? System. Exit (0 );

???? }

???? // Obtain the file to be decrypted from the dialog box and decrypt it

???? File file = new file (dirstring, string1 );

???? String filename = file. getname ();

??? Try

{

// Output stream. Pay attention to obtaining the file name.

Bufferedoutputstream out = new bufferedoutputstream (New fileoutputstream (

????????? "C: // security file //" + filename. substring (0, filename. Length ()-4 )));

???? // Input stream

????? Cipherinputstream in = new cipherinputstream (New bufferedinputstream (

??????????? New fileinputstream (File), cipher );

??? Int thebyte = 0;

??? While (thebyte = in. Read ())! =-1)

??? {

??? Out. Write (thebyte );

??? }

????? In. Close ();

????? Out. Close ();

????? }

????? Catch (exception ey5)

????? {

????? System. Out. println ("error when encrypt the file ");

????? System. Exit (0 );

????? }