Digital envelope encryption technology (algorithms combined with RSA and DES)
This algorithm combines the advantages of DES and RSA.
Principle:
!. The sender uses the des key to encrypt important data.
2. the sender uses the RSA public key to encrypt the des key.
3. Send messages
4. After receiving the message, the receiver uses the RSA private key to decrypt the encrypted des key.
5. The receiver uses the RSA key to decrypt the decrypted des key to decrypt important data.
In this article, we first generate the des key and RSA key required for this simulation.
Then follow the above five steps for simulation:
1. Generate des key
/*
* To change this template, choose tools | templates
* And open the template in the editor.
*/
Package digital. envolope. technology;
Import java. Io. file;
Import java. Io. fileoutputstream;
Import java. Io. objectoutputstream;
Import java. util. Logging. level;
Import java. util. Logging. Logger;
Import javax. crypto. keygenerator;
Import javax. crypto. SecretKey;
/**
*
* @ Author Administrator
*/
Public class GenerateDESKey {// generate DES key
Public static void main (String [] args ){
Try {
// Key generator
KeyGenerator kg = KeyGenerator. getInstance ("DESede"); // uses the dual des encryption algorithm
// Set the key length to 168 bits
Kg. init (168 );
// Generate the key
SecretKey k = kg. generateKey ();
// Save the key in the file
File dir = new file ("digitalenvolope ");
Boolean pass = dir. mkdir (); // create a directory
If (! Pass ){
File file = new file (Dir, "key. dat ");
Fileoutputstream out = new fileoutputstream (File );
Objectoutputstream OOS = new objectoutputstream (out );
Oos. writeobject (k); // It must be written as a serialized object. Otherwise, an exception will be thrown when reading with objectinputstream.
Out. Close ();
Oos. Close ();
}
} Catch (exception ex ){
Logger. getlogger (generatepolicey. Class. getname (). Log (level. Severe, null, ex );
}
}
}
2. generate an RSR key pair
/*
* To change this template, choose tools | templates
* And open the template in the editor.
*/
Package digital. envolope. technology;
Import java. io. FileOutputStream;
Import java. io. ObjectOutputStream;
Import java. io. File;
Import java. security. KeyPair;
Import java. security. KeyPairGenerator;
Import java. security. PrivateKey;
Import java. security. PublicKey;
Import java. util. logging. Level;
Import java. util. logging. Logger;
/**
*
* @ Author Administrator
*/
Public class GenKey {
Public static void main (String [] args ){
Try {
// Create a key pair Generator
KeyPairGenerator KPG = KeyPairGenerator. getInstance ("RSA ");
// Initialize the key generator
KPG. initialize (1024 );
// Generate a key pair
KeyPair KP = KPG. genKeyPair ();
// Obtain the public key and key
PublicKey pbKey = KP. getPublic ();
PrivateKey prKey = KP. getPrivate ();
// Save the public key to the file
File file = new File ("digitalEnvolope", "RSAPublic. dat ");
Fileoutputstream out = new fileoutputstream (File );
Objectoutputstream fileout = new objectoutputstream (out );
Fileout. writeobject (pbkey );
// Save the key to the file
File = new file ("digitalenvolope", "rs1_vate. dat ");
Fileoutputstream outprivate = new fileoutputstream (File );
Objectoutputstream privateout = new objectoutputstream (outprivate );
PrivateOut. writeObject (prKey );
} Catch (Exception ex ){
Logger. getLogger (GenKey. class. getName (). log (Level. SEVERE, null, ex );
}
}
}
3. encrypt important data with the DES key
/*
* To change this template, choose Tools | Templates
* And open the template in the editor.
*/
Package digital. envolope. technology;
Import java. io. File;
Import java. io. FileInputStream;
Import java. io. FileOutputStream;
Import java. io. ObjectInputStream;
Import java. security. Key;
Import java. util. logging. Level;
Import java. util. logging. Logger;
Import javax. crypto. Cipher;
/**
*
* @ Author Administrator
*/
Public class EncryptDESede {// use the DESede algorithm to encrypt data files
Public static void main (String [] args ){
// Read the data file
File data = new File ("digitalEnvolope", "business.txt ");
Try {
FileInputStream dataInput = new FileInputStream (data );
Int size = 0; // The number of bytes in the record file
Size = dataInput. available ();
Byte [] dataInputByte = new byte [size];
// Read to the byte array
DataInput. read (dataInputByte );
// Read the des key
File encryption = new File ("digitalEnvolope", "key. dat ");
FileInputStream fileInput = new FileInputStream (encryption );
// If you do not use ObjectOutputStream to directly write the SecretKey object to the file when writing the key to a file, an exception is thrown when reading the key here. Remember
ObjectInputStream OIS = new ObjectInputStream (fileInput );
Key key = (Key) OIS. readObject ();
// Obtain the encryptor
Cipher cp = Cipher. getInstance ("DESede ");
// Set the encryption mode
Cp. init (Cipher. ENCRYPT_MODE, key );
// Encrypted byte
Byte encryptByte [] = cp. doFinal (dataInputByte );
FileOutputStream out = new FileOutputStream (new
File ("digitalEnvolope", "DESEncrypt_data.txt "));
Out. write (encryptByte );
// Release System Resources
DataInput. close ();
OIS. close ();
Out. close ();
} Catch (Exception ex ){
Logger. getLogger (EncryptDESede. class. getName (). log (Level. SEVERE, null, ex );
}
}
}
4. Use the RSA public key to encrypt the DES key
/*
* To change this template, choose Tools | Templates
* And open the template in the editor.
*/
Package digital. envolope. technology;
Import java. io. File;
Import java. io. FileInputStream;
Import java. io. FileOutputStream;
Import java. io. IOException;
Import java. io. ObjectInputStream;
Import java. security. Key;
Import java. util. logging. Level;
Import java. util. logging. Logger;
Import javax. crypto. Cipher;
Import org. bouncycastle. jce. provider. BouncyCastleProvider;
/**
*
* @ Author Administrator
*/
Public class RSAEncryptDESEnctyption {// use the RSA public key to encrypt the DESede key
Public static void main (String [] args ){
// Create and initialize the secret
FileInputStream keyfiis = null; // no less
Try {
// Read the RSA public key, which is located in the digitalEnvolope folder
File file = new file ("digitalenvolope", "rsapublic. dat ");
Keyfd = new fileinputstream (File );
Objectinputstream OIS = new objectinputstream (keyfs );
Key key = (key) Ois. readobject ();
// Create and initialize the secret
Cipher CP = cipher. getinstance ("RSA", new bouncycastleprovider (); // no less
CP. INIT (Cipher. encrypt_mode, key );
// Read the desede key
File = new File ("digitalEnvolope", "key. dat ");
FileInputStream dataFIS = new FileInputStream (file );
// Obtain the data to be encrypted
Int size = dataFIS. available ();
Byte [] encryptByte = new byte [size];
DataFIS. read (encryptByte );
// Create a file output stream
File = new File ("digitalEnvolope", "Enc_RAS.dat ");
If (file. exists ()){
File. delete (); // delete a file if it already exists
}
FileOutputStream FOS = new FileOutputStream (file );
// The RSA algorithm must adopt block encryption.
// Obtain the size of the RSA encrypted Block
Int blockSize = cp. getBlockSize ();
// Return the length of the output buffer (in bytes) required to save the next update or doFinal operation result based on the given input length inputLen (in bytes ).
Int outputBlockSize = cp. getOutputSize (encryptByte. length );
// Determine the number of times (number of encrypted blocks)
Int leavedSize = encryptByte. length % blockSize;
Int blocksNum = leavedSize = 0? EncryptByte. length/blockSize
: EncryptByte. length/blockSize + 1;
Byte [] cipherData = new byte [blocksNum * outputBlockSize];
// Encrypt each data block separately
For (int I = 0; I <blocksNum; I ++ ){
If (encryptByte. length-I * blockSize)> blockSize ){
Cp. doFinal (encryptByte, I * blockSize, blockSize, cipherData, I * outputBlockSize );
} Else {
Cp. doFinal (encryptByte, I * blockSize, encryptByte. length-I * blockSize, cipherData, I * outputBlockSize );
}
}
FOS. write (cipherData );
FOS. close ();
} Catch (Exception ex ){
Logger. getLogger (RSAEncryptDESEnctyption. class. getName (). log (Level. SEVERE, null, ex );
} Finally {
Try {
Keyfcm. close ();
} Catch (IOException ex ){
Logger. getLogger (RSAEncryptDESEnctyption. class. getName (). log (Level. SEVERE, null, ex );
}
}
}
}
5. After receiving the message, the receiver uses the RSA private key to decrypt the encrypted DES key.
/*
* To change this template, choose Tools | Templates
* And open the template in the editor.
*/
Package digital. envolope. technology;
Import java. io. File;
Import java. io. FileInputStream;
Import java. io. FileOutputStream;
Import java. io. IOException;
Import java. io. ObjectInputStream;
Import java. security. Key;
Import java. util. logging. Level;
Import java. util. logging. Logger;
Import javax. crypto. Cipher;
Import org. bouncycastle. jce. provider. BouncyCastleProvider;
/**
*
* @ Author Administrator
*/
Public class RSADecryptionDESEncryption {// use the RSA private key to decrypt the encrypted des key
Public static void main (String [] agrs ){
FileInputStream keyfcm = null;
Try {
// Read the RSA private key, which is located in the digitalEnvolope folder
File file = new File ("digitalEnvolope", "rs1_vate. dat ");
Keyfd = new FileInputStream (file );
ObjectInputStream OIS = new ObjectInputStream (keyfs );
Key key = (Key) OIS. readObject ();
// Create and initialize the secret
Cipher cp = Cipher. getInstance ("RSA", new BouncyCastleProvider (); // no less
Cp. init (Cipher. DECRYPT_MODE, key );
// Read the encrypted DES key
File = new File ("digitalEnvolope", "Enc_RAS.dat ");
FileInputStream dataFIS = new FileInputStream (file );
// Obtain the data to be encrypted
Int size = dataFIS. available ();
Byte [] encryptByte = new byte [size];
DataFIS. read (encryptByte );
// Create an output stream
File = new File ("digitalEnvolope", "Dec_RAS.dat ");
FileOutputStream FOS = new FileOutputStream (file );
Int blocksize = CP. getblocksize ();
Int J = 0;
// Decrypt each block of data separately
While (encryptbyte. Length-J * blocksize)> 0 ){
FOS. Write (CP. dofinal (encryptbyte, J * blocksize, blocksize ));
J ++;
}
FOS. close ();
} Catch (Exception ex ){
Logger. getLogger (RSADecryptionDESEncryption. class. getName (). log (Level. SEVERE, null, ex );
} Finally {
Try {
Keyfcm. close ();
} Catch (IOException ex ){
Logger. getLogger (RSADecryptionDESEncryption. class. getName (). log (Level. SEVERE, null, ex );
}
}
}
}
6. The receiver uses the RSA key to decrypt the decrypted des key to decrypt important data.
/*
* To change this template, choose tools | templates
* And open the template in the editor.
*/
Package digital. envolope. technology;
Import java. Io. file;
Import java. Io. fileinputstream;
Import java. Io. fileoutputstream;
Import java. Io. ioexception;
Import java. Io. objectinputstream;
Import java. Security. Key;
Import java. util. Logging. level;
Import java. util. Logging. Logger;
Import javax. crypto. Cipher;
/**
*
* @ Author Administrator
*/
Public class DecryptDESede {// use the RSA key to decrypt the decrypted DES key to decrypt the data file
Public static void main (String [] args ){
FileInputStream fInput = null;
Try {
// Read the encrypted data file
File f = new File ("digitalEnvolope", "DESEncrypt_data.txt ");
FInput = new FileInputStream (f );
Int size = 0;
Size = fInput. available ();
Byte [] encryptDataByte = new byte [size];
FInput. read (encryptDataByte );
// Read the decrypted key
File des = new File ("digitalEnvolope", "Dec_RAS.dat ");
FileInputStream fileDes = new FileInputStream (des );
ObjectInputStream OIS = new ObjectInputStream (fileDes );
Key key = (Key) OIS. readObject ();
Cipher cp = Cipher. getInstance ("DESede ");
Cp. init (Cipher. DECRYPT_MODE, key );
Byte [] ptext = cp. doFinal (encryptDataByte );
// Save the decrypted data
F = new File ("digitalEnvolope", "businessJieMi. dat ");
FileOutputStream out = new FileOutputStream (f );
Out. write (ptext );
Out. close ();
FileDes. close ();
OIS. close ();
} Catch (Exception ex ){
Logger. getLogger (DecryptDESede. class. getName (). log (Level. SEVERE, null, ex );
} Finally {
Try {
FInput. close ();
} Catch (IOException ex ){
Logger. getLogger (DecryptDESede. class. getName (). log (Level. SEVERE, null, ex );
}
}
}
}