Debadatta Mishra - An agressive java developer with a differenece.
Symmetric cryptography in Java
Introduction
As you know data security is a significant aspect of any enterprise application. Starting from password encryption to any data exchange, cryptography has been in use for all kinds of purpose. However there are two kinds of cryptography, one is symmetric and another is asymmetric. In case of symmetric cryptography, a secret key is used for all kinds of encryption and decryption. This secret key is shared by all the members who want to participate in the encryption and decryption process. There are several algorithms for the symmetric cryptography. DES( Data Encryption Standard) is one of them. In case of normal login screen of web based application, implementation of DES algorithm is used for password encryption.
Technicalities
Java cryptography provides suitable and flexible framework for the use of symmetric cryptography. DES algorithm is commonly known as symmetric algorithm. In case of symmetric cryptography, the secret key is used in a plain text file and this file is shared between the members. This file is used to retrieve the secret key for all kinds of encryption and decryption. In this regards I can provide you an example that think of a situation where the two lovers receive their love letters in encrypted format so that no body can read it. They have a common key called the DES secret key. They use the secret key to decrypt the contents of the encrypted love letters at their end. It means that the secret key is generated once and shared between the members. For more details of DES algorithm please refer to the java docs and JCE framework provided by Sun. In this article I will provide an example of how to use the implementation of DES algorithm.
Complete example
The following is the utility class for the cryptography management. The class name is
“KeyUtil.java”.
package com.dds.core;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
/**This is a utility class for all kinds
* of useful methods related to symmetric
* cryptography. This class only provides
* the use of DES algorithm.You can use any
* other symmetric algorithm similarly.
* @author Debadatta Mishra( PIKU )
*
*/
public class KeyUtil {
/**
* Name of the algorithm
*/
private static String algorithm = "DES";
/**This method is used to obtain the
* Secret key as a String. It is useful
* you can store the String in a file
* for all kinds of encryption and
* decryption.
* @return the SecretKey as String
*/
public static String generateSecretKey() {
String secretKeyString = null;
try {
KeyGenerator keyGen = KeyGenerator.getInstance(algorithm);
SecretKey secretKey = keyGen.generateKey();
byte[] secretKeyBytes = secretKey.getEncoded();
secretKeyString = new sun.misc.BASE64Encoder()
.encode(secretKeyBytes);
} catch (Exception e) {
e.printStackTrace();
}
return secretKeyString;
}
/**This method is used to obtain the SecretKey
* object by passing the secret key as string.
* @param secretKeyString of type String
* @return object of {@link SecretKey}
*/
private static SecretKey getKeyInstance(String secretKeyString) {
SecretKey secretKey = null;
try {
byte[] b2 = new sun.misc.BASE64Decoder()
.decodeBuffer(secretKeyString);
secretKey = new SecretKeySpec(b2, algorithm);
} catch (Exception e) {
e.printStackTrace();
}
return secretKey;
}
/**This method is used to encrypt the same file.
* This method is useful when you are encrypting
* the contents of a file. There is no need to
* create another file with the encrypted contents.
* @param filePath of type String indicating the path of the file
* @param keyString of type String indicating the secret key
*/
public static void encryptFile(String filePath, String keyString) {
try {
SecretKey key = getKeyInstance(keyString);
Cipher ecipher = Cipher.getInstance(algorithm);
ecipher.init(Cipher.ENCRYPT_MODE, key);
InputStream in = new FileInputStream(filePath);
byte[] fileBytes = new byte[in.available()];
in.read(fileBytes);
in.close();
OutputStream out = new FileOutputStream(filePath);
out = new CipherOutputStream(out, ecipher);
out.write(fileBytes);
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
/**This method is used to decrypt the same file.
* This method is useful when you are decrypting
* the contents of a file. There is no need to
* create another file with the decrypted contents.
* @param filePath of type String indicating the path of the file
* @param keyString of type String indicating the secret key
*/
public static void decryptFile(String filePath, String keyString) {
try {
SecretKey key = getKeyInstance(keyString);
Cipher ecipher = Cipher.getInstance(algorithm);
ecipher.init(Cipher.DECRYPT_MODE, key);
InputStream in = new FileInputStream(filePath);
byte[] fileBytes = new byte[in.available()];
in.read(fileBytes);
in.close();
OutputStream out = new FileOutputStream(filePath);
out = new CipherOutputStream(out, ecipher);
out.write(fileBytes);
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
/**This method is used to encrypt the contents
* of a file and writing to another file. This
* method is useful when you want to maintain the
* original contents and encrypting the contents
* and giving to another person.
* @param in of type {@link InputStream}
* @param out of type {@link OutputStream}
* @param keyString of type String indicating the SecretKey
*/
public static void encryptFile(InputStream in, OutputStream out,
String keyString) {
byte[] buf = new byte[1024];
try {
SecretKey key = getKeyInstance(keyString);
Cipher ecipher = Cipher.getInstance(algorithm);
ecipher.init(Cipher.ENCRYPT_MODE, key);
// Bytes written to out will be encrypted
out = new CipherOutputStream(out, ecipher);
// Read in the cleartext bytes and write to out to encrypt
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
}
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
/**This method is used to decrypt the contents
* of a file and writing to another file. This
* method is useful when you want to decrypt
* the contents and writing to a another file.
* @param in of type {@link InputStream}
* @param out of type {@link OutputStream}
* @param keyString of type String indicating the SecretKey
*/
public static void decryptFile(InputStream in, OutputStream out,
String keyString) {
byte[] buf = new byte[1024];
try {
SecretKey key = getKeyInstance(keyString);
Cipher dcipher = Cipher.getInstance(algorithm);
dcipher.init(Cipher.DECRYPT_MODE, key);
in = new CipherInputStream(in, dcipher);
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
}
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
/**This method is used to encrypt the String.
* @param contents of type String
* @param keyString of type String indicating the Secret key as String
* @return a String encrypted contents
*/
public static String getEncryptedContents(String contents, String keyString) {
String encryptedString = null;
try {
byte[] contentBytes = contents.getBytes();
SecretKey key = getKeyInstance(keyString);
Cipher ecipher = Cipher.getInstance(algorithm);
ecipher.init(Cipher.ENCRYPT_MODE, key);
byte[] encryptedBytes = ecipher.doFinal(contentBytes);
encryptedString = new sun.misc.BASE64Encoder()
.encode(encryptedBytes);
} catch (Exception e) {
e.printStackTrace();
}
return encryptedString;
}
/**This method is used to decrypt the String.
* @param contents of type String
* @param keyString of type String indicating the Secret key as String
* @return a String encrypted contents
*/
public static String getDecryptedContents(String contents, String keyString) {
String decryptedString = null;
try {
byte[] contentBytes = new sun.misc.BASE64Decoder()
.decodeBuffer(contents);
SecretKey key = getKeyInstance(keyString);
Cipher ecipher = Cipher.getInstance(algorithm);
ecipher.init(Cipher.DECRYPT_MODE, key);
byte[] encryptedBytes = ecipher.doFinal(contentBytes);
decryptedString = new String(encryptedBytes);
} catch (Exception e) {
e.printStackTrace();
}
return decryptedString;
}
}
The above class provides several useful methods for encryption and decryption. Please refer the java docs provided for each method. Generally in many applications, you may have to use either for a file or for a String. In the above class , I have provided two methods for file encryption and decryption. In certain situation, it is required that you have to encrypt the contents of the file. More specifically I can provide you an example, think about a file called “sample.txt”. You have to encrypt the contents of the file “Sample.txt” so that after encryption when you are opening the file, it becomes unreadable. It may also be required to transfer the file to network. Sometime a requirement comes that there is file called “Sample.txt”, you have to encrypt the contents of the file and to create a new file called “Sample_en.txt”. In this case you have two files, one is the original one as well as the encrypted file. Now refer to the following subordinate classes for the use.
Class name: KeyGenerator.java
package com.dds.core;
import java.io.File;
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.util.Properties;
/**
* This class is used to generate the secrete key and
* stores the secret key in a file called secret.key.
* @author Debadatta Mishra(PIKU)
*
*/
public class KeyGenerator {
/**This method is used to obtain the
* path of the file secret.key.
* @return path of Key
*/
private static String getKeyFilePath() {
String keyPath = null;
try {
String keyDirPath = System.getProperty("user.dir") + File.separator
+ "key";
File keyDir = new File(keyDirPath);
if (!keyDir.exists())
keyDir.mkdirs();
keyPath = keyDirPath + File.separator + "secretkey.key";
} catch (Exception e) {
e.printStackTrace();
}
return keyPath;
}
/**
* This method is used to store the
* secret key in a file.
*/
public static void storeKey() {
try {
Properties keyProp = new Properties();
OutputStream out = new FileOutputStream(getKeyFilePath());
keyProp.put("key", KeyUtil.generateSecretKey());
keyProp
.store(out,
"Secret key information, do not modify the key.");
} catch (Exception e) {
e.printStackTrace();
}
}
}
This class is used to generate the Secret key and to store in a file so that the secret key can be retrieved as and when required. Let us see another class where you can read the secret key file to get the secret key.
Class name: KeyReader.java
package com.dds.core;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.util.Properties;
/**This is a utility class to read the
* contents of the secret.key file.
* @author Debadatta Mishra(PIKU)
*
*/
public class KeyReader {
/**This method is used to obtain the
* key String which is stored in the
* file secret.key.
* @return the key String
*/
public static String getSecretKey() {
String secretKeyString = null;
try {
String keyDirPath = System.getProperty("user.dir") + File.separator
+ "key";
String keyPath = keyDirPath + File.separator + "secretkey.key";
Properties keyProp = new Properties();
InputStream in = new FileInputStream(keyPath);
keyProp.load(in);
secretKeyString = keyProp.getProperty("key");
} catch (Exception e) {
e.printStackTrace();
}
return secretKeyString;
}
}
The above class is used to read the secret key.
I provide below all the test harness classes for the above classes. The first test harness class is “KeyGeneratorTest.java”.
import com.dds.core.KeyGenerator;
/**This is a test harness class to generate
* the secret key and store in a file.
* @author Debadatta Mishra(PIKU)
*
*/
public class KeyGeneratorTest {
public static void main(String[] args) {
KeyGenerator.storeKey();
}
}
This class is used to generate the secret key.
The next test harness class is “StringEncryptionTest.java”.
import com.dds.core.KeyReader;
import com.dds.core.KeyUtil;
/**This test harness class is used to
* encrypt and decrypt the String.
* @author Debadatta Mishra(PIKU)
*
*/
public class StringEncryptionTest {
public static void main(String[] args) {
String originalString = "Hello World";
String secretKeyString = KeyReader.getSecretKey();
String encryptedStringContents = KeyUtil.getEncryptedContents(
originalString, secretKeyString);
System.out.println("Original String------" + originalString);
System.out.println("Encrypted String-----" + encryptedStringContents);
/*
* Now get back to your originalString by decryption
*/
String decryptedString = KeyUtil.getDecryptedContents(
encryptedStringContents, secretKeyString);
System.out.println("Decrypted String-----" + decryptedString);
}
}
The above class is used to encrypt and decrypt a String. It may be useful for for your password and some other String of characters. Let us see the class for file encryption.
Class Name : FileEncryptionTest.java
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import com.dds.core.KeyReader;
import com.dds.core.KeyUtil;
/**This is the test harness class for the
* encryption and decryption of the file.
* @author Debadatta Mishra(PIKU)
*
*/
public class FileEncryptionTest {
public static void main(String[] args) throws Exception {
String filePath = "C:/output.txt";
String secretKeyString = KeyReader.getSecretKey();
/*
* Encrypt the fileContents and write to the same file
*/
KeyUtil.encryptFile(filePath, secretKeyString);
/*
* Decrypt the file contents and write to the same file
*/
KeyUtil.decryptFile(filePath, secretKeyString);
/*
* Encrypt the file contents and write to another
* file which contains the encrypted contents.
*/
String encryptedFilePath = "C:/en.txt";
InputStream in = new FileInputStream(filePath);
OutputStream out = new FileOutputStream(encryptedFilePath);
KeyUtil.encryptFile(in, out, secretKeyString);
/*
* Decrypt the file contents and write to an another file.
*/
in = new FileInputStream(encryptedFilePath);
out = new FileOutputStream(filePath);
KeyUtil.decryptFile(in, out, secretKeyString);
}
}
The above class provides several ways you can encrypt and decrypt the file.
Please follow the following sequence to execute the above classes.
- Please create the appropriate package structure and copy the corresponding classes inside the package.
- First run the class “KeyGeneratorTest.java” . You will find a file called “secret.key” where the secret key is tored.
- Next run the class “StringEncryptionTest.java”.
- Create a text file with some contents and place in a directory. Then run the class “FileEncryptionTest.java” to encrypt or decrypt the file.
Conclusion
I hope that you will enjoy my article for the symmetric cryptography. For asymmetric cryptography please refer to the link http://www.articlesbase.com/information-technology-articles/asymmetric-cryptography-in-java-438155.html. If you find any problems or errors, please feel free to send me a mail in the address debadattamishra@aol.com . This article is only meant for those who are new to java development. This article does not bear any commercial significance. Please provide me the feedback about this article.
- Related Videos
- Related Articles
- Ask / Related Q&A
Magento Development
By: Digisha Modi | 26/12/2009Magento eCommerce Development is an incredibly advanced suite which enables you to have a shopping cart up and running in a very short time. Magento includes advanced reporting and analysis features which will increase your awareness of sales trends and other customer activity to enable you to tune your business for maximum efficiency. Its unique characteristics are unlimited flexibility, completely scalable architecture, professional and community support and smooth integration with 3rd party a
PSD to XHTML Conversion Services
By: Digisha Modi | 26/12/2009To make a website easily visible and popular, making it browser compatible is very important. For this PSD to XHTML conversion is one of the most vital elements of Web designing. Its growing importance in the designing cannot be completely annulled. With the increasing competition among the web marketers, the importance of a good design with better usability has become the necessity of the present time.
Magento Extension Development
By: Digisha Modi | 26/12/2009Magento is a feature-rich, professional open-source eCommerce solution that offers merchants complete flexibility and control over the look, content, and functionality of their online store. Magneto’s intuitive administration interface contains powerful marketing, search engine optimization and catalog-management tools to give merchants the power to create sites that are tailored to their unique business needs.
How to burn WMV video to DVD to enjoy on TV, xobx, PS 3 or other playwers
By: lyndon123 | 26/12/2009WMV video is a one of the most pop format video we often use. Enjoy the WMV video on TV, Xbox, PS 3 or other DVD Players is often necessary in our common life. Now we can follow this simple guide to learn how to burn WMV to DVD Disc.
Mobile antivirus software is beginning to be an essential
By: brookepens | 25/12/2009When it comes to our home computers and networks in the work place everyone ensures that they are protected by mobile antivirus software with protective firewalls. Unfortunately, there are still many people and businesses that do not realise that mobile phone antivirus software has become just as important to have as antivirus computer software.
NetOffice Customization
By: Digisha Modi | 25/12/2009NetOffice is a web based project management tools written in PHP and utilizing MySQL. It has a surprisingly easy to use user interface, and it really is self explanatory, even for first time users. It has the same features as most other free web based project management tools but is set apart from the pack by its simple layout and amazing ease of use.
SugarCRM Development Services
By: Digisha Modi | 25/12/2009SugarCRM is commercial open source Customer Relationship Management software that is designed to meet all the CRM requirements of organizations. It is developed using PHP and available in both free and commercial editions. It provides basic CRM functionality such as lead tracking, sales management, project management, issue tracking etc.
Magento - Best Choice for Ecommerce Solution
By: Digisha Modi | 24/12/2009Magento eCommerce is a new Open Source platform with industry-leading features to provide merchants with unprecedented control over store operations. This Open Source eCommerce software is very powerful and includes many features that have not been seen in Open Source products before. Magento eCommerce is one of the fastest growing new software, and looks set to become a dominant force in the eCommerce industry.
Encryption Using Rsa Algorithm in Java
By: Debadatta Mishra | 23/08/2008 | ProgrammingThis article provides a solution for RSA encryption and decryption in java, which is limited to 117 bytes.
Symmetric Cryptography in Java
By: Debadatta Mishra | 23/08/2008 | ProgrammingThis article gives an insight into the symmetric cryptography in java. It basically provides you the use of DES algorithm.
Eclipse Plugin Development - a Bird’s Eye View
By: Debadatta Mishra | 08/08/2008 | ProgrammingThis article gives a brief introduction into the eclipse plugin development. You will find some of the terms used in the eclipse plugin development.
Asymmetric Cryptography in Java
By: Debadatta Mishra | 04/06/2008 | Information TechnologyAn example for asymmetric cryptography in java