Hi,
I am using the class below called TripleDesEncryption to encrypt a
string. I have got this code of someone else and not sure how i works. I need to somehow generate a key (private I think) to encrypt my string. How do I do this - can the key be a file with any content, or do I have to use the Keygenerator class to produce this key, in the form of a byte array?
Below is my code - also, where do I put this key once I have created it?
Sorry for this basic security question, but it is the first time I am using this kind of stuff.
Thanks for your help in advance.
package com.db.websso.util;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.BadPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.spec.IvParameterSpec;
import java.security.InvalidKeyException;
import java.security.GeneralSecurityException;
import sirrus.util.crypt.SecurityProviderLoader;
public class TripleDESEncryption {
private static final String TRIPLE_DES = "DESede";
private static final int TRIPLE_DES_SIZE = 24;
private static final int KEY_START = 0;
private static final int IV_SIZE = 8;
static {
SecurityProviderLoader.loadCryptoProviders();
}
public static String encrypt(byte[] key, String string) {
if(key == null || string == null) return null;
Cipher cipher = getCipher(Cipher.ENCRYPT_MODE, key);
byte[] ciphertext = new byte[0];
try {
ciphertext = cipher.doFinal(string.getBytes());
} catch (Exception e) {
e.printStackTrace();
return null;
}
return Base64.encode(ciphertext);
}
public static String decrypt(byte[] key, String string) {
if(string == null || key == null) return null;
byte[] input = Base64.decode(string);
if(input == null) return null;
Cipher cipher = getCipher(Cipher.DECRYPT_MODE, key);
byte[] plaintext = null;
try {
plaintext = cipher.doFinal(input);
} catch (Exception e) {
e.printStackTrace();
return null;
}
return new String(plaintext);
}
/***********************/
private static Cipher getCipher( int mode, byte[] key )
{
// Retrieve the key parts from the key record
byte [] keybytes = getKeyBytes( key );
byte [] ivbytes = getIvBytes( key );
try
{
Cipher cipher = Cipher.getInstance( TRIPLE_DES +
"/CBC/PKCS5Padding",
"JsafeJCE");
SecretKeySpec keySpec = new SecretKeySpec( keybytes, TRIPLE_DES );
IvParameterSpec ivSpec = new IvParameterSpec( ivbytes );
cipher.init( mode, keySpec, ivSpec );
return cipher;
}
catch( InvalidKeyException ike )
{
throw new RuntimeException( "Key was invalid: " + ike.toString() );
}
catch( GeneralSecurityException catchall )
{
throw new RuntimeException( catchall.toString() );
}
}
private static byte[] getKeyBytes( byte[] key )
{
byte[] keybytes;
keybytes = new byte[ TRIPLE_DES_SIZE ];
System.arraycopy( key, KEY_START, keybytes, 0, TRIPLE_DES_SIZE );
return keybytes;
}
private static byte[] getIvBytes( byte[] key )
{
byte[] ivbytes = new byte[ IV_SIZE ];
System.arraycopy( key, KEY_START + TRIPLE_DES_SIZE, ivbytes, 0,
IV_SIZE );
return ivbytes;
}
}