AES encrypter/decrypter with check in CFB mode in Java using JCE


/ Published in: Java
Save to your folder(s)



Copy this code and paste it in your HTML
  1. import java.io.ByteArrayOutputStream;
  2. import java.io.IOException;
  3. import java.nio.ByteBuffer;
  4. import java.security.InvalidAlgorithmParameterException;
  5. import java.security.InvalidKeyException;
  6. import java.security.MessageDigest;
  7. import java.security.NoSuchAlgorithmException;
  8. import java.util.Arrays;
  9.  
  10. import javax.crypto.BadPaddingException;
  11. import javax.crypto.Cipher;
  12. import javax.crypto.IllegalBlockSizeException;
  13. import javax.crypto.NoSuchPaddingException;
  14. import javax.crypto.spec.IvParameterSpec;
  15. import javax.crypto.spec.SecretKeySpec;
  16.  
  17. public class Cryptor {
  18. private static byte[] r = new byte[] { 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6,
  19. 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF };
  20. private static byte[] header = new byte[] { 0x1, 0x2, 0x2 };
  21. private static int headerlen = 3;
  22. private static byte[] iv = new byte[] { 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6,
  23. 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF };
  24. private static int shalen = 32;
  25.  
  26. private SecretKeySpec secretKeySpec = new SecretKeySpec(r, "AES");
  27. private IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
  28.  
  29. public byte[] encrypt(String plaintext) throws IOException,
  30. NoSuchAlgorithmException, NoSuchPaddingException,
  31. IllegalBlockSizeException, BadPaddingException {
  32. byte[] text = plaintext.getBytes();
  33.  
  34. stream.write(header);
  35.  
  36. // Encrypt text
  37. Cipher cipher = Cipher.getInstance("AES/CFB/NoPadding");
  38. cipher.init(Cipher.ENCRYPT_MODE, this.secretKeySpec,
  39. this.ivParameterSpec);
  40. stream.write(cipher.doFinal(text));
  41.  
  42. // Hash text
  43. MessageDigest digest = MessageDigest.getInstance("SHA-256");
  44. digest.update(text);
  45. stream.write(digest.digest());
  46.  
  47. byte[] bytes = stream.toByteArray();
  48. stream.close();
  49. return bytes;
  50. }
  51.  
  52. public String decrypt(byte[] bytes) throws NoSuchAlgorithmException,
  53. NoSuchPaddingException, InvalidKeyException,
  54. InvalidAlgorithmParameterException, IllegalBlockSizeException,
  55. BadPaddingException, InvalidHashException, InvalidHeaderException {
  56. ByteBuffer buf = ByteBuffer.wrap(bytes);
  57.  
  58. byte[] header = new byte[headerlen];
  59. buf.get(header);
  60. if (!Arrays.equals(header, Cryptor.header))
  61. throw new InvalidHeaderException(
  62. "Header is not valid. Decryption aborted.");
  63.  
  64. int aeslen = bytes.length - shalen - headerlen;
  65. byte[] aes = new byte[aeslen];
  66. buf.get(aes);
  67.  
  68. // Decrypt text
  69. Cipher cipher = Cipher.getInstance("AES/CFB/NoPadding");
  70. cipher.init(Cipher.DECRYPT_MODE, this.secretKeySpec,
  71. this.ivParameterSpec);
  72. byte[] text = cipher.doFinal(aes);
  73.  
  74. // Compute hash
  75. MessageDigest digest = MessageDigest.getInstance("SHA-256");
  76. digest.update(text);
  77. byte[] hash = digest.digest();
  78.  
  79. byte[] hash2 = new byte[shalen];
  80. buf.get(hash2);
  81.  
  82. if (!Arrays.equals(hash, hash2))
  83. throw new InvalidHashException(
  84. "Verification failed. Decryption aborted.");
  85.  
  86. return new String(text);
  87. }
  88.  
  89. class InvalidHeaderException extends Exception {
  90. private static final long serialVersionUID = 1L;
  91.  
  92. public InvalidHeaderException(String string) {
  93. super(string);
  94. }
  95. }
  96.  
  97. class InvalidHashException extends Exception {
  98. private static final long serialVersionUID = 1L;
  99.  
  100. public InvalidHashException(String string) {
  101. super(string);
  102. }
  103. }
  104.  
  105. public static void main(String[] args) throws Exception {
  106. Cryptor c = new Cryptor();
  107.  
  108. System.out
  109. .println(c
  110. .decrypt(c
  111. .encrypt("String encryption/decryption with integrity check. In a real world example, the key should be kept secret and the IV should be unique.")));
  112.  
  113. }
  114.  
  115. }

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.