|
JavaXT
|
|
AES256 Class
package javaxt.encryption;
import java.security.AlgorithmParameters;
import javax.crypto.*;
import java.security.spec.*;
import javax.crypto.spec.*;
//******************************************************************************
//** AES-256
//******************************************************************************
/**
* Provides static methods used to encrypt and decrypt strings using AES 256
* bit encryption.
*
* @credit http://stackoverflow.com/a/992413/
*
******************************************************************************/
public class AES256 {
private static String err = "Please install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.";
private AES256(){}
//**************************************************************************
//** encrypt
//**************************************************************************
/** Used to encrypt a block of text. Throws an java.security.InvalidKeyException
* if the JRE/JDK is missing the Java Cryptography Extension (JCE) unlimited
* strength jurisdiction policy files.
*/
public static byte[] encrypt(String text, String password) throws Exception {
try{
java.security.SecureRandom rand = new java.security.SecureRandom();
byte[] salt = new byte[32];
rand.nextBytes(salt);
SecretKey secret = getSecretKey(password, salt);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secret);
AlgorithmParameters params = cipher.getParameters();
byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
byte[] b = cipher.doFinal(text.getBytes("UTF-8"));
byte[] ret = new byte[salt.length + iv.length + b.length];
System.arraycopy(salt, 0, ret, 0, salt.length);
System.arraycopy(iv, 0, ret, salt.length, iv.length);
System.arraycopy(b, 0, ret, salt.length+iv.length, b.length);
return ret;
}
catch(java.security.InvalidKeyException e){
if (e.getMessage().equals("Illegal key size")){
throw new java.security.InvalidKeyException(err);
}
else{
throw e;
}
}
}
//**************************************************************************
//** decrypt
//**************************************************************************
/** Used to decrypt a byte array generated from the encrypt() method. Throws
* an java.security.InvalidKeyException if the JRE/JDK is missing the Java
* Cryptography Extension (JCE) unlimited strength jurisdiction policy files.
*/
public static String decrypt(byte[] bytes, String password) throws Exception {
try{
byte[] salt = new byte[32];
byte[] iv = new byte[16];
byte[] b = new byte[bytes.length-salt.length-iv.length];
System.arraycopy(bytes, 0, salt, 0, salt.length);
System.arraycopy(bytes, 32, iv, 0, iv.length);
System.arraycopy(bytes, 32+16, b, 0, b.length);
SecretKey secret = getSecretKey(password, salt);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
return new String(cipher.doFinal(b), "UTF-8");
}
catch(java.security.InvalidKeyException e){
if (e.getMessage().equals("Illegal key size")){
throw new java.security.InvalidKeyException(err);
}
else{
throw e;
}
}
}
//**************************************************************************
//** getSecretKey
//**************************************************************************
private static SecretKey getSecretKey(String password, byte[] salt) throws
java.security.NoSuchAlgorithmException, java.security.spec.InvalidKeySpecException, java.io.UnsupportedEncodingException {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
return new SecretKeySpec(tmp.getEncoded(), "AES");
}
}
|
|