这是加密系统设计的一个示例
一、目的与要求
(一)目的
通过实践,了解运用相应密码算法,设计并实现一个加密系统的全过程,掌握设计和实现信息安全系统的基本手段和常用方法,提高学生的动手能力和分析、解决问题的能力。
(二)要求
选择具有代表性的密码算法,要求使用DES、3DES或AES作为对称密码算法,实现文件加密解密功能。密钥可以随机或人为生成,密钥的分配可以考虑使用公钥密码*。使用散列函数确保文件的完整性。
二、实验内容:
使用Java平台所带的安全包,设计并实现一个加密系统,使之能够产生并管理密钥、加密文件、解密文件。
一、消息摘要方法设计
完整源代码:
/*
* @author W-nut
* FileInfo:验证数据完整性的方法一:消息摘要法
*/
package appFunction;
import java.security.MessageDigest;
public class CreateMessageDigest
{
//方法描述:将可变长度的消息映射为固定长度的Hash值或消息摘要
//方法参数:s_algorithm:映射时使用的安全哈希算法(SHA),可任意选择测试;s_message:待发送的信息
//方法返回:生成的消息摘要
public byte[] createMyMessageDigest(String s_algorithm,String s_message)
{
try
{
//生成一个MessageDigest类,确定计算方法
MessageDigest mda = MessageDigest.getInstance(s_algorithm);
//添加要进行计算摘要A的信息
mda.update(s_message.getBytes());
//保存摘要到字节数组中
byte[] digestA=mda.digest();
System.out.println("本信息摘要是:"+Conversion.byteArrayToHexString(digestA));
//return Conversion.byteArrayToHexString(digestA);
return digestA;
}
catch (java.security.NoSuchAlgorithmException e)
{
System.out.println("非法摘要算法!");
}
return null;
}
//方法描述:验证消息摘要
//方法参数:s_algorithm:映射时使用的安全哈希算法(SHA);s_message:待发送的信息;s_digestA:别人生成的消息摘要
public void checkMessageDigest(String s_algorithm,String s_message,byte[] s_digestA)
{
try
{
//其他人通过相同方法计算出消息摘要,与原消息摘要比对,判断数据是否完整
MessageDigest mdb = MessageDigest.getInstance(s_algorithm);
//添加要进行计算摘要B的信息
mdb.update(s_message.getBytes());
byte[] digestB=mdb.digest();
//比较字节数组内容是否相等
if (MessageDigest.isEqual(s_digestA,digestB))
System.out.println("信息检查正常!\n");
else
System.out.println("摘要不相同!\n");
}
catch(java.security.NoSuchAlgorithmException e)
{
System.out.println("非法摘要算法!");
}
}
}
以上为交互接口,可以写一点代码测试一下:
/*
* @author W-nut
*/
package appEntrance;
import appFunction.*;
public class ProgramEntrance
{
public static void main(String[] args)
{
String algorithm_MessageDigest="SHA-1";//安全哈希算法
String message="info";//待验证的信息
byte []messageDigest;//生成的消息摘要数组
CreateMessageDigest messageAbstract=new CreateMessageDigest();
//生成自己的消息摘要
messageDigest= messageAbstract.createMyMessageDigest(algorithm_MessageDigest,message);
//消息发送给别人,别人验证消息是否完整
messageAbstract.checkMessageDigest(algorithm_MessageDigest,message,messageDigest);
}
}
运行结果:
二、数字签名方法设计
完整源代码:
/*
* @author W-nut
* FileInfo:验证数据完整性方法二:数字签名法
*/
package appFunction;
import java.security.*;
public class CreateDSA
{
//测试一下下
public void testKeyPair(String s_info,String s_algorithm)
{
KeyPair keyPair=generateKeyPair(s_algorithm);
byte [] signature=performSigning(s_info,s_algorithm,keyPair);
performVerification(s_info,s_algorithm,signature,keyPair.getPublic());
}
//方法说明:生成保存用户特定算法的密钥对生成器
//方法参数:algorithm:特定算法
//方法返回:生成的密钥对
private static KeyPair generateKeyPair(String algorithm)
{
try
{
//保存生成一个密钥对生成器KeyPairGenerator实例
KeyPairGenerator kg = KeyPairGenerator.getInstance(algorithm);
System.out.println("正在生成密钥对......");
kg.initialize(512);//初始化确定密钥大小的密钥对生成器
return kg.genKeyPair();//每次调用此方法都将生成新的密钥对
}
catch(Exception e)
{
System.exit(0);
}
return null;
}
//方法说明:用私钥和加密信息生成签名数组
//方法参数:info:加密信息,algorithm:生成密钥对使用的加密算法,keyPair:用户的密钥对
//方法返回:由私钥和信息组成的签名数组
private static byte[] performSigning(String info,String algorithm,KeyPair keyPair)
{
try
{
//生成密钥公钥publicKey和私钥privateKey
PrivateKey privateKey = keyPair.getPrivate();
PublicKey publicKey = keyPair.getPublic();
//用私人密钥(privateKey)对所确认的信息(info)进行数字签名产生一个签名数组
Signature sign = Signature.getInstance(algorithm);//特定算法签名
sign.initSign(privateKey); //用该用户的私钥初始一个Signature对象
sign.update(info.getBytes()); //用该用户的加密信息更新一个Signature对象
System.out.println("正在生成签名......");
byte[] b = sign.sign(); //生成签名数组
System.out.println("\nMessage: "+info);
System.out.println("Private key:\n"+
Conversion.byteArrayToBase64String(privateKey.getEncoded()));
System.out.println("Public key:\n"+
Conversion.byteArrayToBase64String(publicKey.getEncoded()));
System.out.println("Signature:\n"+
Conversion.byteArrayToBase64String(b));
return b;
}
catch(Exception e)
{
System.exit(0);
}
return null;
}
//方法说明:用公钥和加密信息验证签名数组
//方法参数:info:加密信息 ,algorithm:生成密钥对的特定算法,signature[]:该用户的签名数组,publicKey:该用户的公钥
private static void performVerification(String info, String algorithm,byte[] signature, PublicKey publicKey)
{
try
{
Signature sign = Signature.getInstance(algorithm);
System.out.println("\n正在验证签名......");
sign.initVerify(publicKey);//使用该用户的公钥初始化一个Signature对象
sign.update(info.getBytes());//使用该用户的加密信息更新一个Signature对象
if(sign.verify(signature))
System.out.println("Signature verified!");
else
System.out.println("Signature NOT verified!");
}
catch(Exception e)
{
System.exit(0);
}
}
}
测试一下下:
/*
* @author W-nut
*/
package appEntrance;
import appFunction.*;
public class ProgramEntrance
{
public static void main(String[] args)
{
String message="info";//待验证的信息
String algorithm_KeyPair="DSA";
//生成数字签名并验证
CreateDSA createDSA=new CreateDSA();
createDSA.testKeyPair(message,algorithm_KeyPair);
}
}
运行结果:
三、DES加密
献上小弟的源代码:
/*
* @author W-nut
*FileInfo:DES算法加密
*/
package appFunction;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import java.nio.charset.StandardCharsets;
import java.security.Key;
public class EncryptDES
{
public static void main(String[] args)
{
testEncryptDES("这真的是明文!");
}
public static void testEncryptDES(String s_plainText)
{
try
{
byte[] plainText =s_plainText.getBytes();
//获取DES密钥并保存
System.out.println("\n开始生成DES密钥!");
KeyGenerator keyGen = KeyGenerator.getInstance("DES");
keyGen.init(56);
Key key = keyGen.generateKey();
System.out.println("DES密钥生成结束!");
//获取DES密文实例并打印provider
Cipher cipher = Cipher.getInstance("DES");
System.out.println("\n" + cipher.getProvider().getInfo());
//用DES密钥加密明文plainText,生成密文cipherText
System.out.println("\n加密开始\n");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherText = cipher.doFinal(plainText);
System.out.println("加密结束: ");
System.out.println(new String(cipherText, StandardCharsets.UTF_8));
//用DES密钥解密密文
System.out.println("\n解密开始\n");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] newPlainText = cipher.doFinal(cipherText);
System.out.println("解密结束: ");
System.out.println(new String(newPlainText, StandardCharsets.UTF_8));
}
catch(Exception e)
{
System.exit(0);
}
}
}
运行结果:
四、Diffie-Hellman密钥交换协议
/*
* @author W-nut
*/
package appFunction;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
public class KeyChange
{
public static void main(String[] args)
{
try
{
// Generate key pair for 1
System.out.println("1 is generating a key pair");
KeyPairGenerator kpg1 = KeyPairGenerator.getInstance("DH");
kpg1.initialize(512);
KeyPair kp1 = kpg1.generateKeyPair();
// Create a KeyAgreement object using the private key
System.out.println("1 is creating a key agreement object");
KeyAgreement ka1 = KeyAgreement.getInstance("DH");
DHPrivateKey privateKey1 = (DHPrivateKey) kp1.getPrivate();
DHPublicKey publicKey1 = (DHPublicKey) kp1.getPublic();
ka1.init(privateKey1);
System.out.println("1 is using "+publicKey1.getY()+ " for its public key");
// Generate key pair for 2
System.out.println("2 is generating a key pair");
DHParameterSpec dhParamSpec = publicKey1.getParams();
KeyPairGenerator kpg2 = KeyPairGenerator.getInstance("DH");
kpg2.initialize(dhParamSpec);
KeyPair kp2 = kpg2.generateKeyPair();
// Create a KeyAgreement object using the private key
System.out.println("2 is creating a key agreement object");
KeyAgreement ka2 = KeyAgreement.getInstance("DH");
DHPrivateKey privateKey2 = (DHPrivateKey) kp2.getPrivate();
DHPublicKey publicKey2 = (DHPublicKey) kp2.getPublic();
ka2.init(privateKey2);
System.out.println("2 is using "+publicKey2.getY()+" for its public key");
// Use the KeyAgreement object of 1 to generate its shared key
ka1.doPhase(publicKey2,true);
SecretKey sharedKey1 = ka1.generateSecret("DES");
System.out.println("1 is using "+
Conversion.byteArrayToHexString(sharedKey1.getEncoded())+ " as its DES session key");
// Use the KeyAgreement object of 2 to generate its shared key
ka2.doPhase(publicKey1,true);
SecretKey sharedKey2 = ka2.generateSecret("DES");
System.out.println("2 is using "+
Conversion.byteArrayToHexString(sharedKey2.getEncoded())+ " as its DES session key");
}
catch(Exception e)
{
System.out.println("出错啦!!!");
}
}
}
这里小弟就不运行啦!
部分文件用到的Conversion类型转换类:
/*
* @author W-nut
*FileInfo:类型转换
*/
package appFunction;
import java.util.Base64;
public class Conversion
{
//方法说明:字节数组转换成字符串
public static String byteArrayToHexString(byte [] digestA)
{
StringBuilder sb =new StringBuilder();
for (byte value : digestA)
{
int temp = value & 0xFF;
sb.append(Integer.toHexString(temp));
}
return sb.toString();
}
//方法说明:base64编码转换成字符串
public static String byteArrayToBase64String(byte [] keyInfo)
{
return Base64.getEncoder().encodeToString(keyInfo);
}
}
mua~