To make transportation more secure and accurate, we can use checksum.
On the server, we regenerate the checksum to see whether it's the same as the one that sent in. If the same, meaning that the message has not been modified, during transportation.
There are two ways to generate checksum, one is to use "SHA1", the other is to use "MD5"
Use "SHA1" to generate digest:
01 public String generateDigest(byte[] payload){
02
03 String digestGen = null;
04 try {
05 MessageDigest mDigest = MessageDigest.getInstance("SHA1");
06 byte[] result = mDigest.digest(payload);
07 StringBuffer sb = new StringBuffer();
08 for (int i = 0; i < result.length; i++) {
09 sb.append(Integer.toString((result[i] & 0xff) + 0x100, 16).substring(1));
10 }
11 digestGen = sb.toString();
12 } catch (Exception e) {
13 LOGGER.error("Cannot generate digest!",e);
14 }
15 return digestGen;
16 }
We can generate the checksum before we encode the bytes for transportation.
Because Base64 bytes can assume more time to generate checksum. Efficiency will not be that good.
1/23/2013
Java AES encryption and decryption
AES encryption supports 92, 128, 256, three kinds of length. It's one of the popular encryption method currently.
Encryption:
01 public static byte[] encrypt(String content, String password) {
02 try {
03 KeyGenerator kgen = KeyGenerator.getInstance("AES");
04 kgen.init(128, new SecureRandom(password.getBytes()));
05 SecretKey secretKey = kgen.generateKey();
06 byte[] enCodeFormat = secretKey.getEncoded();
07 SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
08 Cipher cipher = Cipher.getInstance("AES");// Create the cipher
09 byte[] byteContent = content.getBytes("utf-8");
10 cipher.init(Cipher.ENCRYPT_MODE, key);// Initialization
11 byte[] result = cipher.doFinal(byteContent);
12 return result; // return the encrypted binary bytes.
13 //If we want, we can use Base64 to make it more
Encryption:
01 public static byte[] encrypt(String content, String password) {
02 try {
03 KeyGenerator kgen = KeyGenerator.getInstance("AES");
04 kgen.init(128, new SecureRandom(password.getBytes()));
05 SecretKey secretKey = kgen.generateKey();
06 byte[] enCodeFormat = secretKey.getEncoded();
07 SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
08 Cipher cipher = Cipher.getInstance("AES");// Create the cipher
09 byte[] byteContent = content.getBytes("utf-8");
10 cipher.init(Cipher.ENCRYPT_MODE, key);// Initialization
11 byte[] result = cipher.doFinal(byteContent);
12 return result; // return the encrypted binary bytes.
13 //If we want, we can use Base64 to make it more
secure.
14 } catch (NoSuchAlgorithmException e) {
15 e.printStackTrace();
16 } catch (NoSuchPaddingException e) {
17 e.printStackTrace();
18 } catch (InvalidKeyException e) {
19 e.printStackTrace();
20 } catch (UnsupportedEncodingException e) {
21 e.printStackTrace();
22 } catch (IllegalBlockSizeException e) {
23 e.printStackTrace();
24 } catch (BadPaddingException e) {
25 e.printStackTrace();
26 }
27 return null;
28 }
Decryption:
01 public static byte[] decrypt(byte[] content, String password) {
02 try {
03 KeyGenerator kgen = KeyGenerator.getInstance("AES");
04 kgen.init(128, new SecureRandom(password.getBytes()));
05 SecretKey secretKey = kgen.generateKey();
06 byte[] enCodeFormat = secretKey.getEncoded();
07 SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
08 Cipher cipher = Cipher.getInstance("AES");
09 cipher.init(Cipher.DECRYPT_MODE, key);
10 byte[] result = cipher.doFinal(content);
11 return result;
12 } catch (NoSuchAlgorithmException e) {
13 e.printStackTrace();
14 } catch (NoSuchPaddingException e) {
15 e.printStackTrace();
16 } catch (InvalidKeyException e) {
17 e.printStackTrace();
18 } catch (IllegalBlockSizeException e) {
19 e.printStackTrace();
20 } catch (BadPaddingException e) {
21 e.printStackTrace();
22 }
23 return null;
24 }
Tip: Using AES to encrypt, we must have a key. How to generate and this key is also one important security issue that need to be considered.
14 } catch (NoSuchAlgorithmException e) {
15 e.printStackTrace();
16 } catch (NoSuchPaddingException e) {
17 e.printStackTrace();
18 } catch (InvalidKeyException e) {
19 e.printStackTrace();
20 } catch (UnsupportedEncodingException e) {
21 e.printStackTrace();
22 } catch (IllegalBlockSizeException e) {
23 e.printStackTrace();
24 } catch (BadPaddingException e) {
25 e.printStackTrace();
26 }
27 return null;
28 }
Decryption:
01 public static byte[] decrypt(byte[] content, String password) {
02 try {
03 KeyGenerator kgen = KeyGenerator.getInstance("AES");
04 kgen.init(128, new SecureRandom(password.getBytes()));
05 SecretKey secretKey = kgen.generateKey();
06 byte[] enCodeFormat = secretKey.getEncoded();
07 SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
08 Cipher cipher = Cipher.getInstance("AES");
09 cipher.init(Cipher.DECRYPT_MODE, key);
10 byte[] result = cipher.doFinal(content);
11 return result;
12 } catch (NoSuchAlgorithmException e) {
13 e.printStackTrace();
14 } catch (NoSuchPaddingException e) {
15 e.printStackTrace();
16 } catch (InvalidKeyException e) {
17 e.printStackTrace();
18 } catch (IllegalBlockSizeException e) {
19 e.printStackTrace();
20 } catch (BadPaddingException e) {
21 e.printStackTrace();
22 }
23 return null;
24 }
Tip: Using AES to encrypt, we must have a key. How to generate and this key is also one important security issue that need to be considered.
Subscribe to:
Posts (Atom)