Decrypting a hardcoded file as byte[]

后端 未结 2 976
执笔经年
执笔经年 2021-02-11 07:49

Well this is actually a two-parter...

First I need to

  1. read the contents of the file
  2. crypt them into a byte[]
  3. write the
2条回答
  •  我寻月下人不归
    2021-02-11 08:54

    Sharing the key and encrypting something are two completely different things. How to share keys

    Having said this, AES with 128bit is fairly strong encryption algorithm than 3DES So what you can do is keep PKI infrastructure in place to exchange AES keys and then Encrypt and Decrypt using them.

    Why not RSA? RSA needs to be minimum 512 bit to consider it as strongest and if you increase more bits then it increases time required for encryption and decryption.

    SO AES is fast and safe.

    Use SecretKeySpec to create key from byte[]

    public static void main(String[] args) throws Exception
    {
        // Initialise secret key with predefined byte array [] like below. I
        // have used simple string to array method to generate 16 byte array.
        // AES Key must be minimum 16 bytes.
        // Now you can put this byte array some where is .SO file.
        // Generate new Key using this byte []
        // Then you can generate a key using device specific information at
        // first boot up.
        // Use second key to encrypt data and first key to encrypt the second
        // key
        // I Hope it clears all the doubts
        SecretKey key = new SecretKeySpec("ABCDEFGHIJKLMNOP".getBytes(), "AES");
        System.out.println(Arrays.toString(key.getEncoded()));
        // Initialise Cipher with AES Algorithm
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        // Set The Encrypt Mode
        cipher.init(Cipher.ENCRYPT_MODE, key);
        // Encrypt some bytes
        byte[] encrypted = cipher.doFinal("ABCDEFGH".getBytes());
        // Print it to vefiry
        System.out.println(Arrays.toString(encrypted));
    
        // Get The IV
        byte[] iv = cipher.getIV();
        System.out.println(iv.length);
        // Now why storing you can create structure like [16 IV][Encrypted Data]
        // And while decrypting you can read first [16] bytes IV and then
        // decrypt remaining bytes
    
        //byte[] iv = new byte[16];
        // System.arraycopy(encrypted, 0, iv, 0, 16)
        //Copy remaining bytes to decrypt
    
    
        // set cipher to decrypt mode
    
        cipher.init(Cipher.DECRYPT_MODE, key,new IvParameterSpec(iv));
    
        // decrypt it
        byte[] decrypted = cipher.doFinal(encrypted);
        System.out.println(new String(decrypted));
    
    }
    

    Now write an algorithm which will generate byte[] from some random data like device name, user name, random seed etc.

    You can add more protection to algorithm source code by writing that algorithm in C and create.SO file and get byte [] using Native calls.

    What are the advantages of doing all this?

    1. Event if your so is hacked it will need real time environment to run create key out of it.
    2. Even if some one does crack it the damage will be limited i.e. 1 device
    3. Hacker will have to repeat same with each device which is highly impossible to do.

提交回复
热议问题