Skip to content

Instantly share code, notes, and snippets.

@bnyeggen

bnyeggen/Crypt.java

Created November 29, 2015 22:04
Show Gist options
  • Save bnyeggen/3705b98d4028405c220b to your computer and use it in GitHub Desktop.
Save bnyeggen/3705b98d4028405c220b to your computer and use it in GitHub Desktop.
Download ZIP
Stream based en/decryption in Java 7
Raw
Crypt.java
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
public class Crypt {
private static final int BUF_SIZE = 8096;
private static final int IVS_LENGTH = 16;
//better AEAD modes available in Java 8
private static final String CRYPT_MODE = "AES/CBC/PKCS5Padding";
//better hashes than SHA1 available in Java 8
private static final String KEY_SPEC = "PBKDF2WithHmacSHA1";
public static final void encrypt(final byte[] salt, final char[] password, final String in, final String out){
try{
final FileInputStream fis = new FileInputStream(in);
final FileOutputStream fos = new FileOutputStream(out);
SecureRandom r = new SecureRandom();
byte[] ivs = new byte[IVS_LENGTH];
r.nextBytes(ivs);
fos.write(ivs);
fos.flush();
SecretKeyFactory factory = SecretKeyFactory.getInstance(KEY_SPEC);
KeySpec spec = new PBEKeySpec(password, salt, 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance(CRYPT_MODE);
cipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(ivs));
final CipherOutputStream cos = new CipherOutputStream(fos, cipher);
int read = 0;
final byte[] buf = new byte[BUF_SIZE];
while((read = fis.read(buf)) != -1){
cos.write(buf, 0, read);
}
fis.close();
cos.close();
fos.close();
} catch(NoSuchAlgorithmException
| InvalidKeySpecException
| NoSuchPaddingException
| InvalidKeyException
| IOException
| InvalidAlgorithmParameterException e){
throw new RuntimeException(e);
}
}
public static final void decrypt(final byte[] salt, final char[] password, final String in, final String out){
try{
SecretKeyFactory factory = SecretKeyFactory.getInstance(KEY_SPEC);
final FileInputStream fis = new FileInputStream(in);
final FileOutputStream fos = new FileOutputStream(out);
final byte[] ivs = new byte[IVS_LENGTH];
fis.read(ivs);
KeySpec spec = new PBEKeySpec(password, salt, 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance(CRYPT_MODE);
cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(ivs));
final CipherInputStream cis = new CipherInputStream(fis, cipher);
int read = 0;
final byte[] buf = new byte[BUF_SIZE];
while((read = cis.read(buf)) != -1){
fos.write(buf, 0, read);
}
cis.close();
fis.close();
fos.close();
} catch(InvalidKeyException
| InvalidKeySpecException
| NoSuchPaddingException
| NoSuchAlgorithmException
| IOException
| InvalidAlgorithmParameterException e){
throw new RuntimeException(e);
}
}
public static final void main(String[] args) throws Exception{
final byte[] salt = new byte[]{1,2,3,4,5,6,7,8};
final char[] pw = "Hello World".toCharArray();
encrypt(salt, pw, "/home/brycen/Downloads/tempy", "/home/brycen/Downloads/tempycrypt");
decrypt(salt, pw, "/home/brycen/Downloads/tempycrypt", "/home/brycen/Downloads/tempydecrypt");
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment