Simple Encrypter and Decrypter Class
in [Java Programming]
|
Prev: [ANN] RefleX 0.4.0 released
Next: Exception questions
From: Gurunath M. on 24 Mar 2010 04:08 I am posting a simple Enc and Dec class, which i was googling for a long time but didnt find. Hope this will help some one. import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; public class EncrypterDecrypter { private static final String UNICODE_FORMAT = "UTF8"; public String encrypt( String unencryptedString ) throws EncryptionException { if ( unencryptedString == null || unencryptedString.trim().length() == 0 ) throw new IllegalArgumentException( "Unencrypted string cant be null or empty" ); try { byte[] keyAsBytes = unencryptedString.getBytes( UNICODE_FORMAT ); BASE64Encoder base64encoder = new BASE64Encoder(); return base64encoder.encode( keyAsBytes ); } catch (Exception e) { throw new EncryptionException( e ); } } public String decrypt( String encryptedString ) throws EncryptionException { if ( encryptedString == null || encryptedString.trim().length() <= 0 ) throw new IllegalArgumentException( "Encrypted string cant be null or empty" ); try { BASE64Decoder base64decoder = new BASE64Decoder(); byte[] uncr = base64decoder.decodeBuffer( encryptedString ); return toStr( uncr ); } catch (Exception e) { throw new EncryptionException( e ); } } private static String toStr( byte[] bytes ) { StringBuffer stringBuffer = new StringBuffer(); for (int i = 0; i < bytes.length; i++) { stringBuffer.append( (char) bytes[i] ); } return stringBuffer.toString(); } public static class EncryptionException extends Exception { public EncryptionException( Throwable t ) { super( t ); } } public static void main (String s[]) throws Exception { EncrypterDecrypter ed = new EncrypterDecrypter(); if (s.length != 2) { log(" Not enough parameters "); log(" Usage : \n java EncrypterDecrypter 1 <string> \n \t or \n java EncrypterDecrypter 2 <string> \n \t 1 -> Encryption 2-> Decryption"); System.exit(0); } int action = -1; String str = null; try { action = Integer.parseInt(s[0]); } catch(Exception e) { log (" Invalid input provided for first param"); System.exit(0); } log(" Action to be taken :"+ action); switch(action) { case 1: String encr = ed.encrypt(s[1]); log(" Encrypted String "+ s[0]+" is : "+ encr); break; case 2: String decr = ed.decrypt(s[1]); log(" Decrypted String of "+ s[1]+" is : "+ decr); break; case 9: String enc = ed.encrypt(s[1]); log(" Encrypted String : "+ enc); String dec = ed.decrypt(enc); log(" Decrypted String : "+ dec); break; default: log(" Wrong parameter value passed, please check ... "); break; } } public static void log(String s) { System.out.println(s); } }
From: Lew on 24 Mar 2010 08:36 Gurunath M. wrote: > I am posting a simple Enc and Dec class, which i [sic] was googling for a > long time but didnt find. > > Hope this will help some one. > > > import sun.misc.BASE64Decoder; > import sun.misc.BASE64Encoder; You shouldn't use sun.* internal packages. There are standard Java API and Apache Commons classes that will do this. Also, Base64 is not "encryption". <http://java.sun.com/products/javamail/javadocs/javax/mail/internet/MimeUtility.html> <http://commons.apache.org/codec/apidocs/org/apache/commons/codec/binary/Base64.html> Please do not use TAB characters to indent Usenet code posts; it makes them hard to read. Use spaces, a maximum of four per indent level. Comments and questions (which differ) inline: > public class EncrypterDecrypter > { > > private static final String UNICODE_FORMAT = "UTF8"; > > > > public String encrypt( String unencryptedString ) throws > EncryptionException > { > if ( unencryptedString == null || unencryptedString.trim().length() > == 0 ) Why would you trim a string slated for encryption? > throw new IllegalArgumentException( > "Unencrypted string cant be null or empty" ); I suggest that spelling be correct in published code's published messages. > try > { > byte[] keyAsBytes = unencryptedString.getBytes( UNICODE_FORMAT ); > BASE64Encoder base64encoder = new BASE64Encoder(); > return base64encoder.encode( keyAsBytes ); > } > catch (Exception e) Catching 'Exception' is an antipattern here. > { > throw new EncryptionException( e ); > } > } > > public String decrypt( String encryptedString ) throws > EncryptionException > { > if ( encryptedString == null || encryptedString.trim().length() <= > 0 ) > throw new IllegalArgumentException( "Encrypted string cant be null > or empty" ); Why declare a checked exception if you aren't going to use it? > try > { > > BASE64Decoder base64decoder = new BASE64Decoder(); > > byte[] uncr = base64decoder.decodeBuffer( encryptedString ); > > return toStr( uncr ); > } > catch (Exception e) > { > throw new EncryptionException( e ); > } > } > > private static String toStr( byte[] bytes ) You don't control the character encoding, which means that the "encryption" and "decryption" aren't symmetrical, you go through a lot of trouble to avoid using the constructor 'String(byte[])', and you use 'StringBuffer' instead of 'StringBuilder', all mistakes. > { > StringBuffer stringBuffer = new StringBuffer(); > for (int i = 0; i < bytes.length; i++) > { > stringBuffer.append( (char) bytes[i] ); > } > return stringBuffer.toString(); > } > > public static class EncryptionException extends Exception > { > public EncryptionException( Throwable t ) > { > super( t ); > } > } > > public static void main (String s[]) throws Exception 'main()' never throws a checked exception - why are you declaring that it does? > { > EncrypterDecrypter ed = new EncrypterDecrypter(); > > if (s.length != 2) > { > log(" Not enough parameters "); 's' could be longer than 2. > log(" Usage : \n java EncrypterDecrypter 1 <string> \n \t or \n > java EncrypterDecrypter 2 <string> \n \t 1 -> Encryption 2-> > Decryption"); > System.exit(0); > } > > int action = -1; > String str = null; > > try > { > action = Integer.parseInt(s[0]); > } > catch(Exception e) > { > log (" Invalid input provided for first param"); > System.exit(0); > } > > log(" Action to be taken :"+ action); Use of an 'int' for 'action' is not optimal. Use an enum. > switch(action) > { > case 1: > String encr = ed.encrypt(s[1]); > log(" Encrypted String "+ s[0]+" is : "+ encr); > break; > > case 2: > String decr = ed.decrypt(s[1]); > log(" Decrypted String of "+ s[1]+" is : "+ decr); > break; > > case 9: > String enc = ed.encrypt(s[1]); > log(" Encrypted String : "+ enc); > String dec = ed.decrypt(enc); > log(" Decrypted String : "+ dec); > break; > > default: > log(" Wrong parameter value passed, please check ... "); > break; > > } > > } > > public static void log(String s) > { > System.out.println(s); This isn't logging. There are two standard logging libraries, one from the Java API and the other from Apache; use one of those. > } > } HTH. -- Lew
From: rossum on 24 Mar 2010 12:15 On Wed, 24 Mar 2010 01:08:17 -0700 (PDT), "Gurunath M." <m.gurunath(a)gmail.com> wrote: >I am posting a simple Enc and Dec class, which i was googling for a >long time but didnt find. As Lew said, Base 64 is not encryption, it does not have a key so anybody who can understand RFC 3548 can read it. There is a class which can do Base64 in Java, unfortunately it is in Java EE so not all systems can be guaranteed to have it. There are 1001 free implementations of Base64 out there. If you want to write your own simple encryption program then I would suggest RC4 as one way to start. That is an encryption and does need a key. > >Hope this will help some one. > > >import sun.misc.BASE64Decoder; >import sun.misc.BASE64Encoder; As Lew said, using non-standard libraries is dangerous. These classes are not guaranteed to be present in future releases. Their name might change to oracle.misc....! > >public class EncrypterDecrypter >{ > > private static final String UNICODE_FORMAT = "UTF8"; > > > > public String encrypt( String unencryptedString ) throws >EncryptionException Base64 is used to carry non-alphanumeric data safely in situations where such data might be misinterpreted. There is little point in accepting a string as input here, better to accept a byte[]. [snip code] > > private static String toStr( byte[] bytes ) > { Why not use the String constructor that takes an array of bytes as a parameter? rossum [snip more code]
From: Roedy Green on 24 Mar 2010 13:57 On Wed, 24 Mar 2010 01:08:17 -0700 (PDT), "Gurunath M." <m.gurunath(a)gmail.com> wrote, quoted or indirectly quoted someone who said : >I am posting a simple Enc and Dec class, which i was googling for a >long time but didnt find. Base64 in not an encryptor. It is an armourer. It is trivially easy for anyone to undo. See http://mindprod.com/jgloss/base64.html For encryption, you need JCE. see http://mindprod.com/jgloss/jce.html I have written a very light weight encryption package that uses public/private key encryption that does not require JCE, so works on old JDKs too. see http://mindprod.com/products.html#TRANSPORTER -- Roedy Green Canadian Mind Products http://mindprod.com Responsible Development is the style of development I aspire to now. It can be summarized by answering the question, �How would I develop if it were my money?� I�m amazed how many theoretical arguments evaporate when faced with this question. ~ Kent Beck (born: 1961 age: 49) , evangelist for extreme programming.
From: Lew on 24 Mar 2010 14:09
Roedy Green wrote: > I have written a very light weight [sic] encryption package that uses > public/private key encryption that does not require JCE, so works on > old JDKs too. see <http://mindprod.com/products.html#TRANSPORTER> They'd have to be pretty darned old! JCE came in with Java 1.4, over eight years and two obsolescent Java versions ago. That in no wise diminishes the contribution or value of Roedy's library. One might even prefer it when using less hoary versions of Java. -- Lew |