public void write(SecureItemTable tbl, char[] password) throws IOException {
OutputStream os = new FileOutputStream(file);
OutputStream xmlout;
if (password.length == 0) {
xmlout = os;
os = null;
} else {
PBEKeySpec keyspec = new PBEKeySpec(password);
Cipher c;
try {
SecretKeyFactory fac = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey key = fac.generateSecret(keyspec);
c = Cipher.getInstance("PBEWithMD5AndDES");
c.init(Cipher.ENCRYPT_MODE, key, pbeSpec);
} catch (java.security.GeneralSecurityException exc) {
os.close();
IOException ioe = new IOException("Security exception during write");
ioe.initCause(exc);
throw ioe;
}
CipherOutputStream out = new CipherOutputStream(os, c);
xmlout = out;
}
try {
TransformerFactory tf = TransformerFactory.newInstance();
Transformer t = tf.newTransformer();
DOMSource src = new DOMSource(tbl.getDocument());
StringWriter writer = new StringWriter();
StreamResult sr = new StreamResult(writer);
t.transform(src, sr);
OutputStreamWriter osw = new OutputStreamWriter(xmlout, StandardCharsets.UTF_8);
osw.write(writer.toString());
osw.close();
} catch (Exception exc) {
IOException ioe = new IOException("Unable to serialize XML");
ioe.initCause(exc);
throw ioe;
} finally {
xmlout.close();
if (os != null) os.close();
}
tbl.setDirty(false);
return;
}
/**
* Uses a cipher to transform the bytes in an input stream and sends the transformed bytes to an
* output stream.
*
* @param in the input stream
* @param out the output stream
* @param cipher the cipher that transforms the bytes
*/
public static void crypt(InputStream in, OutputStream out, Cipher cipher)
throws IOException, GeneralSecurityException {
int blockSize = cipher.getBlockSize();
int outputSize = cipher.getOutputSize(blockSize);
byte[] inBytes = new byte[blockSize];
byte[] outBytes = new byte[outputSize];
int inLength = 0;
;
boolean more = true;
while (more) {
inLength = in.read(inBytes);
if (inLength == blockSize) {
int outLength = cipher.update(inBytes, 0, blockSize, outBytes);
out.write(outBytes, 0, outLength);
} else more = false;
}
if (inLength > 0) outBytes = cipher.doFinal(inBytes, 0, inLength);
else outBytes = cipher.doFinal();
out.write(outBytes);
}
public static void main(String[] args) {
try {
if (args[0].equals("-genkey")) {
KeyPairGenerator pairgen = KeyPairGenerator.getInstance("RSA");
SecureRandom random = new SecureRandom();
pairgen.initialize(KEYSIZE, random);
KeyPair keyPair = pairgen.generateKeyPair();
ObjectOutputStream out = new ObjectOutputStream(new FileOutputStream(args[1]));
out.writeObject(keyPair.getPublic());
out.close();
out = new ObjectOutputStream(new FileOutputStream(args[2]));
out.writeObject(keyPair.getPrivate());
out.close();
} else if (args[0].equals("-encrypt")) {
KeyGenerator keygen = KeyGenerator.getInstance("AES");
SecureRandom random = new SecureRandom();
keygen.init(random);
SecretKey key = keygen.generateKey();
// wrap with RSA public key
ObjectInputStream keyIn = new ObjectInputStream(new FileInputStream(args[3]));
Key publicKey = (Key) keyIn.readObject();
keyIn.close();
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.WRAP_MODE, publicKey);
byte[] wrappedKey = cipher.wrap(key);
DataOutputStream out = new DataOutputStream(new FileOutputStream(args[2]));
out.writeInt(wrappedKey.length);
out.write(wrappedKey);
InputStream in = new FileInputStream(args[1]);
cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
crypt(in, out, cipher);
in.close();
out.close();
} else {
DataInputStream in = new DataInputStream(new FileInputStream(args[1]));
int length = in.readInt();
byte[] wrappedKey = new byte[length];
in.read(wrappedKey, 0, length);
// unwrap with RSA private key
ObjectInputStream keyIn = new ObjectInputStream(new FileInputStream(args[3]));
Key privateKey = (Key) keyIn.readObject();
keyIn.close();
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.UNWRAP_MODE, privateKey);
Key key = cipher.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY);
OutputStream out = new FileOutputStream(args[2]);
cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, key);
crypt(in, out, cipher);
in.close();
out.close();
}
} catch (IOException e) {
e.printStackTrace();
} catch (GeneralSecurityException e) {
e.printStackTrace();
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}