我终于找到了我正在寻找的东西。我刚刚被S/MIME
,ASN.1
,DER
等所有术语所困惑。但最后,似乎是巧合,我达到了来自bouncycastle的CMS
(无论是什么意思),它完成了我想要的任何事情。所以这里是我的代码:
package de.roland_illig.crypto;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.cms.CMSEnvelopedDataStreamGenerator;
import org.bouncycastle.cms.CMSEnvelopedGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class CryptDemo {
private static final File DIR = new File("c:/program files/cygwin/home/roland/crypto/");
private static X509Certificate certificate() throws IOException, GeneralSecurityException {
InputStream is = new FileInputStream(new File(DIR, "key.pub.der"));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(is);
is.close();
return cert;
}
private static void encrypt() throws IOException, GeneralSecurityException, CMSException {
CMSEnvelopedDataStreamGenerator gen = new CMSEnvelopedDataStreamGenerator();
gen.addKeyTransRecipient(certificate());
InputStream is = new FileInputStream(new File(DIR, "secret"));
OutputStream out = new FileOutputStream(new File(DIR, "secret.encrypted"));
OutputStream encryptingOut = gen.open(out, CMSEnvelopedGenerator.AES128_CBC, "BC");
IOUtils.copy(is, encryptingOut);
is.close();
encryptingOut.close();
out.close();
}
public static void main(String[] args) throws Exception {
Security.addProvider(new BouncyCastleProvider());
encrypt();
}
}
我想我已经理解了所有的概念。我只想要一种加密格式,可以通过大多数机器上已安装的工具轻松理解,而不是为加密数据片段增加自己的文件格式。 – 2011-02-13 21:36:46
@Roland在这种情况下,像http://bsdsupport.org/2007/01/q-how-do-i-use-openssl-to-encrypt-files/将做:) – erloewe 2011-02-13 21:49:33