Professional Documents
Culture Documents
Object Oriented, platform-independent, interpreted, multithreading A Java source program is compiled to Java byte-code.
A Java virtual machine sitting on each platform, interpreting Java byte-code to local machine instructions and executing them
Two kinds of Java program: (1) java application Run on local machine, no need to embed it into HTML Have full access to all machine resources (disk!) (2) java program It is application on the Internet You must embed it into HTML pages to run it. Secure, no access outside virtual machine
1.2 Major steps for running java program Edit source program. You can use NotePad or other Editor program to write your source program compile your java program to byte code(e.g. your java program is program.java) javac program.java run your program (application or applet) a) Application java program b) Applet First, you should write a HTML file (e.g. program.html) to invoke this java apple, then you can use appletviewer program.html or use IE, Netscape to open this HTML file. Alternatively, you may use commercially available visual environment such as Jbuilder:
http://www.borland.com/jbuilder/
Java Compiler
Because this course is not a program designing course, we dont teach the details of Java programming. You can check following URL to get useful materials.
Furthermore, you can find a lot of books on java in the library. You should grasp a lot of basic knowledge about java programming, such as variables, constants, Arithmetic, Relational, Shift, Logical and Conditional operators, Control statements (including selection statements, repetition statements and Exception Handling Statements) , and some advanced techniques in java (such as AWT, multi-thread, socket).
The standard Java Development Kit comes with a security framework called the Java Cryptography Architecture (JCA). To encrypt or decrypt data, you must use the Java Cryptography Extension (JCE) or a third-party encryption library. JCE has been integrated into the JavaTM2 SDK, Standard Edition, v 1.4, or you can download the JCE from Sun at http://java.sun.com/products/jce/index.html The Java Security API is a set of packages that are used for writing secure programs in Java. In particular, the classes and interfaces in the following packages are part of the Security API:
java.security.Key java.security.PrivateKey java.security.PublicKey javax.crypto.SecretKey java.crypto.Cipher java.security.MessageDigest java.security.Signature java.security.cert.Certificate java.security.KeyFactory javax.crypto.KeyAgreement javax.crypto.KeyGenerator javax.crypto.SecretKeyFactory java.security.SecureRandom Javax.crypto.Mac Use to encrypt and sign messages Cipher Message digest function Digital signature Authentication Symmetric Keys and Asymmetric Keys management Secure random number generator Message Authentication Code
6
} catch(IOException err) { System.out.println("Cannot open file!"); System.exit(-1); } cis = new CipherInputStream(fis, encrypt); // Write to the Encrypted file fos = new FileOutputStream(desFile); byte[] b = new byte[8]; int i = cis.read(b); while (i != -1) { fos.write(b, 0, i); i = cis.read(b); } fos.flush(); fos.close(); cis.close(); fis.close(); } catch(Exception e){ e.printStackTrace(); } } }
File desFileBis = new File("decrypt.des"); FileInputStream fis; FileOutputStream fos; CipherInputStream cis; // Creation of Secret key byte key[] = "abcdEFGH".getBytes(); SecretKeySpec secretKey = new SecretKeySpec(key,"DES"); // Creation of Cipher objects Cipher decrypt = Cipher.getInstance("DES/ECB/PKCS5Padding"); decrypt.init(Cipher.DECRYPT_MODE, secretKey); // Open the Encrypted file fis = new FileInputStream(desFile); cis = new CipherInputStream(fis, decrypt); // Write to the Decrypted file fos = new FileOutputStream(desFileBis); byte[] b = new byte[8]; int i = cis.read(b); while (i != -1) { fos.write(b, 0, i); i = cis.read(b); } fos.flush(); fos.close(); cis.close(); fis.close(); } catch(Exception e){ e.printStackTrace(); } }
Tutorial for CS 5285 Information Security for E-commerce 9
10
Exercises
Run the programs above Check if you can supply a key as user input? What other encryption algorithms you may use? And Try them. Write a java program to retrieve the HTML file at URL http://www.cs.cityu.edu.hk/~deng/ , encrypt the contents and store it into a local file deng.enc, then decrypt the file deng.enc and store it into a local file deng.dec. Try to encrypt your emails sent to your friends.
11