David.Turing's blog

 

我的评论

共3页: 1 2 3 下一页 
re: Sun的Web Service开源实现--Metro 牛 david.turing 2008-12-27 09:17  
我是BEA的工程师,WebLogic现在是双栈运行,目前JAX-WS是基于Metro的,base JAXB的。
re: 将Spring用于高并发环境的隐忧 david.turing 2008-06-14 09:49  
典型的部署期泄露,这种有可能是Spring的Bug,它可能没有正确实现J2EE的context销毁接口。
1.5的concurrent hashmap产生的用途就是为了hashmap同步
re: 将Spring用于高并发环境的隐忧 david.turing 2008-04-23 11:01  
邢总说对了,佩服。不过,厂家的支持会让Spring更适用于商业化。未来的WebLogic版本(Essex),应该对Spring有较大的优化,包括:

1, 基于Spring的部署方式实现本地WLS部署,我们可以将Spring Module实现weblogic.application.Module接口,即可让Spring模块享受WebLogic的2阶段部署的特性。

2, 一些预配置的Beans能够无需Spring配置声明即可注入到Spring应用中,applicationContext看上去会简洁很多

3, 为Beans提供scope,比如ClusteringScope,以便支持集群技术

4, WebLogic Consle展示Spring应用的RuntimeMBeans

5, 9.2之后WLDF可以用于上面的RuntimeMBeans,可以定期抓取Runtime信息了

6, Spring应用默认支持OpenJPA作为持久层支持,当然,KODO、Hibernate切换也是简单的
re: 将Spring用于高并发环境的隐忧 david.turing 2008-04-22 10:16  
说的没错,任何优秀的产品都会有Bug,但除非用的场景足够多和复杂,否则某些严重的Bug还是会隐藏的很深。
re: Java读取BMP文件 david.turing 2007-11-07 17:52  
我晕,没有publish到blog的文章也能google到?
re: RSA使用简述 david.turing 2007-11-04 09:46  
如果你使用了SHA1并对散列值进行RSA签名、加密,则Padding的过程无需你本人去干预。
或者你可以看看下面的代码(RSAUtils.java):

package org.dev2dev.security.crypto.Asymmetric;

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.SecureRandom;

import org.bouncycastle.crypto.AsymmetricBlockCipher;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.encodings.OAEPEncoding;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.DESEngine;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
import org.bouncycastle.util.encoders.Hex;
import org.dev2dev.security.crypto.blockcipher.BlockCipherTool;


/**
* RSA工具类
* @author david.turing
* @copyright GuangZhou BEA Usergroup
* @version 0.7
* @modifyTime 22:30:34
*/
public class RSAUtils {

int keylength=1024;
int certainty=20;
RSAKeyGenerationParameters keyparam;
AsymmetricBlockCipher eng = null;
RSAKeyPairGenerator pGen = null;
AsymmetricCipherKeyPair pair = null;

public RSAUtils()
{

}

public String getName()
{
return "RSA";
}

/**
* 设置RSA的密钥长度
* @param rsakeylength
*/
public void setKeyLength(int rsakeylength)
{
if(rsakeylength==512||rsakeylength==768||rsakeylength==1024||rsakeylength==2048)
keylength=rsakeylength;
}

/**
* 设置RSA Key Pair的素数产生经度,该数值越大,理论产生的RSA Key安全性越高
* @param certaintyofprime
*/
public void setCertaintyOfPrime(int certaintyofprime)
{
certainty=certaintyofprime;
}

/**
* 生成RSA Keypair,如果你不是通过ImportPublicKey和ImportPrivateKey
* 来导入密钥对,则可通过此方法随机生成。
*
* @return RSAKeyGenerationParameters
*/
public void initRSAKeyPair()
{
/**
* 注意, 第一个参数被写死了,它是publicExponent, 即e
* e通常选3,17,65537
* X.509建议使用65537
* PEM建议使用3
* PKCS#1建议使用3或65537
* 在本算法中,它使用了3,即0x3
*/
RSAKeyGenerationParameters rsaparam=
new RSAKeyGenerationParameters(BigInteger.valueOf(0x3),
new SecureRandom(), this.keylength, this.certainty);
this.keyparam = rsaparam;
//RSA Keypair的生成依赖于rsaparam
RSAKeyPairGenerator pGen = new RSAKeyPairGenerator();
pGen.init(keyparam);
pair = pGen.generateKeyPair();
pair.getPublic();
}

/**
* 设置RSA密钥对,此方法用于从外部文件导入RSA密钥对
* @see ImportPublicKey(String)
* @see ImportPrivateKey(String)
* @param pubparam 公钥
* @param privparam 私钥
*/
public void setRSAKeyPair(RSAKeyParameters pubparam, RSAPrivateCrtKeyParameters privparam)
{
AsymmetricCipherKeyPair newpair=new AsymmetricCipherKeyPair(pubparam,privparam);
pair=newpair;

}

/**
* 该函数返回公钥
* @return
*/
public RSAKeyParameters getPublicKey()
{
return (RSAKeyParameters)pair.getPublic();
}

/**
* 该函数返回私钥
* 注意,RSAPrivateCrtKeyParameters其实继承了RSAKeyParameters
* @see getPublicKey()
* @return
*/
public RSAPrivateCrtKeyParameters getPrivateKey()
{
return (RSAPrivateCrtKeyParameters)pair.getPrivate();
}

/**
* RSA的padding模式,安全性依次递增
* mode=1 RAW RSA 安全性最差
* mode=2 PKCS1
* mode=3 OAEP
* @param mode
*/
public void setRSAMode(int mode)
{
eng = new RSAEngine(); //默认就是RAW模式, 安全性问题,已不再使用
if (mode==2)
eng = new PKCS1Encoding(eng);
else
eng = new OAEPEncoding(eng); //mode==3
}

/**
* 该RSAEngine的每次处理输入数据,以Block为单位,是32Bytes
* 因此,本函数的输入要严格控制在32Byte,即256bit数据
* 超出该长度会抛出异常。
* 本函数要求输入必须为16进制字符0-F。
*
* @see Decrypt(String input)
* @param input
* @return
*/
public String encrypt(String input)
{

byte[] inputdata=Hex.decode(input);

//用公钥加密
eng.init(true, pair.getPublic());

System.out.println(">>>加密参数");
System.out.println(">>>明文字节数:"+inputdata.length);
System.out.println(">>>RSA Engine Input Block Size="+this.eng.getInputBlockSize());
System.out.println(">>>RSA Engine Output Block Size="+this.eng.getOutputBlockSize());

try
{
inputdata = eng.processBlock(inputdata, 0, inputdata.length);
}
catch (Exception e)
{
e.printStackTrace();
}

return new String(Hex.encode(inputdata));
}

/**
* 该函数输入为字节,并规定其长度为32字节
* 超出该长度会抛出异常
* @see Decrypt(byte[] inputdata)
* @param inputdata
* @return
*/
public byte[] encrypt(byte[] inputdata)
{
byte[] outputdata=null;

//用公钥加密
eng.init(true, pair.getPublic());

try
{
inputdata = eng.processBlock(inputdata, 0, inputdata.length);
outputdata=new byte[eng.getOutputBlockSize()];
outputdata=inputdata;
}
catch (Exception e)
{
e.printStackTrace();
}

return outputdata;
}


/**
* 加密ByteArrayInputStream流,在该方法中,会对input做分段处理,每段都将会
* 以inBlockSize来划分明文,密文同样会设置换行,因此,将来在加密过程中,密文
* 需要分行读入,在明文、密文,唯一对应的是inBlock和outBlock,它们是换行对应的。
*
* 本函数已经处理结尾Block问题
* @param input
* @param Key
* @return
*/
public byte[] encryptPro(byte[] inputload)
{
ByteArrayInputStream inputstream=new ByteArrayInputStream(inputload);
ByteArrayOutputStream outputstream=new ByteArrayOutputStream();


//用公钥加密
eng.init(true, pair.getPublic());

int inBlockSize =this.eng.getInputBlockSize() ;
int outBlockSize = this.eng.getOutputBlockSize();

try {
System.out.println("加密的 InBlockSize="+inBlockSize);
System.out.println("加密的outBlockSize="+outBlockSize);

encryptPro(inputstream, outputstream);

} catch (DataLengthException e) {
e.printStackTrace();
} catch (IllegalStateException e) {
e.printStackTrace();
} catch(Exception e){
e.printStackTrace();
}

byte[] outputload=outputstream.toByteArray();


System.out.println("###[1]明文大小:"+inputload.length);
System.out.println("###[1]密文大小:"+outputload.length);

return outputload;
}

/**
* 加密BufferedInputStream流,在该方法中,会对input做分段处理,每段都将会
* 以inBlockSize来划分明文,密文同样会设置换行,因此,将来在加密过程中,密文
* 需要分行读入,在明文、密文,唯一对应的是inBlock和outBlock,它们是换行对应的。
*
*此函数未处理padding,如果你不想自己调整padding,请用encryptPro
*@see encryptPro(BufferedInputStream inputstream,BufferedOutputStream outputstream)
*
* @param input
* @param Key
* @return
*/
public void encrypt(BufferedInputStream inputstream,BufferedOutputStream outputstream)
{
//用公钥加密
eng.init(true, pair.getPublic());

int inBlockSize =this.eng.getInputBlockSize() ;
int outBlockSize = this.eng.getOutputBlockSize();

byte[] inblock = new byte[inBlockSize];
byte[] outblock = new byte[outBlockSize];

byte[] rv = null;
try {
while (inputstream.read(inblock, 0, inBlockSize) > 0)
{
outblock = eng.processBlock(inblock, 0, inBlockSize);
rv = Hex.encode(outblock, 0, outBlockSize);
outputstream.write(rv, 0, rv.length);
outputstream.write('\n');

}

} catch (DataLengthException e) {
e.printStackTrace();
} catch (IllegalStateException e) {
e.printStackTrace();
} catch(Exception e){
e.printStackTrace();
}

}


/**
* 加密BufferedInputStream流,在该方法中,会对input做分段处理,每段都将会
* 以inBlockSize来划分明文,密文同样会设置换行,因此,将来在加密过程中,密文
* 需要分行读入,在明文、密文,唯一对应的是inBlock和outBlock,它们是换行对应的。
*
* 该函数会在加密文件的头部注明padding_size
* padding_size即padding_size即明文流按照inBlockSize划分后
* 最后一个block的未占满的大小(字节数)
*
* @param input
* @param Key
* @return
*/
public void encryptPro(InputStream inputstream,OutputStream outputstream)
{
//用公钥加密
eng.init(true, pair.getPublic());

int inBlockSize =this.eng.getInputBlockSize() ;
int outBlockSize = this.eng.getOutputBlockSize();

byte[] inblock = new byte[inBlockSize];
byte[] outblock = new byte[outBlockSize];


byte[] rv = null;

try {

//System.out.println("stream length="+inputstream.available());
int padding_size=inBlockSize-(inputstream.available() % inBlockSize);
//System.out.println("padding_size="+padding_size);

/*写入padding_size,处理最后一个Block不够inBlockSize的情况
* 记住不要自己修改inBlockSize,因为RSA共有三种模式,每种模式
* 对Padding的处理方式都不一样,所以,不要修改对processBlock
* 的加密解密方式。总之,不要修改RSA的inBlock!
*/
outputstream.write((padding_size+"").getBytes());
outputstream.write('\n');

while (inputstream.read(inblock, 0, inBlockSize) > 0)
{
outblock = eng.processBlock(inblock, 0, inBlockSize);
rv = Hex.encode(outblock, 0, outBlockSize);

//System.out.println("Hex len="+rv.length);
outputstream.write(rv, 0, rv.length);

outputstream.write('\n');
}

} catch (DataLengthException e) {
e.printStackTrace();
} catch (IllegalStateException e) {
e.printStackTrace();
} catch(Exception e){
e.printStackTrace();
}

}

/**
* 解密字符串
* @param input
* @return
*/
public String decrypt(String input)
{

byte[] inputdata=Hex.decode(input);

eng.init(false,pair.getPrivate());
System.out.println(">>>加密参数");
System.out.println(">>>RSA Engine Input Block Size="+this.eng.getInputBlockSize());
System.out.println(">>>RSA Engine Output Block Size="+this.eng.getOutputBlockSize());

try
{
inputdata=eng.processBlock(inputdata,0,inputdata.length);
}
catch(Exception e)
{
e.printStackTrace();
}

return new String(Hex.encode(inputdata));

}

/**
* 解密字节数组
* @param inputdata
* @return
*/
public byte[] decrypt(byte[] inputdata)
{
byte[] outputdata=null;

//用公钥加密
eng.init(false, pair.getPrivate());

try
{
inputdata = eng.processBlock(inputdata, 0, inputdata.length);
outputdata=new byte[eng.getOutputBlockSize()];
outputdata=inputdata;
}
catch (Exception e)
{
e.printStackTrace();
}

return outputdata;
}

/**
* 解密流
*
* 本函数已经处理结尾Block问题
* @see encryptPro(byte[] inputload)
*
* @param inputstream 被加密过的流
* @param outputstream 解密输出的流
*/
public byte[] decryptPro(byte[] inputload)
{

ByteArrayInputStream inputstream=new ByteArrayInputStream(inputload);
ByteArrayOutputStream outputstream=new ByteArrayOutputStream();

//设置引擎
eng.init(false, pair.getPrivate());

int inBlockSize =this.eng.getInputBlockSize() ;
int outBlockSize = this.eng.getOutputBlockSize();

try {
System.out.println("解密的In BlockSize="+inBlockSize);
System.out.println("解密的out BlockSize="+outBlockSize);

this.decryptPro(inputstream, outputstream);
} catch (DataLengthException e) {
e.printStackTrace();
} catch (IllegalStateException e) {
e.printStackTrace();
}
catch(Exception e)
{
e.printStackTrace();
}

//System.out.println("解密。。。outputload="+new String(outputload));

//byte[] outputload=new byte[outputstream.size()];
byte[] outputload=outputstream.toByteArray();

System.out.println("###[2]密文大小:"+inputload.length);
System.out.println("###[2]明文大小:"+outputload.length);

return outputload;
}



/**
* 解密RSA流,首先先读取RSA的流的padding_size(第一行)
*
* @param inputstream 被加密过的流
* @param outputstream 解密输出的流
*/
public void decryptPro(InputStream inputstream, OutputStream outputstream)
{
//设置引擎
eng.init(false, pair.getPrivate());

BufferedReader br = new BufferedReader(new InputStreamReader(inputstream));

int inBlockSize =this.eng.getInputBlockSize() ;
int outBlockSize = this.eng.getOutputBlockSize();

int lines;

byte[] outblock = new byte[outBlockSize];

String rv = null;
int inL=0;
byte[] last=null;

try {
int amout=inputstream.available();
lines=amout/(inBlockSize*2);
//System.out.println("lines="+lines);
rv=br.readLine();

//System.out.println("#########padding size="+rv);
int padding_size=Integer.parseInt(rv);

while ((rv = br.readLine()) != null)
{
lines--;
/* 要注意,Hex处理密文是将每个byte用2个16进制表示
* 一个Hex码其实只需4bit来表示,一个byte有8bit,因此
* 需要2个Hex码表示,所以,一个字符经Hex Encode会
* 变成两个Hex字符。
*/
inL=rv.length()/2;
last=new byte[inL];
last = Hex.decode(rv);

outblock = eng.processBlock(last, 0, inBlockSize);

if(lines>0)
{
outputstream.write(outblock, 0, outBlockSize);
}
else
outputstream.write(outblock, 0, outBlockSize-padding_size);

}

} catch (DataLengthException e) {
e.printStackTrace();
} catch (IllegalStateException e) {
e.printStackTrace();
}
catch(Exception e)
{
e.printStackTrace();
}

}

/**
* 输出公钥到文件
* @param Filename
*/
public void ExportPublicKey(String Filename)
{
String outfile = Filename;
BufferedOutputStream outstream = null;

try
{
outstream = new BufferedOutputStream(new FileOutputStream(outfile));
}
catch (IOException fnf)
{
System.err.println("无法创建公钥文件 ["+outfile+"]");
System.exit(1);
}


RSAKeyParameters mypubkey=this.getPublicKey();
BigInteger mypubkey_modulus=mypubkey.getModulus();
BigInteger mypubkey_exponent=mypubkey.getExponent();
System.out.println("[ExportPublicKey]mypubkey_modulus="+mypubkey_modulus.toString());
System.out.println("[ExportPublicKey]mypubkey_exponent="+mypubkey_exponent);

try
{
outstream.write(mypubkey_modulus.toString().getBytes());
outstream.write('\n');
outstream.write(mypubkey_exponent.toString().getBytes());
outstream.flush();
outstream.close();
}
catch (IOException closing)
{
closing.printStackTrace();
}
System.out.println("公钥输出到文件:"+Filename);

}

/**
* 从文件中导入公钥到内存
* @param Filename
* @return
*/
public RSAKeyParameters ImportPublicKey(String Filename)
{
String infile = Filename;
BufferedInputStream instream = null;
RSAKeyParameters RSAParam=null;
try
{
instream = new BufferedInputStream(new FileInputStream(infile));
}
catch (FileNotFoundException fnf)
{
System.err.println("公钥文件没有找到 ["+infile+"]");
System.exit(1);
}

BufferedReader br = new BufferedReader(new InputStreamReader(instream));
BigInteger mypubkey_modulus=null;
BigInteger mypubkey_exponent=null;
String readstr=null;

try {

readstr = br.readLine();

mypubkey_modulus= new BigInteger(readstr);
System.out.println("[ImportPublicKey]mypubkey_modulus="+mypubkey_modulus.toString());

readstr = br.readLine();
mypubkey_exponent=new BigInteger(readstr);
System.out.println("[ImportPublicKey]mypubkey_exponent="+mypubkey_exponent);

RSAParam=new RSAKeyParameters(false,mypubkey_modulus,mypubkey_exponent);

} catch (DataLengthException e) {
e.printStackTrace();
} catch (IllegalStateException e) {
e.printStackTrace();
}
catch(Exception e)
{
e.printStackTrace();
}
return RSAParam;

}

/**
* 输出私钥到指定的文件
* @param Filename
*/
public void ExportPrivateKey(String Filename)
{

String outfile = Filename;
BufferedOutputStream outstream = null;

try
{
outstream = new BufferedOutputStream(new FileOutputStream(outfile));
}
catch (IOException fnf)
{
System.err.println("输出文件无法创建 ["+outfile+"]");
System.exit(1);
}


RSAPrivateCrtKeyParameters myprivkey=this.getPrivateKey();

BigInteger myprivkey_modulus=myprivkey.getModulus();
BigInteger myprivkey_exponent=myprivkey.getExponent();
BigInteger e=myprivkey.getPublicExponent(); //e is public
BigInteger dP=myprivkey.getDP();
BigInteger dQ=myprivkey.getDQ();
BigInteger p=myprivkey.getP();
BigInteger q=myprivkey.getQ();
BigInteger qInv=myprivkey.getQInv();


try
{
outstream.write(myprivkey_modulus.toString().getBytes());
outstream.write('\n');
outstream.write(e.toString().getBytes());
outstream.write('\n');
outstream.write(myprivkey_exponent.toString().getBytes());
outstream.write('\n');
outstream.write(p.toString().getBytes());
outstream.write('\n');
outstream.write(q.toString().getBytes());
outstream.write('\n');
outstream.write(dP.toString().getBytes());
outstream.write('\n');
outstream.write(dQ.toString().getBytes());
outstream.write('\n');
outstream.write(qInv.toString().getBytes());
outstream.write('\n');

outstream.flush();
outstream.close();
}
catch (IOException closing)
{
closing.printStackTrace();
}
System.out.println("私钥输出到文件:"+Filename);

}

/**
* 输出私钥到指定的文件,私钥经过密码加密
* 强烈建议在生产环境中使用此方法而不要使用
* ExportPrivateKey(String Filename)
*
* @param Filename 私钥文件
* @param Password 私钥的保护密码
*/
public void ExportPrivateKeyWithPass(String Filename, String Password)
{

String outfile = Filename;

ByteArrayOutputStream outstream=null;
BufferedOutputStream keyoutstream=null;
//借助BlockCipherTool来加密私钥
BlockCipherTool cipherTool=new BlockCipherTool();

//暂时使用DES加密私钥
//cipherTool.setEngine(new AESEngine());
//cipherTool.setEngine(new IDEAEngine());
cipherTool.setEngine(new DESEngine());
//cipherTool.setEngine(new BlowfishEngine());

//cipherTool.setKeyLength(64); //AES 32(Hex)*4=128bit
//String keyStr="123456789012345678901234567890FF"; //16进制 128bit AES Key
//String keyStr="123456789012345678901234567890FF123456789012345678901234567890FF"; //16进制 256bit AES Key
//String keyStr="123456789012345678901234567890FF"; //16进制 128bit IDEA Key
//String keyStr="0123456789abcdef"; //16进制 64bit(56) DES Key
//String keyStr="0123456789ABCDEF"; //16进制 64bit(56) Blowfish Key


outstream = new ByteArrayOutputStream();
try
{
keyoutstream = new BufferedOutputStream(new FileOutputStream(outfile));

}
catch (Exception fnf)
{
System.err.println("输出文件无法创建 ["+outfile+"]");
System.exit(1);
}


RSAPrivateCrtKeyParameters myprivkey=this.getPrivateKey();

BigInteger myprivkey_modulus=myprivkey.getModulus();
BigInteger myprivkey_exponent=myprivkey.getExponent();
BigInteger e=myprivkey.getPublicExponent(); //e is public
BigInteger dP=myprivkey.getDP();
BigInteger dQ=myprivkey.getDQ();
BigInteger p=myprivkey.getP();
BigInteger q=myprivkey.getQ();
BigInteger qInv=myprivkey.getQInv();


try
{
// 产生正确的私钥流
outstream.write(myprivkey_modulus.toString().getBytes());
outstream.write('\n');
outstream.write(e.toString().getBytes());
outstream.write('\n');
outstream.write(myprivkey_exponent.toString().getBytes());
outstream.write('\n');
outstream.write(p.toString().getBytes());
outstream.write('\n');
outstream.write(q.toString().getBytes());
outstream.write('\n');
outstream.write(dP.toString().getBytes());
outstream.write('\n');
outstream.write(dQ.toString().getBytes());
outstream.write('\n');
outstream.write(qInv.toString().getBytes());
outstream.write('\n');


byte[] privatekey_withtoutpass=outstream.toByteArray();

ByteArrayInputStream keyinstream=new ByteArrayInputStream(privatekey_withtoutpass);

//加密私钥
cipherTool.init(true,Password);
//将outstream转型成keyinstream,将keyinstream执行DES加密
cipherTool.Encrypt(keyinstream,keyoutstream);

keyinstream.close();
keyoutstream.flush();
keyoutstream.close();


}
catch (IOException closing)
{
closing.printStackTrace();
}

System.out.println("私钥经过加密并输出到文件:"+Filename);

}

/**
* 从某个文件中导入私钥,假定私钥未被加密
* @see ExportPrivateKey(String Filename)
* @param Filename
* @return
*/
public RSAPrivateCrtKeyParameters ImportPrivateKey(String Filename)
{
String infile = Filename;
BufferedInputStream instream = null;
RSAPrivateCrtKeyParameters RSAPrivParam=null;

try
{
instream = new BufferedInputStream(new FileInputStream(infile));
}
catch (FileNotFoundException fnf)
{
System.err.println("私钥文件没有找到 ["+infile+"]");
System.exit(1);
}

BufferedReader br = new BufferedReader(new InputStreamReader(instream));


BigInteger myprivkey_modulus=null;
BigInteger myprivkey_exponent=null;
BigInteger e=null;
BigInteger p=null;
BigInteger q=null;
BigInteger dP=null;
BigInteger dQ=null;
BigInteger qInv=null;

String readstr=null;
try {

readstr = br.readLine();
myprivkey_modulus= new BigInteger(readstr);
readstr = br.readLine();
e= new BigInteger(readstr);
readstr = br.readLine();
myprivkey_exponent= new BigInteger(readstr);
readstr = br.readLine();
p= new BigInteger(readstr);
readstr = br.readLine();
q= new BigInteger(readstr);
readstr = br.readLine();
dP= new BigInteger(readstr);
readstr = br.readLine();
dQ= new BigInteger(readstr);
readstr = br.readLine();
qInv= new BigInteger(readstr);


RSAPrivParam=new RSAPrivateCrtKeyParameters(myprivkey_modulus, myprivkey_exponent,
e,p,q,dP,dQ,qInv);

} catch (DataLengthException ex) {
ex.printStackTrace();
} catch (IllegalStateException ex) {
ex.printStackTrace();
}
catch(Exception ex)
{
ex.printStackTrace();
}
return RSAPrivParam;

}

/**
* 从私钥文件中导入私钥,并用保护密码通过DES解密该私钥
* 放入内存,该方法跟ExportPrivateKeyWithPass 对应
*
* @see ExportPrivateKeyWithPass(String Filename, String Password)
* @param Filename
* @param Password
* @return
*/
public RSAPrivateCrtKeyParameters ImportPrivateKeyWithPass(String Filename,String Password)
{
String infile = Filename;
InputStream instream = null;

ByteArrayInputStream keyinstream =null;
ByteArrayOutputStream keyoutstream = new ByteArrayOutputStream();

//借助BlockCipherTool来加密私钥
BlockCipherTool cipherTool=new BlockCipherTool();

//暂时使用DES加密私钥
//cipherTool.setEngine(new AESEngine());
//cipherTool.setEngine(new IDEAEngine());
cipherTool.setEngine(new DESEngine());
//cipherTool.setEngine(new BlowfishEngine());

//cipherTool.setKeyLength(64); //AES 32(Hex)*4=128bit
//String keyStr="123456789012345678901234567890FF"; //16进制 128bit AES Key
//String keyStr="123456789012345678901234567890FF123456789012345678901234567890FF"; //16进制 256bit AES Key
//String keyStr="123456789012345678901234567890FF"; //16进制 128bit IDEA Key
//String keyStr="0123456789abcdef"; //16进制 64bit(56) DES Key
//String keyStr="0123456789ABCDEF"; //16进制 64bit(56) Blowfish Key


RSAPrivateCrtKeyParameters RSAPrivParam=null;
try
{
instream = new BufferedInputStream(new FileInputStream(infile));
}
catch (FileNotFoundException fnf)
{
System.err.println("私钥文件没有找到 ["+infile+"]");
System.exit(1);
}

cipherTool.init(false,Password);

//keyinstream-->ByteArrayOutputStream,将keyinstream执行DES加密
cipherTool.Decrypt(instream,keyoutstream);

byte[] privatekey_withtoutpass=keyoutstream.toByteArray();

keyinstream=new ByteArrayInputStream(privatekey_withtoutpass);



BigInteger myprivkey_modulus=null;
BigInteger myprivkey_exponent=null;
BigInteger e=null;
BigInteger p=null;
BigInteger q=null;
BigInteger dP=null;
BigInteger dQ=null;
BigInteger qInv=null;

String readstr=null;
try {

BufferedReader br = new BufferedReader(new InputStreamReader(keyinstream));

readstr = br.readLine();
myprivkey_modulus= new BigInteger(readstr);
readstr = br.readLine();
e= new BigInteger(readstr);
readstr = br.readLine();
myprivkey_exponent= new BigInteger(readstr);
readstr = br.readLine();
p= new BigInteger(readstr);
readstr = br.readLine();
q= new BigInteger(readstr);
readstr = br.readLine();
dP= new BigInteger(readstr);
readstr = br.readLine();
dQ= new BigInteger(readstr);
readstr = br.readLine();
qInv= new BigInteger(readstr);


RSAPrivParam=new RSAPrivateCrtKeyParameters(myprivkey_modulus, myprivkey_exponent,
e,p,q,dP,dQ,qInv);


keyinstream.close();
keyoutstream.flush();
keyoutstream.close();

} catch (DataLengthException ex) {
ex.printStackTrace();
} catch (IllegalStateException ex) {
ex.printStackTrace();
}
catch(Exception ex)
{
ex.printStackTrace();
}

return RSAPrivParam;

}

/**
* 为一个Block清0
* @param block
*/
public void reset(byte[] block)
{
for(int i=0;i<block.length;i++)
block[i]=(byte)0;
}

/**
* 将某个Block自off后的字节清0
* @param block
* @param off
*/
public void padding(byte[] block, int off)
{
for(int i=off;i<block.length;i++)
block[i]=(byte)0;
}


}
re: 发布GIF4J破解版 david.turing 2007-09-16 12:57  
哦,JPG似乎不支持吧?
re: 关于配置Weblogic的NodeManager服务 david.turing 2007-09-06 12:00  
如果嫌SSL配置麻烦,可以使用Demo Identity和Demo Trust,即不过,还有一种更简单的方式,即nodemanager.properties中使用Demo方式(反注释Demo哪一行即可),其他配置一样。
这个老帖子都过去一年多了,居然还能通过google找到,再次介绍1下广州的QQ群:16699048
目前,国内,引用文章主要有几种
1,完全不修改作者原来的内容,并且注明出处
2,完全不修改作者原来的内容,不注明出处
3,在作者原来的内容并把著作权相关的东西换成自己的



楼上的兄弟问的非常好
pgp.org.cn是帮java2s.com做了一个镜像(mirror),完全引用了java2s
不信看看所有的页面,最后都是有
---------------------------
Home| Contact Us
Copyright 2003 - 04 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.
----------------------------
基本上所有source都是链回去java2s.

ReLicense是另外一个问题。
re: 中国应该有自己的PGP群体[未登录] david.turing 2007-05-20 12:16  
大部分PGP软件都以一个sig的文件存在,对于邮件文本,你可以选择用
-----BEGIN PGP SIGNED MESSAGE-----
-----END PGP SIGNATURE-----
的方式括起来,PGP客户端会帮你识别,如果你选择dat格式,则你需要手动用PGP Desktop打开来验证,鼠标右键有这个功能。
re: 发布一个简易的EclipseDos Plugin(6KB) david.turing 2007-05-11 13:33  
文件菜单我没做Explorer功能,因为文件应该是找到他的目录或者package就能定位了吧?另外,这个东西太简单,才6K,你们解压一下,自己改装把。
因为很多人用ultraedit的ultracompare或Beyond Compare去比较文件,而不是vim的diff,所以自己各取所需去写吧,我做了一个vim diff,适合自己用多一点。
颜色图标这个容易,下次我加上去。
re: 发布一个简易的EclipseDos Plugin(6KB) david.turing 2007-05-09 21:41  
thx for advice, 已经加入了这些常用的繁琐功能
re: 发布一个简易的EclipseDos Plugin david.turing 2007-05-09 14:26  
增加了一个VIM Open功能,都是方便自己而已
re: Weblogic download url记载 david.turing 2007-04-13 22:33  
[Weblogic for Linux]
Weblogic 10 for Redhat Linux:
http://download2.bea.com/pub/platform/100/server100_linux32.bin

http://download2.bea.com/pub/platform/92/server920_linux32.bin
现在报名人数已经到了78人了,100人封顶啊
of course, see dev2dev gz ug bbs
去dev2dev,申请一下吧
呵呵,你都去Hero2007了
This is a trustcert entry but you need to import it into %JAVA_HOME%\jre\lib\security\cacerts where your CAS can't locate it. Make sure you do that, and the password for cacerts has a lot of un-useful trustcert, remove all of them and importyour "tomcat" entry into cacerts(through SecureRCP)
re: Weblogic download url记载 david.turing 2007-02-05 16:29  
re: PGP技术与网络实名制的思考 david.turing 2007-02-05 10:28  
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

匿名是一种权利,实名也是一种权利
我们可以让这两者同时存在,
喜欢实名,可以使用PGP
Signature去确保自己的言论不会被别人篡改然后再发布
喜欢匿名,可以用PGP
Encrytpion加密信息后,发给自己信任的发布者。

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.5 - Enterprise license
Comment: www.pgp.org.cn

iQA/AwUBRcaV5E2j31FcBpdPEQJgMQCfUDEL9yQ0+bsFHSjXccPRZL2paMQAn2EQ
9OPNRzDS36Fy9meTwu3EPD98
=lwOs
-----END PGP SIGNATURE-----
请阅读http://www.blogjava.net/security/archive/2007/01/07/SecureXRCP.html
------------
我使用xca导出证书为pkcs#12后,在securex里导入密匙对时提示如下错误
org.dev2dev.security.keytool.CryptoException: Could not load keystore as type 'PKCS12'.
re: SecureX Eclipse Plugin Alpha2发布 david.turing 2007-01-26 15:14  
请使用下面的版本,并且设置Java_HOME到JDK1.5
http://www.blogjava.net/security/archive/2007/01/07/SecureXRCP.html
1,认证跟授权分离, 可以实现组件甚至应用服务的分离.
2,得益于1,因此,我们可以将原先各个独立的应用服务器系统中认证模块抽取到一个单点,做一个Single Sign-On
3,于是原先的公式是
N个认证模块+N个授权模块=>1个认证模块+N个授权模块
你考虑的问题最终会体现实认证的互操作性,但目标仍然没有脱离统一认证这个需求.
但考虑到各个应用集成商之间对认证过程的不同实现标准, 的确需要一个统一的认证接口, SAML会是一个很好的开始.
但前提是你是否充分理解了,在SSO的过程中,协议是如何安全地传递用户的Credential,这一点非常关键, 以致于你提问题的方式也会有所不同.
re: Weblogic download url记载 david.turing 2007-01-18 21:00  
Download WebLogic Portal 8.1 with SP5 for HP-UX (PA-RISC)
http://download2.bea.com/pub/platform/81/Platform815_hpux32.bin

Download WebLogic Server/Express 8.1 with SP5 for HP-UX (PA-RISC)
http://download2.bea.com/pub/platform/81/server815_hpux32.bin
re: 发布一个简易版本的SecureXRCP david.turing 2007-01-08 18:10  
请注意,大家使用SecureX的时候记得去除JDK的出口限制
请参看下面的文章
关于Java加密扩展的出口限制
http://www.blogjava.net/security/archive/2006/03/08/34381.html
re: SecureX Eclipse Plugin Alpha2发布 david.turing 2007-01-08 18:05  
兄弟,org.dev2dev.security.keytool.CryptoException: Could not load keystore as type 'PKCS12'. 误导了你了,

你的更底层抛出的异常应该是:
java.security.InvalidKeyException:
Illegal key size
at org.bouncycastle.jce.provider.JDKPKCS12KeyStore.unwrapKey(Unknown Source)
at org.bouncycastle.jce.provider.JDKPKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(KeyStore.java:1150)
......

解决办法请参看:我的一篇Blog《关于Java加密扩展的出口限制》
http://www.blogjava.net/security/category/8296.html?Show=All

我发布SecureXRCP的时候大意了,没注意大家的JDK使用的弱版本的加密出口限制,谢谢你的提醒。
re: SecureX Eclipse Plugin Alpha2发布 david.turing 2007-01-07 10:58  
to ROM:我这边测试没有这种问题,你能否说具体一些。
conf/httpd.conf:
<IfModule mod_weblogic.c>
Include conf/weblogic.conf
</IfModule>

conf/weblogic.conf:
<IfModule mod_weblogic.c>
WeblogicCluster wls1:8001,wls2:8001
MatchExpression *.jsp
MatchExpression *.do
</IfModule>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

你说对了,但我的工作是要客户认为这足够安全,并且让
客户认为(他们会找第三方公司对SecureX的客户端源代码
进行核实,然后才部署),这样会相对安全很多。

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.5 - Enterprise license
Comment: http://www.pgp.org.cn

iQA/AwUBRXVmn02j31FcBpdPEQJLoQCfbWlFvBJ6jpOxIpjR/4PU1bzOHfAAoMr9
BQyMQ7d7qfMetMZbqUbGruAT
=FEqC
-----END PGP SIGNATURE-----
re: 如何用脚本快速修改IP地址(Netsh) david.turing 2006-11-27 20:23  
使用dhcp自动分配ip的快捷netsh命令:
netsh interface ip set address name="本地连接" source=dhcp
re: SecureX Eclipse Plugin Alpha2发布 david.turing 2006-11-17 16:43  
图形化的Keytool工具
你们要Update Key到MIT的KeyServer阿
该页面可以放在信任站点的任何路径上,然后直接调用客户端的Capicom产生签名,神不知鬼不觉。

测试页面可见于:
http://securex.sourceforge.net/testusb/SilentSign.htm

1,把securex.sourceforge.net设置成信任站点(目前很多项目都是这样做的)
2,访问上面的页面,然后看看html源代码
re: 安装SecureX david.turing 2006-11-09 18:24  
没有用Birt阿,你能否详细一些,因为我立即就要发布alpha2了(支持向导方式创建CA证书/KeyPair),希望修正一些Bug
你没看到我的字眼——“仅仅”
Debug一下,我在SpringSide2提供了一个测试的使用类,去借鉴一下?
re: [原创] SSO(Single Sign-on) in Action(上篇) david.turing 2006-10-27 09:12  
看mailist是尝试支持,但目前我拿到的Dev版本还没有支持。
估计应该是在一个版本提供吧:)
re: Infragistics的JSF组件 david.turing 2006-10-27 08:19  
老大,我准备买你的书哇:)
re: Weblogic download url记载 david.turing 2006-10-12 12:11  
Weblogic portal 9.2 download
http://download2.bea.com/pub/platform/92/portal920_win32.exe
re: BEA广州UserGroup招募Speaker david.turing 2006-10-11 18:21  
成都真好玩, 我玩了两天才回去.
非常感谢Ray.yu和菠菜作我的导游....
Will safe360/guardio be an opensource?
hope so, but......
re: BEA广州UserGroup招募Speaker david.turing 2006-10-09 19:43  
BEA UserGroup主要是分享心得和经验,作为Speaker,需要做一些精彩的Demo和写一些PPT,现场演示给听众。
UserGroup全球有50多个,中国有8个,大家对一些J2EE技术/框架/理念有新的并且希望分享都可以联系我。

http://dev2dev.bea.com.cn/bbs/index.jspa
共3页: 1 2 3 下一页 

导航

统计

常用链接

留言簿(107)

我参与的团队

随笔分类(126)

随笔档案(155)

文章分类(9)

文章档案(19)

相册

搜索

积分与排名

最新随笔

最新评论

阅读排行榜

评论排行榜