Instructions
User Manual:
Open the PDF directly: View PDF 
.
Page Count: 6
| Download | |
| Open PDF In Browser | View PDF |
7. homework assignment; JAVA, Part 1, Academic year 2017/2018;
FER
Napravite prazan Maven projekt, kao u 1. zadaći: u Eclipsovom workspace direktoriju napravite direktorij
hw07-0000000000 (zamijenite nule Vašim JMBAG-om) te u njemu oformite Mavenov projekt
hr.fer.zemris.java.jmbag0000000000:hw07-0000000000 (zamijenite nule Vašim JMBAG-om) i
dodajte ovisnost prema junit:junit:4.12. Importajte projekt u Eclipse. Sada možete nastaviti s
rješavanjem zadataka.
Pročitajte posljednju stranicu upute. Jeste? OK; ova zadaća sastoji se od dva dijela.
Problem 1.
You will write a program Crypto that will allow the user to encrypt/decrypt given file using the AES cryptoalgorithm and the 128-bit encryption key or calculate and check the SHA-256 file digest. Since this kind of
cryptography works with binary data, use octet-stream Java based API for reading and writing of files. What
needs to be programmed is illustrated by the following use cases (I have skipped classpath parameter; set it
to appropriate value). You will find in repository additional file which is used in this example:
hw07test.bin. Download this file and place it in your projects current directory. Program outputs are
shown red, user input is shown in blue.
java hr.fer.zemris.java.hw07.crypto.Crypto checksha hw07test.bin
Please provide expected sha-256 digest for hw07test.bin:
> 2e7b3a91235ad72cb7e7f6a721f077faacfeafdea8f3785627a5245bea112598
Digesting completed. Digest of hw07test.bin matches expected digest.
java hr.fer.zemris.java.hw07.crypto.Crypto checksha hw07test.bin
Please provide expected sha-256 digest for hw07test.bin:
> d03d4424461e22a458c6c716395f07dd9cea2180a996e78349985eda78e8b800
Digesting completed. Digest of hw07test.bin does not match the expected digest. Digest
was: 2e7b3a91235ad72cb7e7f6a721f077faacfeafdea8f3785627a5245bea112598
java hr.fer.zemris.java.hw07.crypto.Crypto encrypt hw07.pdf hw07.crypted.pdf
Please provide password as hex-encoded text (16 bytes, i.e. 32 hex-digits):
> e52217e3ee213ef1ffdee3a192e2ac7e
Please provide initialization vector as hex-encoded text (32 hex-digits):
> 000102030405060708090a0b0c0d0e0f
Encryption completed. Generated file hw07.crypted.pdf based on file hw07.pdf.
java hr.fer.zemris.java.hw07.crypto.Crypto decrypt hw07.crypted.pdf hw07orig.pdf
Please provide password as hex-encoded text (16 bytes, i.e. 32 hex-digits):
> e52217e3ee213ef1ffdee3a192e2ac7e
Please provide initialization vector as hex-encoded text (32 hex-digits):
> 000102030405060708090a0b0c0d0e0f
Decryption completed. Generated file hw07orig.pdf based on file hw07.crypted.pdf.
java hr.fer.zemris.java.hw07.crypto.Crypto decrypt hw07test.bin hw07test.pdf
Please provide password as hex-encoded text (16 bytes, i.e. 32 hex-digits):
> e52217e3ee213ef1ffdee3a192e2ac7e
Please provide initialization vector as hex-encoded text (32 hex-digits):
> 000102030405060708090a0b0c0d0e0f
Decryption completed. Generated file hw07test.pdf based on file hw07test.bin.
First two examples test your implementation of digest calculation. Third and fourth example test is your
implementation of file encryption and decryption compatible with itself. The fifth example tests is your
decryption procedure compatible with the encryption procedure which was done by me. If this last step
works, you will be able to open hw07test.pdf in PDF viewer and read its content.
Lets just briefly explain some of the concepts from this problem.
Message digest is a fixed-size binary digest which is calculated from arbitrary long data. The idea is simple.
You have some original data (lets denote it D); this can be a file on disk. Then you calculate a digest for this
data (lets denote it S); for example, if S is calculated with SHA-256 algorithm, the digest will always be
256-bits long, no matter how long is the original file you digested. Generally speaking, the original data can
not be reconstructed from the digest and this is not what the digests are used for. Digests are used to verify if
the data you have received (for example, when downloading the data from the Internet) arrived unchanged.
You will verify this by calculating the digest on the file you have downloaded and then you will compare the
calculated digest with the digest which is published on the web site from which you have started the
download. If something has changed during the download, there is extremely high probability that the
calculated digest will be different from the one published on the web site. You can see this on many of webpages which offer file download. Visit, for example, Open Office download page:
http://www.openoffice.org/download/index.html
Note: Digests will be integral part of digital signature – a mechanism which is today broadly used online as
a replacement for persons physical signature. At FER you will learn more on this if you enroll the course
Advanced operating systems (Computing Master programme, profile Computer Science).
Encryption is the conversion of data into a form, called a ciphertext, that can not be easily understood by
unauthorized people. Decryption is the reverse process: it is a transformation of ciphertext back into its
original form. There are two families of cryptography: symmetric in which both encryption and decryption
use the same key (i.e. “password”), and asymmetric in which a pair of keys is used (public key and private
key which are mutually inverse: what is encrypted with one can only be decrypted with other). Since the
decryption of encrypted data must be possible, there can be no loss of data (as is the case with digests).
Encrypted data will always be as big (or even bigger) as were the original data. In this homework we will
use a symmetric crypto-algorithm AES which can work with three different key sizes: 128 bit, 192 bit and
256 bit. Since AES is block cipher, it always consumes 128 bit of data at a time (or adds padding if no more
data is available) and produces 128 bits of encrypted text. Therefore, the length (in bytes) of encrypted file
file will always be divisible by 16.
In this homework you are not expected to implement these algorithms. You only have to learn how to use
them in your programs. Java already offers appropriate implementations. Please consult the following
references:
http://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#MessageDigest
http://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#Cipher
http://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#MDEx
http://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#SimpleEncrEx
Encryption keys and initialization vectors are byte-arrays each having 16 bytes. In the above example it is
expected from the user to provide these as hex-encoded texts.
Implement these methods. To obtain properly initialized Cipher object, use following code snippet:
String keyText = … what user provided for password …
String ivText = … what user provided for initialization vector …
SecretKeySpec keySpec = new SecretKeySpec(Util.hextobyte(keyText), "AES");
AlgorithmParameterSpec paramSpec = new IvParameterSpec(hextobyte(ivText));
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, keySpec, paramSpec);
Create a class Util with two public static methods: hextobyte(keyText) and bytetohex(bytearray).
Method hextobyte(keyText) should take hex-encoded String and return appropriate byte[]. If string is
not valid (odd-sized, has invalid characters, …) throw an IllegalArgumentException. For zero-length
string, method must return zero-length byte array. Method must support both uppercase letters and
lowercase letters.
For example: hextobyte("01aE22") should return byte[] {1, -82, 34}.
Method bytetohex(bytearray) takes a byte array and creates its hex-encoding: for each byte of given
array, two characters are returned in string, in big-endian notation. For zero-length array an empty string
must be returned. Method should use lowercase letters for creating encoding.
For example: bytetohex(new byte[] {1, -82, 34}) should return "01ae22".
You are expected to write your own implementation of these two methods (using other classes for this is not
allowed). Write unit tests for this methods to ensure they work correctly.
Please note, you are not allowed to use CipherInputStream or CipherOutputStream (or any of its
subclasses); you are required to implement encryption/decryption directly using Cipher object and a series
of update/update/update/... completed by doFinal(). Also, you are not allowed to read a complete file
into memory, then encrypt/decrypt it and then write the result back to disk since the input file can be huge.
You are only allowed to read a reasonable amount of file into memory at each single time (for example, 4k)
– use byte streams for this. The same goes for constructing the resulting file. For reading file you must use
an instance of FileInputStream and for writing an instance of FileOutputStream. Ensure that they are
both buffered – use appropriate method for constructing buffered file streams directly from Files class.
Be aware that algorithms we use here for encryption and decryption are block-based. They must get a block
of bytes in order to create new encrypted/decrypted block of bytes. This is the reason for existence of
methods update and doFinal. When you pass some bytes by calling update, algorithm processes as many
blocks as possible and return processed blocks while retaining still-to-process bytes in internal buffer. When
you call update again and deliver new bunch of bytes, processing continues and you get new processed
blocks as result. You repeat this in loop, reading data from input stream, and writing processed data to
output stream. Once the input stream is drained, you must complete processing by calling doFinal. Using
this call, you signal to the encryption/decryption procedure that there will be no more data, and that in order
to complete processing, it should itself add padding in needed in order to create last block of data and then
process it, returning to you the processed data.
Taking this into account, do not be surprised if you find out that the encrypted file is a bit larger then the
original file: its size will be multiple of algorithm block size. When performing decryption, the algorithm
will be aware that the padding was added, and you will obtain only the data you sent in when encrypting:
reconstructed file will have the same size as the original file.
Problem 2.
Download the file hw07part2.bin from Ferko repository and save it in you current directory. Now run your
program:
java hr.fer.zemris.java.hw07.crypto.Crypto checksha hw07part2.bin
Please provide expected sha-256 digest for hw07part2.bin:
> 603ce08075a10ea3f781301bfafc01e3e9c9487ba33790d4afa7fd15dffd2b94
Digesting completed. Digest of hw07part2.bin matches expected digest.
If you obtain different result, there is something wrong; either the file hw07part2.bin is corrupted
(redownload it again) or you have bug in your program (fix it). When you do obtain result as expected, run
following command:
java hr.fer.zemris.java.hw07.crypto.Crypto decrypt hw07part2.bin hw07part2.pdf
Please provide password as hex-encoded text (16 bytes, i.e. 32 hex-digits):
> e52217e3ee213ef1ffdee3a192e2ac7e
Please provide initialization vector as hex-encoded text (32 hex-digits):
> 000102030405060708090a0b0c0d0e0f
Decryption completed. Generated file hw07part2.pdf based on file hw07part2.bin.
Open the file you just generated, read it and proceed as instructed by the text in that file.
Please note. You can consult with your peers and exchange ideas about this homework before you start
actual coding. Once you open you IDE and start coding, consultations with others (except with me) will be
regarded as cheating. You can not use any of preexisting code or libraries for this homework (whether it is
yours old code or someones else). You can use Java Collection Framework and other parts of Java covered
by lectures; if unsure – e-mail me. Document your code!
If you need any help, I have reserved usual timeslots for consultations: Monday Noon, Tuesday at 10
AM, and Wednesday at 9 AM; also Thursday and Friday at Noon. Feel free to drop by my office.
All source files must be written using UTF-8 encoding. All classes, methods and fields (public, private or
otherwise) must have appropriate javadoc.
You are expected to write tests for Util class methods.
You are encouraged to write tests for other problems.
Once you complete the problems 1 and 2, you will discover what is left, in order to complete the entire
homework.
When your complete homework is done, pack it in zip archive with name hw07-0000000000.zip (replace
zeros with your JMBAG). Upload this archive to Ferko before the deadline. Do not forget to lock your
upload or upload will not be accepted. Deadline is April 28th 2018. at 23:59.
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.4 Linearized : No Page Count : 6 Language : en-US Tagged PDF : Yes Creator : Writer Producer : LibreOffice 5.1 Create Date : 2018:04:25 08:16:26+02:00EXIF Metadata provided by EXIF.tools