2. 软件开发
    3. AES对称密钥加密

    AES对称密钥加密

    xiaoxiao2022-07-06  200
    import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.Base64; import java.security.SecureRandom; /** * 密钥长度(Key Size) 加密模式(Cipher Mode) 填充方式(Padding) 初始向量(Initialization Vector) 密钥长度 AES算法下,key的长度有三种:128、192和256 bits。由于历史原因,JDK默认只支持不大于128 bits的密钥,而128 bits的key已能够满足商用安全需求。因此本例先使用AES-128。(Java使用大于128 bits的key方法在文末提及) 加密模式 AES属于块加密(Block Cipher),块加密中有CBC、ECB、CTR、OFB、CFB等几种工作模式。本例统一使用CBC模式。 填充方式 由于块加密只能对特定长度的数据块进行加密,因此CBC、ECB模式需要在最后一数据块加密前进行数据填充。(CFB,OFB和CTR模式由于与key进行加密操作的是上一块加密后的密文,因此不需要对最后一段明文进行填充) 在iOS SDK中提供了PKCS7Padding,而JDK则提供了PKCS5Padding。原则上PKCS5Padding限制了填充的Block Size为8 bytes,而Java实际上当块大于该值时,其PKCS5Padding与PKCS7Padding是相等的:每需要填充χ个字节,填充的值就是χ。 初始向量 使用除ECB以外的其他加密模式均需要传入一个初始向量,其大小与Block Size相等(AES的Block Size为128 bits),而两个平台的API文档均指明当不传入初始向量时,系统将默认使用一个全0的初始向量。 */ public class AESUtil { private static final String KEY = "0123456789abcdef";//length=16 private static final int KEY_SIZE = 128; private static final String ALGORITHM = "AES"; private static final String ALGORITHMSTR = "AES/ECB/PKCS5Padding"; public static String encryptAES(String plainText, String key) throws Exception { KeyGenerator generator = KeyGenerator.getInstance(ALGORITHM); SecureRandom secureRandom = new SecureRandom(key.getBytes()); generator.init(KEY_SIZE,secureRandom); SecretKey secretKey = generator.generateKey(); byte[] keyBytes = secretKey.getEncoded();//key是密钥的seed种子 // byte[] keyBytes = key.getBytes();//key是密钥 System.out.println(new String(keyBytes)); SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES"); Cipher cipher = Cipher.getInstance(ALGORITHMSTR); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec); byte[]arr = cipher.doFinal(plainText.getBytes("utf-8")); return Base64.encodeBase64String(arr); } public static String decryptAES(String cipherText, String key) throws Exception { byte[] encryptBytes = cipherText.getBytes(); encryptBytes = Base64.decodeBase64(encryptBytes); KeyGenerator generator = KeyGenerator.getInstance(ALGORITHM); SecureRandom secureRandom = new SecureRandom(key.getBytes()); generator.init(KEY_SIZE,secureRandom); SecretKey secretKey = generator.generateKey(); byte[] keyBytes = secretKey.getEncoded();//key是密钥的seed种子 // byte[] keyBytes = key.getBytes();//key是密钥 System.out.println(keyBytes.length); System.out.println(new String(keyBytes)); SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES"); Cipher cipher = Cipher.getInstance(ALGORITHMSTR); cipher.init(Cipher.DECRYPT_MODE,secretKeySpec); byte[] decryptBytes = cipher.doFinal(encryptBytes); return new String(decryptBytes, "utf-8"); } public static void main(String[] args) throws Exception { String password = "123456"; System.out.println("密码明文:" + password); String cipherText = encryptAES(password, KEY); System.out.println("密码密文:" + cipherText); String plainText = decryptAES(cipherText, KEY); System.out.println("密码明文:" + plainText); } }
    最新回复(0)