对称加密算法是以一种使用频率高的初等的加密算法,如你所想,之所以称之为加密算法,说明加密秘钥是相同,加密过程可逆,而前面介绍的base64加密,和消息摘要加密算法是不可逆的.一般的对称加密算法有DES,DES秘钥长度不够,易被破解,进而衍生除了3DES,在DES的基础上有出现了AES算法,还有PBE,IDEA等算法.
DES(Data Encryption Standrad)数据加密标准
秘钥长度 | 默认 | 工作模式 | 填充方式 | 实现方 |
56 | 56 | ECB|CBC|PCBC|CTR|CTS| CFB|CFB8|到128|OFB|OFB8到128 | NoPadding|PKCS5Padding| ISO10126Padding | jdk |
64 | 56 | 同上 | PKCS7Padding|ISO10126d2Padding| X932Padding|ISO7816d4Padding| ZeroBytePadding | bc |
代码实现
- jdk实现
try { //生成kye KeyGenerator keyGenerator = KeyGenerator.getInstance("DES"); keyGenerator.init(56); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); //key转换 KeySpec keySpec = new DESKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DES"); SecretKey convertSecretKey = factory.generateSecret(keySpec); //加密 Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey); byte[] result = cipher.doFinal(str.getBytes()); System.out.println("jdk des en:"+ Hex.toHexString(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, convertSecretKey); byte[] raw = cipher.doFinal(result); System.out.println("jdk des de:"+ new String(raw)); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); }
- bc的实现
3DES在实际应用中十分广泛,但效率比较低,下面是jdk实现3DEStry { Security.addProvider(new BouncyCastleProvider()); //生成kye KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC"); keyGenerator.init(56); System.out.println(keyGenerator.getProvider()); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); //key转换 KeySpec keySpec = new DESKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DES"); SecretKey convertSecretKey = factory.generateSecret(keySpec); //加密 Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey); byte[] result = cipher.doFinal(str.getBytes()); System.out.println("jdk des en:"+ Hex.toHexString(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, convertSecretKey); byte[] raw = cipher.doFinal(result); System.out.println("bc des de:"+ new String(raw)); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); }
AES是DES算法的代替者,目前还没有被破解的消息.try { //生成kye KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede"); // keyGenerator.init(168); keyGenerator.init(new SecureRandom());//生成默认长度 SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); //key转换 KeySpec keySpec = new DESedeKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede"); SecretKey convertSecretKey = factory.generateSecret(keySpec); //加密 Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey); byte[] result = cipher.doFinal(str.getBytes()); System.out.println("jdk 3des en:"+ Hex.toHexString(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, convertSecretKey); byte[] raw = cipher.doFinal(result); System.out.println("jdk 3des de:"+ new String(raw)); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); }
Java实现AES与实现DES相似try { //生成key KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); keyGenerator.init(new SecureRandom()); SecretKey secretKye = keyGenerator.generateKey(); byte[] keyBytes = secretKye.getEncoded(); //转换key SecretKeySpec keySpec= new SecretKeySpec(keyBytes, "AES"); //加密 Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, keySpec); byte[] result = cipher.doFinal(str.getBytes()); System.out.println("jdk aes en:"+ Base64.encodeBase64String(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, keySpec); byte[] raw = cipher.doFinal(result); System.out.println("jdk aes de:"+new String(raw)); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); }
PBE(Password Based Encryption)基于口令的加密
算法结合了消息摘要算法和对称加密算法的特点,是对已有算法是包装(口令+盐)
代码实现
try { //初始化盐 SecureRandom secureRandom = new SecureRandom(); byte[] salt = secureRandom.generateSeed(8); salt = new byte[]{'a','a','a','a','a','a','a','a'}; //口令与秘钥 String password = "yexiu"; PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray()); SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5andDES"); Key key = factory.generateSecret(pbeKeySpec); //加密 PBEParameterSpec parameter = new PBEParameterSpec(salt, 100); Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES"); cipher.init(Cipher.ENCRYPT_MODE, key, parameter); byte[] result = cipher.doFinal(str.getBytes()); System.out.println("jdk pbe en:"+Base64.encodeBase64String(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, key, parameter); byte[] raw = cipher.doFinal(result); System.out.println("jdk pbe de:"+new String(raw)); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); }
转自:http://blog.csdn.net/zxc123e/article/details/44524213