1.jdk与bc实现DES算法:
package com.samlai.security;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class DesStudy {
/**
* 对称加密算法---DES
*
*/
private static String STR = "one type of security:DES";
public static void main(String[] args) {
jdkDES();
bcDES();
}
// jdk的DES
public static void jdkDES() {
try {
// 生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
//打断点可以查看对应keyGenerator.getProvider()是哪个class:BC
keyGenerator.getProvider();
keyGenerator.init(56);
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// Key转换
DESKeySpec desKeySpec = new DESKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
Key converSecretKey = factory.generateSecret(desKeySpec);
// 加密
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);
byte[] result = cipher.doFinal(STR.getBytes());
System.out
.println("jdk des encode: " + Hex.encodeHexString(result));
// 解密
cipher.init(Cipher.DECRYPT_MODE, converSecretKey);
result = cipher.doFinal(result);
System.out.println("jdk des decode: " + new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
// bc方式的DES
public static void bcDES() {
try {
Security.addProvider(new BouncyCastleProvider());
// 生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC");
//打断点可以查看对应keyGenerator.getProvider()是哪个class:BC
keyGenerator.getProvider();
keyGenerator.init(56);
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// Key转换
DESKeySpec desKeySpec = new DESKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
Key converSecretKey = factory.generateSecret(desKeySpec);
// 加密
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);
byte[] result = cipher.doFinal(STR.getBytes());
System.out
.println("bc des encode: " + Hex.encodeHexString(result));
// 解密
cipher.init(Cipher.DECRYPT_MODE, converSecretKey);
result = cipher.doFinal(result);
System.out.println("bc des decode: " + new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
运行的结果是:
jdk des encode: 78a3c4cff016308a7d916fd3f072d35682c4fd7bdb1ef9357cfc890d711ce6da
jdk des decode: one type of security:DES
bc des encode: 6b0daa8478df9ed8ae70f2e442e0eedd996aa8412ac951859bc7a00188cb1c63
bc des decode: one type of security:DES
2.三重DES使用jdk,bc方式进行实现:
package com.samlai.security;
import java.security.Key;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.DESedeKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.provider.JCEBlockCipher.DESede;
public class ThreeDesStudy {
/**
* 为什么使用3DES: 补充DES的不足,因为其违反了柯克霍夫原则,与安全性问题
* 优点: 1.密钥长度增强 2.迭代次数提高
*/
private static String STR = "one type of security:3DES";
public static void main(String[] args) {
jdk3DES();
bc3DES();
}
// jdk的DES
public static void jdk3DES() {
try {
// 生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
// 打断点可以查看对应keyGenerator.getProvider()是哪个class:BC
keyGenerator.getProvider();
// 长度比des长,比如168位
// keyGenerator.init(168);
keyGenerator.init(new SecureRandom());
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// Key转换
DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
Key converSecretKey = factory.generateSecret(desKeySpec);
// 加密
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);
byte[] result = cipher.doFinal(STR.getBytes());
System.out.println("jdk 3des encode: "
+ Hex.encodeHexString(result));
// 解密
cipher.init(Cipher.DECRYPT_MODE, converSecretKey);
result = cipher.doFinal(result);
System.out.println("jdk 3des decode: " + new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
// bc方式的3DES
public static void bc3DES() {
try {
Security.addProvider(new BouncyCastleProvider());
// 生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede", "BC");
// 打断点可以查看对应keyGenerator.getProvider()是哪个class:BC
keyGenerator.getProvider();
keyGenerator.init(new SecureRandom());
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// Key转换
DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
Key converSecretKey = factory.generateSecret(desKeySpec);
// 加密
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);
byte[] result = cipher.doFinal(STR.getBytes());
System.out
.println("bc 3des encode: " + Hex.encodeHexString(result));
// 解密
cipher.init(Cipher.DECRYPT_MODE, converSecretKey);
result = cipher.doFinal(result);
System.out.println("bc 3des decode: " + new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
运行的结果是:
jdk 3des encode: 1db97710868ab0cb03c0f7c5f919a9904d8b19baad82828f7384a70555e141a7
jdk 3des decode: one type of security:3DES
bc 3des encode: e8c29dc519020175d5603aefb46aa586ae0f37afdc67dfcfcb4706b92fbe40fc
bc 3des decode: one type of security:3DES
3.jdk,bc实现AES的算法:
package com.samlai.security;
import java.security.Key;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class AESStudy {
/**
* 比较普遍使用,效率比3DES效果高,安全性也比较高,高级,DES替代者
*/
private static String STR = "one type of security:AES";
public static void main(String[] args) {
jdkAES();
bcAES();
}
//jdk实现:256位限制性政策性文件
public static void jdkAES(){
try {
//生成key
KeyGenerator keyGenerator=KeyGenerator.getInstance("AES");
//可以是128 256
// keyGenerator.init(new SecureRandom());
keyGenerator.init(128);
SecretKey secretKey=keyGenerator.generateKey();
byte[] keyBytes=secretKey.getEncoded();
//key的转换
Key key=new SecretKeySpec(keyBytes, "AES");
//加密
Cipher cipher=Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] result=cipher.doFinal(STR.getBytes());
System.out.println("jdk AES encode: "+Base64.encodeBase64String(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, key);
result=cipher.doFinal(result);
System.out.println("jdk AES decode:"+new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
//bc实现AES
public static void bcAES(){
try {
Security.addProvider(new BouncyCastleProvider());
//生成key
KeyGenerator keyGenerator=KeyGenerator.getInstance("AES","BC");
keyGenerator.getProvider();
//可以是128 256
keyGenerator.init(128);
SecretKey secretKey=keyGenerator.generateKey();
byte[] keyBytes=secretKey.getEncoded();
//key的转换
Key key=new SecretKeySpec(keyBytes, "AES");
//加密
Cipher cipher=Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] result=cipher.doFinal(STR.getBytes());
System.out.println("bc AES encode: "+Base64.encodeBase64String(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, key);
result=cipher.doFinal(result);
System.out.println("bc AES decode:"+new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
运行的结果:
jdk AES encode: 1OYQyHApgsyqFXRolOPing39HY9yBfAJGF0tagOEmEA=
jdk AES decode:one type of security:AES
bc AES encode: PbvF8JGq8B4x7NQtO6t2/qY/muDb/eijHa9zGIxQj7k=
bc AES decode:one type of security:AES
4.使用jdk实现PBE算法:
package com.samlai.security.xEs;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.apache.commons.codec.binary.Base64;
public class PbeStudy {
/**
* PBE算法结合了消息摘要算法和对称加密算法的优点
* PBE(Password Based Encryption)基于口令加密 -- Salt
* 对已有算法的包装
* JDK BC
* 盐
* PBEWithMD5AndDES
*/
private static String STR = "one type of security:PBE";
public static void main(String[] args) {
jdkPBE();
}
//jdk实现PBE
public static void jdkPBE(){
try {
//初始化盐
SecureRandom random=new SecureRandom();
byte[] salt=random.generateSeed(8);
//口令与密钥
String password="studySecurity";
PBEKeySpec pbeKeySpec=new PBEKeySpec(password.toCharArray());
SecretKeyFactory factory=SecretKeyFactory.getInstance("PBEWITHMD5andDES");
Key key=factory.generateSecret(pbeKeySpec);
//加密
PBEParameterSpec pbeParameterSpec=new PBEParameterSpec(salt, 100);
Cipher cipher=Cipher.getInstance("PBEWITHMD5andDES");
cipher.init(Cipher.ENCRYPT_MODE, key,pbeParameterSpec);
byte[] result=cipher.doFinal(STR.getBytes());
System.out.println("jdk PBE encode: "+Base64.encodeBase64String(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, key,pbeParameterSpec);
result=cipher.doFinal(result);
System.out.println("jdk PBE decode: "+new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
运行的结果:
jdk PBE encode: LMjza18BhB0jgGmngAGwW+cb3sblayHKHB/tmDFM9m0=
jdk PBE decode: one type of security:PBE