JAVA实现AES加密

本文转自：http://blog.csdn.net/hbcui1984/article/details/5201247

JAVA实现AES加密

1. 因子

上次介绍了 《JAVA实现DES加密》，中间提到近些年DES使用越来越少，原因就在于其使用56位密钥，比较容易被破解，近些年来逐渐被AES替代，AES已经变成目前对称加密中最流行算法之一；AES可以使用128、192、和256位密钥，并且用128位分组加密和解密数据。本文就简单介绍如何通过JAVA实现AES加密。

2. JAVA实现

闲话少许，掠过AES加密原理及算法，关于这些直接搜索专业网站吧，我们直接看JAVA的具体实现。

2.1 加密

代码有详细解释，不多废话。

view plaincopy to clipboardprint?

1.  
2. public static byte[] encrypt(String content, String password) { 

1. try {

1. KeyGenerator kgen = KeyGenerator.getInstance("AES");
2. kgen.init(128, new SecureRandom(password.getBytes()));
3. SecretKey secretKey = kgen.generateKey();
4. byte[] enCodeFormat = secretKey.getEncoded();
5. SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
6. Cipher cipher = Cipher.getInstance("AES");// 创建密码器
7. byte[] byteContent = content.getBytes("utf-8");
8. cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
9. byte[] result = cipher.doFinal(byteContent);
10. return result; // 加密
11. } catch (NoSuchAlgorithmException e) {
12. e.printStackTrace();
13. } catch (NoSuchPaddingException e) {
14. e.printStackTrace();
15. } catch (InvalidKeyException e) {
16. e.printStackTrace();
17. } catch (UnsupportedEncodingException e) {
18. e.printStackTrace();
19. } catch (IllegalBlockSizeException e) {
20. e.printStackTrace();
21. } catch (BadPaddingException e) {
22. e.printStackTrace();
23. }
24. return null;
25. }

public static byte[] encrypt(String content, String password) { try { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128, new SecureRandom(password.getBytes())); SecretKey secretKey = kgen.generateKey(); byte[] enCodeFormat = secretKey.getEncoded(); SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); Cipher cipher = Cipher.getInstance("AES");// 创建密码器 byte[] byteContent = content.getBytes("utf-8"); cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化 byte[] result = cipher.doFinal(byteContent); return result; // 加密 } catch (NoSuchAlgorithmException<wbr> e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (UnsupportedEncodingExcep<wbr>tion e) { e.printStackTrace(); } catch (IllegalBlockSizeExceptio<wbr>n e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } return null; }

2.2 解密

代码有详细注释，不多废话

注意：解密的时候要传入byte数组

view plaincopy to clipboardprint?

1.  
2. public static byte[] decrypt(byte[] content, String password) { 

1. try {

1. KeyGenerator kgen = KeyGenerator.getInstance("AES");
2. kgen.init(128, new SecureRandom(password.getBytes()));
3. SecretKey secretKey = kgen.generateKey();
4. byte[] enCodeFormat = secretKey.getEncoded();
5. SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
6. Cipher cipher = Cipher.getInstance("AES");// 创建密码器
7. cipher.init(Cipher.DECRYPT_MODE, key);// 初始化
8. byte[] result = cipher.doFinal(content);
9. return result; // 加密
10. } catch (NoSuchAlgorithmException e) {
11. e.printStackTrace();
12. } catch (NoSuchPaddingException e) {
13. e.printStackTrace();
14. } catch (InvalidKeyException e) {
15. e.printStackTrace();
16. } catch (IllegalBlockSizeException e) {
17. e.printStackTrace();
18. } catch (BadPaddingException e) {
19. e.printStackTrace();
20. }
21. return null;
22. }

public static byte[] decrypt(byte[] content, String password) { try { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128, new SecureRandom(password.getBytes())); SecretKey secretKey = kgen.generateKey(); byte[] enCodeFormat = secretKey.getEncoded(); SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); Cipher cipher = Cipher.getInstance("AES");// 创建密码器 cipher.init(Cipher.DECRYPT_MODE, key);// 初始化 byte[] result = cipher.doFinal(content); return result; // 加密 } catch (NoSuchAlgorithmException<wbr> e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (IllegalBlockSizeExceptio<wbr>n e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } return null; }

2.3 测试代码

view plaincopy to clipboardprint?

1. String content = "test"; 
2. String password = "12345678"; 

1. //加密

1. System.out.println("加密前：" + content);
2. byte[] encryptResult = encrypt(content, password);
3. //解密
4. byte[] decryptResult = decrypt(encryptResult,password);
5. System.out.println("解密后：" + new String(decryptResult));

String content = "test"; String password = "12345678"; //加密 System.out.println("加密前：" + content); byte[] encryptResult = encrypt(content, password); //解密 byte[] decryptResult = decrypt(encryptResult,password); System.out.println("解密后：" + new String(decryptResult));

输出结果如下：

加密前：test
解密后：test

2.4 容易出错的地方

但是如果我们将测试代码修改一下，如下：

view plaincopy to clipboardprint?

1. String content = "test"; 
2. String password = "12345678"; 

1. //加密

1. System.out.println("加密前：" + content);
2. byte[] encryptResult = encrypt(content, password);
3. try {
4. String encryptResultStr = new String(encryptResult,"utf-8");
5. //解密
6. byte[] decryptResult = decrypt(encryptResultStr.getBytes("utf-8"),password);
7. System.out.println("解密后：" + new String(decryptResult));
8. } catch (UnsupportedEncodingException e) {
9. e.printStackTrace();
10. }

String content = "test"; String password = "12345678"; //加密 System.out.println("加密前：" + content); byte[] encryptResult = encrypt(content, password); try { String encryptResultStr = new String(encryptResult,"utf-8"); //解密 byte[] decryptResult = decrypt(encryptResultStr.getBytes("utf-8"),password); System.out.println("解密后：" + new String(decryptResult)); } catch (UnsupportedEncodingExcep<wbr>tion e) { e.printStackTrace(); }

则，系统会报出如下异常：

javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)

这主要是因为加密后的byte数组是不能强制转换成字符串的，换言之：字符串和byte数组在这种情况下不是互逆的；要避免这种情况，我们需要做一些修订，可以考虑将二进制数据转换成十六进制表示，主要有如下两个方法：

2.4.1将二进制转换成16进制

view plaincopy to clipboardprint?

1.  
2. public static String parseByte2HexStr(byte buf[]) { 

1. StringBuffer sb = new StringBuffer();

1. for (int i = 0; i < buf.length; i++) {
2. String hex = Integer.toHexString(buf[i] & 0xFF);
3. if (hex.length() == 1) {
4. hex = '0' + hex;
5. }
6. sb.append(hex.toUpperCase());
7. }
8. return sb.toString();
9. }

public static String parseByte2HexStr(byte buf[]) { StringBuffer sb = new StringBuffer(); for (int i = 0; i < buf.length; i++) { String hex = Integer.toHexString(buf[i] & 0xFF); if (hex.length() == 1) { hex = '0' + hex; } sb.append(hex.toUpperCase()); } return sb.toString(); }

2.4.2 将16进制转换为二进制

view plaincopy to clipboardprint?

1.  
2. public static byte[] parseHexStr2Byte(String hexStr) { 

1. if (hexStr.length() < 1)

1. return null;
2. byte[] result = new byte[hexStr.length()/2];
3. for (int i = 0;i< hexStr.length()/2; i++) {
4. int high = Integer.parseInt(hexStr.substring(i*2, i*2+1), 16);
5. int low = Integer.parseInt(hexStr.substring(i*2+1, i*2+2), 16);
6. result[i] = (byte) (high * 16 + low);
7. }
8. return result;
9. }

public static byte[] parseHexStr2Byte(String hexStr) { if (hexStr.length() < 1) return null; byte[] result = new byte[hexStr.length()/2]; for (int i = 0;i< hexStr.length()/2; i++) { int high = Integer.parseInt(hexStr.substring(i*2, i*2+1), 16); int low = Integer.parseInt(hexStr.substring(i*2+1, i*2+2), 16); result[i] = (byte) (high * 16 + low); } return result; }

然后，我们再修订以上测试代码，如下：

view plaincopy to clipboardprint?

1. String content = "test"; 
2. String password = "12345678"; 

1. //加密

1. System.out.println("加密前：" + content);
2. byte[] encryptResult = encrypt(content, password);
3. String encryptResultStr = parseByte2HexStr(encryptResult);
4. System.out.println("加密后：" + encryptResultStr);
5. //解密
6. byte[] decryptFrom = parseHexStr2Byte(encryptResultStr);
7. byte[] decryptResult = decrypt(decryptFrom,password);
8. System.out.println("解密后：" + new String(decryptResult));

String content = "test"; String password = "12345678"; //加密 System.out.println("加密前：" + content); byte[] encryptResult = encrypt(content, password); String encryptResultStr = parseByte2HexStr(encryptResult); System.out.println("加密后：" + encryptResultStr); //解密 byte[] decryptFrom = parseHexStr2Byte(encryptResultStr); byte[] decryptResult = decrypt(decryptFrom,password); System.out.println("解密后：" + new String(decryptResult));

测试结果如下：

加密前：test
加密后：73C58BAFE578C59366D8C995CD0B9D6D
解密后：test

2.5 另外一种加密方式

还有一种加密方式，大家可以参考如下：

view plaincopy to clipboardprint?

1.  
2.      public static byte[] encrypt2(String content, String password) { 

1. try {

1. SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES");
2. Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
3. byte[] byteContent = content.getBytes("utf-8");
4. cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
5. byte[] result = cipher.doFinal(byteContent);
6. return result; // 加密
7. } catch (NoSuchAlgorithmException e) {
8. e.printStackTrace();
9. } catch (NoSuchPaddingException e) {
10. e.printStackTrace();
11. } catch (InvalidKeyException e) {
12. e.printStackTrace();
13. } catch (UnsupportedEncodingException e) {
14. e.printStackTrace();
15. } catch (IllegalBlockSizeException e) {
16. e.printStackTrace();
17. } catch (BadPaddingException e) {
18. e.printStackTrace();
19. }
20. return null;
21. }

public static byte[] encrypt2(String content, String password) { try { SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES"); Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding"); byte[] byteContent = content.getBytes("utf-8"); cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化 byte[] result = cipher.doFinal(byteContent); return result; // 加密 } catch (NoSuchAlgorithmException<wbr> e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (UnsupportedEncodingExcep<wbr>tion e) { e.printStackTrace(); } catch (IllegalBlockSizeExceptio<wbr>n e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } return null; }

这种加密方式有两种限制

• 密钥必须是16位的
• 待加密内容的长度必须是16的倍数，如果不是16的倍数，就会出如下异常：

javax.crypto.IllegalBlockSizeException: Input length not multiple of 16 bytes
at com.sun.crypto.provider.SunJCE_f.a(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)

要解决如上异常，可以通过补全传入加密内容等方式进行避免。