本文转自:http://blog.csdn.net/hbcui1984/article/details/5201247
JAVA实现AES加密
1. 因子
2. JAVA实现
闲话少许,掠过AES加密原理及算法,关于这些直接搜索专业网站吧,我们直接看JAVA的具体实现。
2.1 加密
代码有详细解释,不多废话。
-
- public
static byte[] encrypt(String content, String password) { -
try { -
KeyGenerator kgen = KeyGenerator.getInstance("AES"); -
kgen.init(128, new SecureRandom(password.getBytes())); -
SecretKey secretKey = kgen.generateKey(); -
byte[] enCodeFormat = secretKey.getEncoded(); -
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); -
Cipher cipher = Cipher.getInstance("AES");// 创建密码器 -
byte[] byteContent = content.getBytes("utf-8"); -
cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化 -
byte[] result = cipher.doFinal(byteContent); -
return result; // 加密 -
} catch (NoSuchAlgorithmException e) { -
e.printStackTrace(); -
} catch (NoSuchPaddingException e) { -
e.printStackTrace(); -
} catch (InvalidKeyException e) { -
e.printStackTrace(); -
} catch (UnsupportedEncodingExcep tion e) { -
e.printStackTrace(); -
} catch (IllegalBlockSizeExceptio n e) { -
e.printStackTrace(); -
} catch (BadPaddingException e) { -
e.printStackTrace(); -
} -
return null; - }
2.2 解密
代码有详细注释,不多废话
注意:解密的时候要传入byte数组
-
- public
static byte[] decrypt(byte[] content, String password) { -
try { -
KeyGenerator kgen = KeyGenerator.getInstance("AES"); -
kgen.init(128, new SecureRandom(password.getBytes())); -
SecretKey secretKey = kgen.generateKey(); -
byte[] enCodeFormat = secretKey.getEncoded(); -
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); -
Cipher cipher = Cipher.getInstance("AES");// 创建密码器 -
cipher.init(Cipher.DECRYPT_MODE, key);// 初始化 -
byte[] result = cipher.doFinal(content); -
return result; // 加密 -
} catch (NoSuchAlgorithmException e) { -
e.printStackTrace(); -
} catch (NoSuchPaddingException e) { -
e.printStackTrace(); -
} catch (InvalidKeyException e) { -
e.printStackTrace(); -
} catch (IllegalBlockSizeExceptio n e) { -
e.printStackTrace(); -
} catch (BadPaddingException e) { -
e.printStackTrace(); -
} -
return null; - }
2.3 测试代码
- String
content = "test"; - String
password = "12345678"; - //加密
- System.out.println("加密前:"
+ content); - byte[]
encryptResult = encrypt(content, password); - //解密
- byte[]
decryptResult = decrypt(encryptResult,password); - System.out.println("解密后:"
+ new String(decryptResult));
输出结果如下:
加密前:test
解密后:test
解密后:test
2.4 容易出错的地方
但是如果我们将测试代码修改一下,如下:
- String
content = "test"; - String
password = "12345678"; - //加密
- System.out.println("加密前:"
+ content); - byte[]
encryptResult = encrypt(content, password); - try
{ -
String encryptResultStr = new String(encryptResult,"utf-8"); -
//解密 -
byte[] decryptResult = decrypt(encryptResultStr.getBytes("utf-8"),password); -
System.out.println("解密后:" + new String(decryptResult)); - }
catch (UnsupportedEncodingExcep tion e) { -
e.printStackTrace(); - }
则,系统会报出如下异常:
javax.crypto.IllegalBlockSizeExceptio n: Input length must be multiple of 16 when decrypting with padded cipher
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
这主要是因为加密后的byte数组是不能强制转换成字符串的,换言之:字符串和byte数组在这种情况下不是互逆的;要避免这种情况,我们需要做一些修订,可以考虑将二进制数据转换成十六进制表示,主要有如下两个方法:
2.4.1将二进制转换成16进制
-
- public
static String parseByte2HexStr(byte buf[]) { -
StringBuffer sb = new StringBuffer(); -
for (int i = 0; i < buf.length; i++) { -
String hex = Integer.toHexString(buf[i] & 0xFF); -
if (hex.length() == 1) { -
hex = '0' + hex; -
} -
sb.append(hex.toUpperCase()); -
} -
return sb.toString(); - }
2.4.2 将16进制转换为二进制
-
- public
static byte[] parseHexStr2Byte(String hexStr) { -
if (hexStr.length() < 1) -
return null; -
byte[] result = new byte[hexStr.length()/2]; -
for (int i = 0;i< hexStr.length()/2; i++) { -
int high = Integer.parseInt(hexStr.substring(i*2, i*2+1), 16); -
int low = Integer.parseInt(hexStr.substring(i*2+1, i*2+2), 16); -
result[i] = (byte) (high * 16 + low); -
} -
return result; - }
然后,我们再修订以上测试代码,如下:
- String
content = "test"; - String
password = "12345678"; - //加密
- System.out.println("加密前:"
+ content); - byte[]
encryptResult = encrypt(content, password); - String
encryptResultStr = parseByte2HexStr(encryptResult); - System.out.println("加密后:"
+ encryptResultStr); - //解密
- byte[]
decryptFrom = parseHexStr2Byte(encryptResultStr); - byte[]
decryptResult = decrypt(decryptFrom,password); - System.out.println("解密后:"
+ new String(decryptResult));
测试结果如下:
加密前:test
加密后:73C58BAFE578C59366D8C995 CD0B9D6D
解密后:test
加密后:73C58BAFE578C59366D8C995
解密后:test
2.5 另外一种加密方式
还有一种加密方式,大家可以参考如下:
-
-
public static byte[] encrypt2(String content, String password) { -
try { -
SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES"); -
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding"); -
byte[] byteContent = content.getBytes("utf-8"); -
cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化 -
byte[] result = cipher.doFinal(byteContent); -
return result; // 加密 -
} catch (NoSuchAlgorithmException e) { -
e.printStackTrace(); -
} catch (NoSuchPaddingException e) { -
e.printStackTrace(); -
} catch (InvalidKeyException e) { -
e.printStackTrace(); -
} catch (UnsupportedEncodingExcep tion e) { -
e.printStackTrace(); -
} catch (IllegalBlockSizeExceptio n e) { -
e.printStackTrace(); -
} catch (BadPaddingException e) { -
e.printStackTrace(); -
} -
return null; -
}
这种加密方式有两种限制
- 密钥必须是16位的
- 待加密内容的长度必须是16的倍数,如果不是16的倍数,就会出如下异常:
javax.crypto.IllegalBlockSizeExceptio n: Input length not multiple of 16 bytes
at com.sun.crypto.provider.SunJCE_f.a(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
要解决如上异常,可以通过补全传入加密内容等方式进行避免。