AES高级加密标准(英语:Advanced Encryption Standard,缩写:AES),在密码学中又称Rijndael加密法,是美国联邦政府采用的一种区块加密标准。这个标准用来替代原先的DES,已经被多方分析且广为全世界所使用。
JDK AES实现
- 1.实现支持
AES理论上支持128,192,256三种长度的密钥,几乎全部密码块工作模式和填充方法,但JDK 7中只实现如下四种AES加密算法:
(1)AES/CBC/NoPadding (128)
(2)AES/CBC/PKCS5Padding (128)
(3)AES/ECB/NoPadding (128)
(4)AES/ECB/PKCS5Padding (128)
- 2.使用须知
(1)缺省模式和填充为“AES/ECB/PKCS5Padding”,Cipher.getInstance(“AES”)与Cipher.getInstance(“AES/ECB/PKCS5Padding”)等效。
(2)JDK的PKCS5Padding实际是上述的PKCS7的实现。
(3)由于AES是按照16Byte为块进行处理,对于NoPadding而言,如果需要加密的原文长度不是16Byte的倍数,将无法处理抛出异常,其实是由用户自己选择Padding的算法。密文则必然是16Byte的倍数,否则密文肯定异常。
(4)如果加密为PKCS5Padding,解密可以选择NoPadding,也能解密成功,内容为原文加上PKCS5Padding之后的结果。
(5)如果原文最后一个字符为>=0x00&&<=0x10的内容,PKCS5Padding的解密将会出现异常,要么是符合PKCS5Padding,最后的内容被删除,要么不符合,则解密失败抛出异常。对此有两种思路,一是原文通过Base64编码为可见字符,二是原文自带长度使用NoPadding解密。
代码:
package com.bohua.test;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
/**
* @author bohua
*对称技术只有一把秘钥,所以秘钥的管理是一个很麻烦的问题
*/
public class AES {
private Key key;
/**
* 生成AES对称秘钥
* @throws NoSuchAlgorithmException
*/
public void generateKey() throws NoSuchAlgorithmException {
KeyGenerator keygen = KeyGenerator.getInstance("AES");
SecureRandom random = new SecureRandom();
keygen.init(random);
this.key = keygen.generateKey();
}
/**
* 加密
* @param in
* @param out
* @throws InvalidKeyException
* @throws ShortBufferException
* @throws IllegalBlockSizeException
* @throws BadPaddingException
* @throws NoSuchAlgorithmException
* @throws NoSuchPaddingException
* @throws IOException
*/
public void encrypt(InputStream in, OutputStream out) throws InvalidKeyException, ShortBufferException, IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, IOException {
this.crypt(in, out, Cipher.ENCRYPT_MODE);
}
/**
* 解密
* @param in
* @param out
* @throws InvalidKeyException
* @throws ShortBufferException
* @throws IllegalBlockSizeException
* @throws BadPaddingException
* @throws NoSuchAlgorithmException
* @throws NoSuchPaddingException
* @throws IOException
*/
public void decrypt(InputStream in, OutputStream out) throws InvalidKeyException, ShortBufferException, IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, IOException {
this.crypt(in, out, Cipher.DECRYPT_MODE);
}
/**
* 实际的加密解密过程
* @param in
* @param out
* @param mode
* @throws IOException
* @throws ShortBufferException
* @throws IllegalBlockSizeException
* @throws BadPaddingException
* @throws NoSuchAlgorithmException
* @throws NoSuchPaddingException
* @throws InvalidKeyException
*/
public void crypt(InputStream in, OutputStream out, int mode) throws IOException, ShortBufferException, IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
Cipher cipher = Cipher.getInstance("AES");
cipher.init(mode, this.key);
int blockSize = cipher.getBlockSize();
int outputSize = cipher.getOutputSize(blockSize);
byte[] inBytes = new byte[blockSize];
byte[] outBytes = new byte[outputSize];
int inLength = 0;
boolean more = true;
while (more) {
inLength = in.read(inBytes);
if (inLength == blockSize) {
int outLength = cipher.update(inBytes, 0, blockSize, outBytes);
out.write(outBytes, 0, outLength);
} else {
more = false;
}
}
if (inLength > 0)
outBytes = cipher.doFinal(inBytes, 0, inLength);
else
outBytes = cipher.doFinal();
out.write(outBytes);
out.flush();
}
public void setKey(Key key) {
this.key = key;
}
public Key getKey() {
return key;
}
}
-
RSA是目前最有影响力的公钥加密算法,它能够抵抗到目前为止已知的绝大多数密码攻击,已被ISO推荐为公钥数据加密算法。
-
RSA算法是一种非对称密码算法,所谓非对称,就是指该算法需要一对密钥,使用其中一个加密,则需要用另一个才能解密。
-
由于非对称加密速度极其缓慢,一般文件不使用它来加密而是使用对称加密.
-
非对称加密算法可以用来对对称加密的密钥加密,这样保证密钥的安全也就保证了数据的安全。
代码:
package com.bohua.test;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
/**
* @author bohua
*由于非对称加密算法的开销很大,所以如果直接以非对称技术来加密发送的消息效率会很差.
*/
public class RSA {
public static final int KEYSIZE = 512;
private KeyPair keyPair;
private Key publicKey;
private Key privateKey;
/**
* 生成秘钥对
* @return
* @throws NoSuchAlgorithmException
*/
public KeyPair generateKeyPair() throws NoSuchAlgorithmException {
KeyPairGenerator pairgen = KeyPairGenerator.getInstance("RSA");
SecureRandom random = new SecureRandom();
pairgen.initialize(RSA.KEYSIZE, random);
this.keyPair = pairgen.generateKeyPair();
return this.keyPair;
}
/**
* 加密秘钥
* @param key
* @return
* @throws NoSuchAlgorithmException
* @throws NoSuchPaddingException
* @throws InvalidKeyException
* @throws IllegalBlockSizeException
*/
public byte[] wrapKey(Key key) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException {
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.WRAP_MODE, this.privateKey);
byte[] wrappedKey = cipher.wrap(key);
return wrappedKey;
}
/**
* 解密秘钥
* @param wrapedKeyBytes
* @return
* @throws NoSuchAlgorithmException
* @throws NoSuchPaddingException
* @throws InvalidKeyException
*/
public Key unwrapKey(byte[] wrapedKeyBytes) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.UNWRAP_MODE, this.publicKey);
Key key = cipher.unwrap(wrapedKeyBytes, "AES", Cipher.SECRET_KEY);
return key;
}
public Key getPublicKey() {
return publicKey;
}
public void setPublicKey(Key publicKey) {
this.publicKey = publicKey;
}
public Key getPrivateKey() {
return privateKey;
}
public void setPrivateKey(Key privateKey) {
this.privateKey = privateKey;
}
}
测试类:
package com.bohua.test;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
/**
* 对称秘钥与非对称密钥结合
* @author bohua
*
*/
public class Test {
public Test(){
//模仿加密
try {
InputStream in=new FileInputStream("D:\\Documents and Settings\\bohua\\桌面\\新建 文本文档 (2).txt");
OutputStream out=new FileOutputStream("D:\\Documents and Settings\\bohua\\桌面\\新建 文本文档 (3).txt");
AES aes=new AES();
RSA rsa=new RSA();
aes.generateKey();//获得key
Key key=aes.getKey();
System.out.println(key+" kkkkk");
//获取非对称秘钥
KeyPair keyPair=rsa.generateKeyPair();
rsa.setPrivateKey(keyPair.getPrivate());
byte[] b=rsa.wrapKey(key);
aes.encrypt(in, out);//加密过程
Decrypt(b,keyPair);
} catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ShortBufferException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
/**
模仿解密过程
* @param b
* @param keyPair
*/
private void Decrypt(byte[] b, KeyPair keyPair) {
InputStream in2;
try {
in2 = new FileInputStream("D:\\Documents and Settings\\bohua\\桌面\\新建 文本文档 (3).txt");
OutputStream out2=new FileOutputStream("D:\\Documents and Settings\\bohua\\桌面\\新建 文本文档 (4).txt");
AES aes2=new AES();
RSA rsa2=new RSA();
rsa2.setPublicKey(keyPair.getPublic());
Key key2=rsa2.unwrapKey(b);
aes2.setKey(key2);
aes2.decrypt(in2,out2);
} catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ShortBufferException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public static void main(String[] args) {
new Test();
}
}