CBC这种模式是先将明文切分成若干小段,然后每一小段与初始块或者上一段的密文段进行异或运算后,再与密钥进行加密。
这样每个密文块依赖该块之前的所有明文块,为了保持每条消息都具有唯一性,第一个数据块进行加密之前需要用初始化向量IV进行异或操作。
CBC模式是一种最常用的加密模式,它主要缺点是加密是连续的,不能并行处理,并且与ECB一样消息块必须填充到块大小的整倍数。
优点:
1.不容易主动攻击,安全性好于ECB,适合传输长度长的报文,是SSL、IPSec的标准。
缺点:
1.不利于并行计算
2.误差传递
3.需要初始化向量IV
实现代码:
import lombok.extern.slf4j.Slf4j;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.Base64;
@Slf4j
public class AESCBCUtils {
public static final String AES_KEY = "1234567890123456";--16位
public static final String AES_IV = "1234567890123456";--16位
/**
* 加密
*/
public static String encrypt(String sSrc, String key, String vector) throws Exception {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
byte[] raw = key.getBytes();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
// 使用CBC模式,需要一个向量iv,可增加加密算法的强度
IvParameterSpec iv = new IvParameterSpec(vector.getBytes());
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8"));
return Base64.getEncoder().encodeToString(encrypted);
}
/**
* 解密
*/
public static String decrypt(String sSrc, String key, String ivs) {
try {
byte[] raw = key.getBytes("ASCII");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
IvParameterSpec iv = new IvParameterSpec(ivs.getBytes());
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] encrypted1 = Base64.getDecoder().decode(sSrc);
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, "utf-8");
return originalString;
} catch (Exception ex) {
StringWriter sw = new StringWriter();
PrintWriter printWriter = new PrintWriter(sw);
ex.printStackTrace(printWriter);
log.error("AESCBCUtils decrypt error >>> {}", sSrc, ex);
return null;
}
}
public static void main(String[] args) throws Exception {
String str = "{\"code\":\"0147\",\"pwd\":\"afdd0b4ad2ec172c586e2150770fbf9e\",\"mobileOs\":\"1\",\"randomStr\":\"tjd4VuYD2J2J7DyoNsMKd\"}\n";
String encryption = null;
String decrypt = null;
try {
encryption = encrypt(str, AES_KEY, AES_IV);//普通加密
decrypt = decrypt(encryption, AES_KEY, AES_IV);//普通解密
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("加密:" + encryption);
System.out.println("解密:" + decrypt);
}
}