Java实现AES256加解密

一.代码

package com.handler;

import java.io.UnsupportedEncodingException;

import java.security.Key; 

import java.security.Security;

import javax.crypto.Cipher; 

import javax.crypto.KeyGenerator;

import javax.crypto.SecretKey; 

import javax.crypto.spec.SecretKeySpec; 

 

public class AES256Encryption{ 

 

public static final String KEY_ALGORITHM="AES";          

 

public static final String CIPHER_ALGORITHM="AES/ECB/PKCS7Padding"; 

         

public static byte[] initkey() throws Exception{ 

     

     //实例化密钥生成器 

          Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

          KeyGenerator kg=KeyGenerator.getInstance(KEY_ALGORITHM, "BC"); 

          kg.init(256); 

          kg.init(128);

     

          SecretKey secretKey=kg.generateKey(); 

   

          return secretKey.getEncoded();  

    }

 

public static byte[] initRootKey() throws Exception{ 

 

          return new byte[] { 0x08, 0x08, 0x04, 0x0b, 0x02, 0x0f, 0x0b, 0x0c,

              0x01, 0x03, 0x09, 0x07, 0x0c, 0x03, 0x07, 0x0a, 0x04, 0x0f,

               0x06, 0x0f, 0x0e, 0x09, 0x05, 0x01, 0x0a, 0x0a, 0x01, 0x09,

             0x06, 0x07, 0x09, 0x0d };

   

}

 

public static Key toKey(byte[] key) throws Exception{ 

 

SecretKey secretKey=new SecretKeySpec(key,KEY_ALGORITHM); 

           

return secretKey; 

    } 

         

public static byte[] encrypt(byte[] data,byte[] key) throws Exception{ 

    

   Key k=toKey(key); 

   Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

   Cipher cipher=Cipher.getInstance(CIPHER_ALGORITHM, "BC"); 

 

   cipher.init(Cipher.ENCRYPT_MODE, k); 

 

   return cipher.doFinal(data); 

    } 

 

public static byte[] decrypt(byte[] data,byte[] key) throws Exception{ 

 

        Key k =toKey(key); 

 

        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

        Cipher cipher=Cipher.getInstance(CIPHER_ALGORITHM, "BC"); 

 

        cipher.init(Cipher.DECRYPT_MODE, k); 

 

        return cipher.doFinal(data); 

    } 

 

 

 

public static void main(String[] args) throws UnsupportedEncodingException{ 

         

         String str="芸sweet"; 

         

         //打印原文

         System.out.println("原文："+str); 

 

         //密钥

         byte[] key;   

         

         try {

         

        //生成随机密钥 

             key = AES256Encryption.initkey(); 

            

             //打印密钥

             System.out.print("密钥："); 

             for(int i = 0;i

                System.out.printf("%x", key[i]);

             }

             System.out.print("\n");

            

             //加密

             byte[] data=AES256Encryption.encrypt(str.getBytes(), key); 

           

             //打印密文

             System.out.print("加密后：");

          

             for(int i = 0;i

                System.out.printf("%x", data[i]);

             }

             System.out.print("\n");

            

             //解密密文

data=AES256Encryption.decrypt(data, key); 

//打印原文  

System.out.println("解密后："+new String(data));

 

         } catch (Exception e) {

        

            e.printStackTrace();

        } 

            

       } 

}

 

二.注意

1.需要在工程中引入 bcprov-jdk15-133.jar

下载链接：http://pan.baidu.com/s/1dDBY9xB

2.替换\jre\lib\security下的 local_policy.jar 和 US_export_policy.jar

下载链接： http://pan.baidu.com/s/1dDBY9xB

1）如果程序使用是系统jdk，则替换系统环境变量的jdk中 \jre\lib\security下 的 jar 包。

2）如果程序是在MyEclipse中运行，则找到MyEclipse使用的jdk（方法：在MyEclipse里面进入window->Preferences->java选项里面有一个Installed JREs的选项，点击右边会出现一个列表，里面有你现在用到的JDK版本及路径），替换该 jdk中 \jre\lib\security下 的 jar 包。

可以解决： java.security.InvalidKeyException: Illegal key size or default parameters异常

 

三.如果密钥需要存入数据库，则需要对密钥进行base64编码，即将密钥（byte数组）通过base64编码转换成密钥（String类型）；从数据库中读取密钥时，则使用base64解码，即将密钥（String类型）转换成密钥（byte数组）。详见《Java实现base64编码》