文章目录
Java 实现对称加密
对称加密指加密和解密使用相同密钥的加密算法。
DES(Data Encryption Standard)数据加密标准
- 应用
1 JDK 的 DES 实现
import org.apache.commons.codec.binary.Hex;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import java.security.Key;
import java.security.SecureRandom;
public class SymmetricalEncryptionUtils {
public static String jdkDES(String str) {
try {
// 生成 KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
System.out.println(keyGenerator.getProvider());
keyGenerator.init(new SecureRandom());
Key secretKey = keyGenerator.generateKey();
byte[] keyBytes = secretKey.getEncoded();
// KEY 转换
DESKeySpec desKeySpec = new DESKeySpec(keyBytes);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
Key convertSecretKey = factory.generateSecret(desKeySpec);
// 加密
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
// 解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
System.out.println("JDK DES Decrypt: " + new String(cipher.doFinal(result)));
return Hex.encodeHexString(result);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
2 Bouncy Castle 的 DES 实现
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import java.security.Key;
import java.security.SecureRandom;
import java.security.Security;
public class SymmetricalEncryptionUtils {
public static String bcDES(String str) {
Security.addProvider(new BouncyCastleProvider());
try {
// 生成 KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES", "BC");
System.out.println(keyGenerator.getProvider());
keyGenerator.init(new SecureRandom());
Key secretKey = keyGenerator.generateKey();
byte[] keyBytes = secretKey.getEncoded();
// KEY 转换
DESKeySpec desKeySpec = new DESKeySpec(keyBytes);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
Key convertSecretKey = factory.generateSecret(desKeySpec);
// 加密
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
// 解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
System.out.println("BC DES Decrypt: " + new String(cipher.doFinal(result)));
return Hex.encodeHexString(result);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
3DES(Triple DES)三重数据加密算法
1 JDK 的 3DES 实现
import org.apache.commons.codec.binary.Hex;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import java.security.Key;
import java.security.SecureRandom;
public class SymmetricalEncryptionUtils {
public static String jdk3DES(String str) {
try {
// 生成 KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
System.out.println(keyGenerator.getProvider());
keyGenerator.init(new SecureRandom());
Key secretKey = keyGenerator.generateKey();
byte[] keyBytes = secretKey.getEncoded();
// KEY 转换
DESedeKeySpec desKeySpec = new DESedeKeySpec(keyBytes);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
Key convertSecretKey = factory.generateSecret(desKeySpec);
// 加密
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
// 解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
System.out.println("JDK 3DES Decrypt: " + new String(cipher.doFinal(result)));
return Hex.encodeHexString(result);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
2 Bouncy Castle 的 3DES 实现
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import java.security.Key;
import java.security.SecureRandom;
import java.security.Security;
public class SymmetricalEncryptionUtils {
public static String bc3DES(String str) {
Security.addProvider(new BouncyCastleProvider());
try {
// 生成 KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede", "BC");
System.out.println(keyGenerator.getProvider());
keyGenerator.init(new SecureRandom());
Key secretKey = keyGenerator.generateKey();
byte[] keyBytes = secretKey.getEncoded();
// KEY 转换
DESedeKeySpec desKeySpec = new DESedeKeySpec(keyBytes);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
Key convertSecretKey = factory.generateSecret(desKeySpec);
// 加密
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
// 解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
System.out.println("BC 3DES Decrypt: " + new String(cipher.doFinal(result)));
return Hex.encodeHexString(result);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
AES(Advanced Encryption Standard)高级加密标准
AES 是对称密钥加密中最流行的算法之一。
1 JDK 的 AES 实现
import org.apache.commons.codec.binary.Hex;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
import java.security.SecureRandom;
public class SymmetricalEncryptionUtils {
public static String jdkAES(String str) {
try {
// 生成 KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
System.out.println(keyGenerator.getProvider());
keyGenerator.init(new SecureRandom());
Key secretKey = keyGenerator.generateKey();
byte[] keyBytes = secretKey.getEncoded();
// KEY 转换
Key convertSecretKey = new SecretKeySpec(keyBytes, "AES");
// 加密
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
// 解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
System.out.println("JDK AES Decrypt: " + new String(cipher.doFinal(result)));
return Hex.encodeHexString(result);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
2 Bouncy Castle 的 AES 实现
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
import java.security.SecureRandom;
import java.security.Security;
public class SymmetricalEncryptionUtils {
public static String bcAES(String str) {
Security.addProvider(new BouncyCastleProvider());
try {
// 生成 KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "BC");
System.out.println(keyGenerator.getProvider());
keyGenerator.init(new SecureRandom());
Key secretKey = keyGenerator.generateKey();
byte[] keyBytes = secretKey.getEncoded();
// KEY 转换
Key convertSecretKey = new SecretKeySpec(keyBytes, "AES");
// 加密
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
// 解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
System.out.println("BC AES Decrypt: " + new String(cipher.doFinal(result)));
return Hex.encodeHexString(result);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
PBE(Password Based Encryption)基于口令加密
PBE 算法结合了消息摘要算法和对称加密算法的优点。
- 应用
1 JDK 的 PBE 实现
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.Key;
import java.security.SecureRandom;
public class SymmetricalEncryptionUtils {
public static String jdkPBE(String str) {
// 初始化盐
SecureRandom random = new SecureRandom();
byte[] salt = random.generateSeed(8);
// 口令与密钥
String password = "test";
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5andDES");
System.out.println(factory.getProvider());
Key key = factory.generateSecret(pbeKeySpec);
// 加密
PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(salt, 100);
Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");
cipher.init(Cipher.ENCRYPT_MODE, key, pbeParameterSpec);
byte[] result = cipher.doFinal(str.getBytes());
// 解密
cipher.init(Cipher.DECRYPT_MODE, key, pbeParameterSpec);
System.out.println("JDK PBE Decrypt: " + new String(cipher.doFinal(result)));
return Base64.encodeBase64String(result);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
2 Bouncy Castle 的 PBE 实现
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.Key;
import java.security.SecureRandom;
import java.security.Security;
public class SymmetricalEncryptionUtils {
public static String bcPBE(String str) {
// 初始化盐
SecureRandom random = new SecureRandom();
byte[] salt = random.generateSeed(8);
// 口令与密钥
String password = "test";
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
Security.addProvider(new BouncyCastleProvider());
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5andDES","BC");
System.out.println(factory.getProvider());
Key key = factory.generateSecret(pbeKeySpec);
// 加密
PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(salt, 100);
Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");
cipher.init(Cipher.ENCRYPT_MODE, key, pbeParameterSpec);
byte[] result = cipher.doFinal(str.getBytes());
// 解密
cipher.init(Cipher.DECRYPT_MODE, key, pbeParameterSpec);
System.out.println("JDK PBE Decrypt: " + new String(cipher.doFinal(result)));
return Base64.encodeBase64String(result);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}