项目中频繁使用到AES,网上给出的工具类比较杂乱,这里整理一个常用的AES工具类,进行加解密,细节如下:
aesKey:32/16 位
iv:aesKey
mode:CBC
padding:pkcs7
pkcs7参考网上使用Java实现填充
import org.springframework.util.Assert;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Base64;
import java.util.Objects;
/**
*
* AES工具类
* @author lizheng
*/
public class AesUtil {
public static final Charset DEF_CHARSET = StandardCharsets.UTF_8;
public static final String CIPHER_INSTANCE = "AES/CBC/NoPadding";
public static String decryptFormBase64ToString(String content, String aesTextKey) {
byte[] bytes = decryptFormBase64(content, aesTextKey);
if (bytes == null) {
return null;
}
return new String(bytes, DEF_CHARSET);
}
public static byte[] decryptFormBase64(String content, String aesTextKey) {
if (content == null || content.length() == 0 ) {
return null;
}
return decryptFormBase64(content.getBytes(DEF_CHARSET), aesTextKey);
}
public static byte[] decryptFormBase64(byte[] content, String aesTextKey) {
return decrypt(base64Decode(content), aesTextKey);
}
public static byte[] decrypt(byte[] content, String aesTextKey) {
return decrypt(content, Objects.requireNonNull(aesTextKey).getBytes(DEF_CHARSET));
}
public static byte[] decrypt(byte[] encrypted, byte[] aesKey) {
return Pkcs7Encoder.decode(aes(encrypted, aesKey, Cipher.DECRYPT_MODE));
}
public static String encryptToBase64(String content, String aesTextKey) {
return base64EncodeToString(encrypt(content, aesTextKey));
}
public static String encryptToBase64(byte[] content, String aesTextKey) {
return base64EncodeToString(encrypt(content, aesTextKey));
}
public static byte[] encrypt(String content, String aesTextKey) {
return encrypt(content.getBytes(DEF_CHARSET), aesTextKey);
}
public static byte[] encrypt(byte[] content, String aesTextKey) {
return encrypt(content, Objects.requireNonNull(aesTextKey).getBytes(DEF_CHARSET));
}
public static byte[] encrypt(byte[] content, byte[] aesKey) {
return aes(Pkcs7Encoder.encode(content), aesKey, Cipher.ENCRYPT_MODE);
}
private static byte[] aes(byte[] encrypted, byte[] aesKey, int mode) {
Assert.isTrue(aesKey.length == 32 || aesKey.length == 16, "AesKey's length must be 16 or 32");
try {
Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
SecretKeySpec keySpec = new SecretKeySpec(aesKey, "AES");
IvParameterSpec iv = new IvParameterSpec(Arrays.copyOfRange(aesKey, 0, 16));
cipher.init(mode, keySpec, iv);
return cipher.doFinal(encrypted);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
private static byte[] base64Decode(byte[] src) {
return src.length == 0 ? src : Base64.getDecoder().decode(src);
}
private static String base64EncodeToString(byte[] src) {
return src.length == 0 ? "" : new String(Base64.getEncoder().encode(src), DEF_CHARSET);
}
private static class Pkcs7Encoder {
private static final int BLOCK_SIZE = 32;
private static byte[] encode(byte[] src) {
int count = src.length;
// 计算需要填充的位数
int toPad = BLOCK_SIZE - (count % BLOCK_SIZE);
// 补位所用的字符
byte pad = (byte) (toPad & 0xFF);
byte[] pads = new byte[toPad];
for (int index = 0; index < toPad; index++) {
pads[index] = pad;
}
int length = count + toPad;
byte[] dest = new byte[length];
System.arraycopy(src, 0, dest, 0, count);
System.arraycopy(pads, 0, dest, count, toPad);
return dest;
}
private static byte[] decode(byte[] decrypted) {
int pad = decrypted[decrypted.length - 1];
if (pad < 1 || pad > BLOCK_SIZE) {
pad = 0;
}
if (pad > 0) {
return Arrays.copyOfRange(decrypted, 0, decrypted.length - pad);
}
return decrypted;
}
}
}