Java使用GCM加密
参考CSDN大佬 进行自己的更改
//测试
public static void main(String[] args) throws Exception {
String content = "API_GATEWAY";
System.out.println("raw string:" + content);
String encrypt = aesEncrypt(content, getAESKey(ENCODING_AES_KEY));
System.out.println("encrypt string:" + encrypt);
String decrypt = aesDecrypt(encrypt, getAESKey(ENCODING_AES_KEY));
System.out.println("decrypt string:" + decrypt);
}
//转码调用方法
public static String aesEncrypt(String content, byte[] encryptKey) throws Exception {
return base64Encode(aesEncryptToBytes(content, encryptKey));
}
//Base64转码
public static String base64Encode(byte[] bytes) {
return Base64.encodeBase64String(bytes);
}
//GCM加密
public static byte[] aesEncryptToBytes(String content, byte[] encryptKey) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgenInit(kgen, encryptKey);
byte[] iv = new byte[12];
SecureRandom secureRandom = new SecureRandom();
secureRandom.nextBytes(iv);
byte[] contentBytes = content.getBytes(StandardCharsets.UTF_8);
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
GCMParameterSpec params = new GCMParameterSpec(128, iv);
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(kgen.generateKey().getEncoded(), "AES"), params);
byte[] encryptData = cipher.doFinal(contentBytes);
assert encryptData.length == contentBytes.length + 16;
byte[] message = new byte[12 + contentBytes.length + 16];
System.arraycopy(iv, 0, message, 0, 12);
System.arraycopy(encryptData, 0, message, 12, encryptData.length);
return message;
}
//base64解码 +调用解密方法
public static String aesEncrypt(String content, byte[] encryptKey) throws Exception {
return base64Encode(aesEncryptToBytes(content, encryptKey));
}
//base64解码
public static String base64Encode(byte[] bytes) {
return Base64.encodeBase64String(bytes);
}
//实际解密
public static String aesDecryptByBytes(byte[] encryptBytes, byte[] decryptKey) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgenInit(kgen, decryptKey);
if (encryptBytes.length < 12 + 16) {
throw new IllegalArgumentException();
}
GCMParameterSpec params = new GCMParameterSpec(128, encryptBytes, 0, 12);
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(kgen.generateKey().getEncoded(), "AES"), params);
byte[] decryptData = cipher.doFinal(encryptBytes, 12, encryptBytes.length - 12);
return new String(decryptData, StandardCharsets.UTF_8);
}