package xxxxx
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public class AESUtil {
private static Logger logger = LoggerFactory.getLogger(AESUtil.class);
/**
* 算法
*/
private static final String ALGORITHMS = "AES/GCM/PKCS5Padding";
/**
* 加密
* @param fixedSalt 固定salt
* @param randomSalt 随机salt
* @param content 要加密的内容
* @return
*/
public static String encryptWithSalt(String fixedSalt, String randomSalt, String content) {
try {
if (StringUtils.isEmpty(fixedSalt) || StringUtils.isEmpty(randomSalt)) {
throw new Exception("AESGCM256加密异常,检查文本或密钥");
}
SecretKey secretKey = new SecretKeySpec(hexStringToByteArray(fixedSalt + randomSalt), "AES");
Cipher cipher = Cipher.getInstance(ALGORITHMS);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] iv = cipher.getIV();
assert iv.length == 12;// 偏移参数及长度要在解密的时候保持一致
byte[] encryptData = cipher.doFinal(content.getBytes());
assert encryptData.length == content.getBytes().length + 16;
byte[] message = new byte[12 + content.getBytes().length + 16];
System.arraycopy(iv, 0, message, 0, 12);
System.arraycopy(encryptData, 0, message, 12, encryptData.length);
return Base64.encodeBase64String(message);
} catch (Exception e) {
logger.error("AESGCM256加密文本处理失败,error:{}", e);
}
return null;
}
/**
* 解密
* @param fixedSalt 固定salt
* @param randomSalt 随机salt
* @param encryptedContent 加密后的内容
* @return
*/
public static String decryptWithSalt(String fixedSalt, String randomSalt, String encryptedContent) {
try {
if (StringUtils.isEmpty(fixedSalt) || StringUtils.isEmpty(randomSalt)) {
throw new Exception("AESGCM256解密异常,检查文本或密钥");
}
Cipher cipher = Cipher.getInstance(ALGORITHMS);
SecretKey key = new SecretKeySpec(hexStringToByteArray(fixedSalt + randomSalt), "AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] message = Base64.decodeBase64(encryptedContent);
// 这里的12和16是加密的时候设置的偏移参数及加密长度
if (message.length < 12 + 16) throw new IllegalArgumentException();
GCMParameterSpec params = new GCMParameterSpec(128, message, 0, 12);
cipher.init(Cipher.DECRYPT_MODE, key, params);
byte[] decryptData = cipher.doFinal(message, 12, message.length - 12);
String decript = new String(decryptData);
return decript;
} catch (Exception e) {
logger.error("AESGCM256解密文本处理失败,error:{}", e);
}
return null;
}
private static byte[] hexStringToByteArray(String s) {
int len = s.length();
byte[] data = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4)
+ Character.digit(s.charAt(i + 1), 16));
}
return data;
}
/**
* 128位的随机盐进行base64加密
* @return
*/
public static String generateRandomSalt() throws java.security.NoSuchAlgorithmException{
KeyGenerator generator = KeyGenerator.getInstance("AES");
//初始化密钥生成器,AES要求密钥长度为128位、192位、256位
generator.init(128);
SecretKey secretKey = generator.generateKey();
return Base64.encodeBase64String(secretKey.getEncoded());
}
public static void main(String[] args) throws java.security.NoSuchAlgorithmException{
KeyGenerator generator = KeyGenerator.getInstance("AES");
//初始化密钥生成器,AES要求密钥长度为128位、192位、256位
generator.init(128);
String password = "";
SecretKey secretKey = generator.generateKey();
String objectSalt = Base64.encodeBase64String(secretKey.getEncoded());
System.out.println(objectSalt);
SecretKey secretKey2 = generator.generateKey();
String secretSalt = Base64.encodeBase64String(secretKey2.getEncoded());
System.out.println(secretSalt);
//初始化密钥生成器,AES要求密钥长度为128位、192位、256位
String encryptContent = AESUtil.encryptWithSalt(objectSalt,secretSalt,password);
logger.info(password);
logger.info(encryptContent);
String orignPassword = AESUtil.decryptWithSalt(objectSalt,secretSalt,encryptContent);
logger.info(orignPassword);
}
}
AESGCM256 加密解密
于 2022-05-20 13:41:20 首次发布