安全問題已經成為一個越來越重要的問題,在Java中如何對重要數據進行加密解密是本文的主要內容。
一、常用的加密/解密算法
1.Base64
嚴格來說Base64并不是一種加密/解密算法,而是一種編碼方式。Base64不生成密鑰,通過Base64編碼后的密文就可以直接“翻譯”為明文,但是可以通過向明文中添加混淆字符來達到加密的效果。
2.DES
DES是一種基于56位密鑰的對稱算法,1976年被美國聯邦政府的國家標準局確定為聯邦資料處理標準(FIPS),隨后在國際上廣泛流傳開來。現在DES已經不是一種安全的加密算法,已被公開破解,現在DES已經被高級加密標準(AES)所代替。
3.3DES
3DES是DES的一種派生算法,主要提升了DES的一些實用所需的安全性。
4.AES
AES是現在對稱加密算法中最流行的算法之一。
二、實現所需的一些庫
為了實現上述的算法,我們可以實用JDK自帶的實現,也可以使用一些開源的第三方庫,例如Bouncy Castle(https://www.bouncycastle.org/)和comnons codec(https://commons.apache.org/proper/commons-codec/)。
三、具體實現
1.Base64
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
package com.tancky.security;import java.io.IOException;import sun.misc.BASE64Decoder;import sun.misc.BASE64Encoder;public class Base64Demo { private static String src = "TestBase64"; public static void main(String[] args) { Base64Demo.jdkBase64(); Base64Demo.commonsCodecBase64 (); Base64Demo.bouncyCastleBase64 (); } //使用JDK的base64實現, public static void jdkBase64 (){ BASE64Encoder encoder = new BASE64Encoder(); String encode = encoder.encode(Base64Demo.src.getBytes()); System.out.println("encode: " + encode); BASE64Decoder decoder = new BASE64Decoder(); try { String decode = new String ( decoder.decodeBuffer(encode)); System.out.println("decode: " + decode); } catch (IOException e) { e.printStackTrace(); } } //使用apache的commonsCodec實現 public static void commonsCodecBase64 (){ byte[] encodeBytes = org.apache.commons.codec.binary.Base64.encodeBase64(Base64Demo.src.getBytes()); String encode = new String (encodeBytes); System.out.println("encode: " + encode); byte[] decodeBytes = org.apache.commons.codec.binary.Base64.decodeBase64(encode); String decode = new String(decodeBytes); System.out.println("decode: " + decode); } //使用bouncyCastlede實現 public static void bouncyCastleBase64 () { byte[] encodeBytes = org.bouncycastle.util.encoders.Base64.encode(Base64Demo.src.getBytes()) ; String encode = new String (encodeBytes); System.out.println("encode: " + encode); byte[] decodeBytes = org.bouncycastle.util.encoders.Base64.decode(encode); String decode = new String(decodeBytes); System.out.println("decode: " + decode); }} |
2.DES
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
package com.tancky.security;import java.security.InvalidKeyException;import java.security.Key;import java.security.NoSuchAlgorithmException;import java.security.NoSuchProviderException;import java.security.Security;import java.security.spec.InvalidKeySpecException;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.KeyGenerator;import javax.crypto.NoSuchPaddingException;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESKeySpec;import org.bouncycastle.jce.provider.BouncyCastleProvider;import org.bouncycastle.util.encoders.Hex;public class DESDemo { private static String src = "TestDES"; public static void jdkDES () { try { //生成密鑰Key KeyGenerator keyGenerator = KeyGenerator.getInstance("DES"); keyGenerator.init(56); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); //KEY轉換 DESKeySpec deSedeKeySpec = new DESKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DES"); Key convertSecretKey = factory.generateSecret(deSedeKeySpec); //加密 Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey); byte[] encodeResult = cipher.doFinal(DESDemo.src.getBytes()); System.out.println("DESEncode :" + Hex.toHexString(encodeResult)); //解密 cipher.init(Cipher.DECRYPT_MODE,convertSecretKey); byte[] DecodeResult = cipher.doFinal(encodeResult); System.out.println("DESDncode :" + new String (DecodeResult)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeyException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (InvalidKeySpecException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (IllegalBlockSizeException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (BadPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } } public static void bcDES (){ try { //使用BouncyCastle 的DES加密 Security.addProvider(new BouncyCastleProvider()); //生成密鑰Key KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC"); keyGenerator.init(56); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); //KEY轉換 DESKeySpec deSedeKeySpec = new DESKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DES"); Key convertSecretKey = factory.generateSecret(deSedeKeySpec); //加密 Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey); byte[] encodeResult = cipher.doFinal(DESDemo.src.getBytes()); System.out.println("DESEncode :" + Hex.toHexString(encodeResult)); //解密 cipher.init(Cipher.DECRYPT_MODE,convertSecretKey); byte[] DecodeResult = cipher.doFinal(encodeResult); System.out.println("DESDncode :" + new String (DecodeResult)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeyException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (InvalidKeySpecException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (IllegalBlockSizeException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (BadPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchProviderException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } } public static void main(String[] args) { DESDemo.jdkDES (); DESDemo.bcDES(); }} |
3.3DES
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
package com.tancky.security;import java.security.InvalidKeyException;import java.security.Key;import java.security.NoSuchAlgorithmException;import java.security.NoSuchProviderException;import java.security.Security;import java.security.spec.InvalidKeySpecException;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.KeyGenerator;import javax.crypto.NoSuchPaddingException;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESedeKeySpec;import org.bouncycastle.jce.provider.BouncyCastleProvider;import org.bouncycastle.util.encoders.Hex;public class TripleDESDemo { private static String src = "TestTripleDES"; public static void jdkTripleDES () { try { //生成密鑰Key KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede"); keyGenerator.init(168); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); //KEY轉換 DESedeKeySpec deSedeKeySpec = new DESedeKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede"); Key convertSecretKey = factory.generateSecret(deSedeKeySpec); //加密 Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey); byte[] encodeResult = cipher.doFinal(TripleDESDemo.src.getBytes()); System.out.println("TripleDESEncode :" + Hex.toHexString(encodeResult)); //解密 cipher.init(Cipher.DECRYPT_MODE,convertSecretKey); byte[] DecodeResult = cipher.doFinal(encodeResult); System.out.println("TripleDESDncode :" + new String (DecodeResult)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeyException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (InvalidKeySpecException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (IllegalBlockSizeException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (BadPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } }public static void bcTripleDES () { try { Security.addProvider(new BouncyCastleProvider()); //生成密鑰Key KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede","BC"); keyGenerator.getProvider(); keyGenerator.init(168); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); //KEY轉換 DESedeKeySpec deSedeKeySpec = new DESedeKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede"); Key convertSecretKey = factory.generateSecret(deSedeKeySpec); //加密 Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey); byte[] encodeResult = cipher.doFinal(TripleDESDemo.src.getBytes()); System.out.println("TripleDESEncode :" + Hex.toHexString(encodeResult)); //解密 cipher.init(Cipher.DECRYPT_MODE,convertSecretKey); byte[] DecodeResult = cipher.doFinal(encodeResult); System.out.println("TripleDESDncode :" + new String (DecodeResult)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeyException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (InvalidKeySpecException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (IllegalBlockSizeException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (BadPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchProviderException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } } public static void main(String[] args) { jdkTripleDES (); bcTripleDES (); }} |
4.AES
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
package com.tancky.security;import java.security.InvalidKeyException;import java.security.Key;import java.security.NoSuchAlgorithmException;import java.security.NoSuchProviderException;import java.security.SecureRandom;import java.security.Security;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.KeyGenerator;import javax.crypto.NoSuchPaddingException;import javax.crypto.SecretKey;import javax.crypto.spec.SecretKeySpec;import org.bouncycastle.jce.provider.BouncyCastleProvider;import org.bouncycastle.util.encoders.Hex;public class AESDemo { private static String src = "TestAES"; public static void jdkAES (){ try { //生成Key KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); keyGenerator.init(128); //keyGenerator.init(128, new SecureRandom("seedseedseed".getBytes())); //使用上面這種初始化方法可以特定種子來生成密鑰,這樣加密后的密文是唯一固定的。 SecretKey secretKey = keyGenerator.generateKey(); byte[] keyBytes = secretKey.getEncoded(); //Key轉換 Key key = new SecretKeySpec(keyBytes, "AES"); //加密 Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, key); byte[] encodeResult = cipher.doFinal(AESDemo.src.getBytes()); System.out.println("AESencode : " + Hex.toHexString(encodeResult) ); //解密 cipher.init(Cipher.DECRYPT_MODE, key); byte[] decodeResult = cipher.doFinal(encodeResult); System.out.println("AESdecode : " + new String (decodeResult)); } catch (NoSuchAlgorithmException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (InvalidKeyException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (IllegalBlockSizeException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (BadPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } } public static void bcAES (){ try { //使用BouncyCastle 的DES加密 Security.addProvider(new BouncyCastleProvider()); //生成Key KeyGenerator keyGenerator = KeyGenerator.getInstance("AES","BC"); keyGenerator.getProvider(); keyGenerator.init(128); SecretKey secretKey = keyGenerator.generateKey(); byte[] keyBytes = secretKey.getEncoded(); //Key轉換 Key key = new SecretKeySpec(keyBytes, "AES"); //加密 Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, key); byte[] encodeResult = cipher.doFinal(AESDemo.src.getBytes()); System.out.println("AESencode : " + Hex.toHexString(encodeResult) ); //解密 cipher.init(Cipher.DECRYPT_MODE, key); byte[] decodeResult = cipher.doFinal(encodeResult); System.out.println("AESdecode : " + new String (decodeResult)); } catch (NoSuchAlgorithmException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (InvalidKeyException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (IllegalBlockSizeException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (BadPaddingException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } catch (NoSuchProviderException e) { // TODO 自動生成的 catch 塊 e.printStackTrace(); } } public static void main(String[] args) { jdkAES(); bcAES(); }} |
以上就是本文的全部內容,希望本文的內容對大家的學習或者工作能帶來一定的幫助,同時也希望多多支持服務器之家!
原文鏈接:http://www.cnblogs.com/tancky/p/6409823.html
