java之對稱加密演算法
阿新 • • 發佈:2019-02-09
對稱加密演算法是以一種使用頻率高的初等的加密演算法,如你所想,之所以稱之為對稱加密演算法,說明加密祕鑰是相同,加密過程可逆,而前面介紹的base64加密,和訊息摘要加密演算法是不可逆的.一般的對稱加密演算法有DES,DES祕鑰長度不夠,易被破解,進而衍生出了3DES,在DES的基礎上又出現了AES演算法,還有PBE,IDEA等演算法.
DES(Data Encryption Standrad)資料加密標準
祕鑰長度 | 預設 | 工作模式 | 填充方式 | 實現方 |
56 | 56 | ECB|CBC|PCBC|CTR|CTS| CFB|CFB8|到128|OFB|OFB8到128 | NoPadding|PKCS5Padding| ISO10126Padding | jdk |
64 | 56 | 同上 | PKCS7Padding|ISO10126d2Padding| X932Padding|ISO7816d4Padding| ZeroBytePadding | bc |
程式碼實現
- jdk實現
try {
//生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
keyGenerator.init(56);
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
//key轉換
KeySpec keySpec = new DESKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
SecretKey convertSecretKey = factory.generateSecret(keySpec);
//加密
Cipher cipher = Cipher.getInstance ("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk des en:"+ Hex.toHexString(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
byte[] raw = cipher.doFinal(result);
System.out.println("jdk des de:"+ new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
- bc的實現
try {
Security.addProvider(new BouncyCastleProvider());
//生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC");
keyGenerator.init(56);
System.out.println(keyGenerator.getProvider());
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
//key轉換
KeySpec keySpec = new DESKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
SecretKey convertSecretKey = factory.generateSecret(keySpec);
//加密
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk des en:"+ Hex.toHexString(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
byte[] raw = cipher.doFinal(result);
System.out.println("bc des de:"+ new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
3DES在實際應用中十分廣泛,但效率比較低,下面是jdk實現3DES
try {
//生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
// keyGenerator.init(168);
keyGenerator.init(new SecureRandom());//生成預設長度
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
//key轉換
KeySpec keySpec = new DESedeKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
SecretKey convertSecretKey = factory.generateSecret(keySpec);
//加密
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk 3des en:"+ Hex.toHexString(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
byte[] raw = cipher.doFinal(result);
System.out.println("jdk 3des de:"+ new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
AES是DES演算法的代替者,目前還沒有被破解的訊息.
java實現AES與實現DES相似
try {
//生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(new SecureRandom());
SecretKey secretKye = keyGenerator.generateKey();
byte[] keyBytes = secretKye.getEncoded();
//轉換key
SecretKeySpec keySpec= new SecretKeySpec(keyBytes, "AES");
//加密
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk aes en:"+ Base64.encodeBase64String(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, keySpec);
byte[] raw = cipher.doFinal(result);
System.out.println("jdk aes de:"+new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
PBE(Password Based Encryption)基於口令的加密
演算法結合了訊息摘要演算法和對稱加密演算法的特點,是對已有演算法是包裝(口令+鹽)
程式碼實現
try {
//初始化鹽
SecureRandom secureRandom = new SecureRandom();
byte[] salt = secureRandom.generateSeed(8);
salt = new byte[]{'a','a','a','a','a','a','a','a'};
//口令與祕鑰
String password = "yexiu";
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5andDES");
Key key = factory.generateSecret(pbeKeySpec);
//加密
PBEParameterSpec parameter = new PBEParameterSpec(salt, 100);
Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");
cipher.init(Cipher.ENCRYPT_MODE, key, parameter);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk pbe en:"+Base64.encodeBase64String(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, key, parameter);
byte[] raw = cipher.doFinal(result);
System.out.println("jdk pbe de:"+new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}