package com.ice.webos.util.security; import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.security.Key; import java.security.MessageDigest; import java.security.SecureRandom; import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.Mac; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESKeySpec; import javax.crypto.spec.SecretKeySpec; import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; /** * <ul> * <li>BASE64的加密解密是双向的,可以求反解。</li> * <li>MD5、SHA以及HMAC是单向加密,任何数据加密后只会产生唯一的一个加密串,通常用来校验数据在传输过程中是否被修改。</li> * <li>HMAC算法有一个密钥,增强了数据传输过程中的安全性,强化了算法外的不可控因素。</li> * <li>DES DES-Data Encryption Standard,即数据加密算法。 * DES算法的入口参数有三个:Key、Data、Mode。 * <ul> * <li>Key:8个字节共64位,是DES算法的工作密钥;</li> * <li>Data:8个字节64位,是要被加密或被解密的数据;</li> * <li>Mode:DES的工作方式,有两种:加密或解密。</li> * </ul> * </li> * <ul> * * @author Ice_Liu * */ public class CryptUtil { private static final String KEY_MD5 = "MD5"; private static final String KEY_SHA = "SHA"; /** * MAC算法可选以下多种算法 * * <pre> * * HmacMD5 * HmacSHA1 * HmacSHA256 * HmacSHA384 * HmacSHA512 * </pre> */ public static final String KEY_MAC = "HmacMD5"; /** * BASE64解密 * * @param key * @return * @throws Exception */ public static byte[] decryptBASE64(String key) throws Exception { return (new BASE64Decoder()).decodeBuffer(key); } /** * BASE64 加密 * * @param key * @return * @throws Exception */ public static String encryptBASE64(byte[] key) throws Exception { return (new BASE64Encoder()).encodeBuffer(key); } /** * MD5加密 * * @param data * @return * @throws Exception */ public static byte[] encryptMD5(byte[] data) throws Exception { MessageDigest md5 = MessageDigest.getInstance(KEY_MD5); md5.update(data); return md5.digest(); } /** * SHA加密 * * @param data * @return * @throws Exception */ public static byte[] encryptSHA(byte[] data) throws Exception { MessageDigest sha = MessageDigest.getInstance(KEY_SHA); sha.update(data); return sha.digest(); } /** * 初始化HMAC密钥 * * @return * @throws Exception */ public static String initMacKey() throws Exception { KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC); SecretKey secretKey = keyGenerator.generateKey(); return encryptBASE64(secretKey.getEncoded()); } /** * HMAC 加密 * * @param data * @param key * @return * @throws Exception */ public static byte[] encryptHMAC(byte[] data, String key) throws Exception { SecretKey secretKey = new SecretKeySpec(decryptBASE64(key), KEY_MAC); Mac mac = Mac.getInstance(secretKey.getAlgorithm()); mac.init(secretKey); return mac.doFinal(data); } /** * DES 算法 <br> * 可替换为以下任意一种算法,同时key值的size相应改变。 * * <pre> * DES key size must be equal to 56 * DESede(TripleDES) key size must be equal to 112 or 168 * AES key size must be equal to 128, 192 or 256,but 192 and 256 bits may not be available * Blowfish key size must be multiple of 8, and can only range from 32 to 448 (inclusive) * RC2 key size must be between 40 and 1024 bits * RC4(ARCFOUR) key size must be between 40 and 1024 bits * </pre> */ public static final String ALGORITHM = "DES"; /** * DES 算法转换密钥<br> * * @param key * @return * @throws Exception */ private static Key toKey(byte[] key) throws Exception { SecretKey secretKey = null; if (ALGORITHM.equals("DES") || ALGORITHM.equals("DESede")) { DESKeySpec dks = new DESKeySpec(key); SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM); secretKey = keyFactory.generateSecret(dks); } else { // 当使用其他对称加密算法时,如AES、Blowfish等算法时,用下述代码替换上述三行代码 secretKey = new SecretKeySpec(key, ALGORITHM); } return secretKey; } /** * DES 算法解密 * * @param data * @param key * @return * @throws Exception */ public static byte[] decrypt(byte[] data, String key) throws Exception { Key k = toKey(decryptBASE64(key)); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, k); return cipher.doFinal(data); } /** * DES 算法加密 * * @param data * @param key * @return * @throws Exception */ public static byte[] encrypt(byte[] data, String key) throws Exception { Key k = toKey(decryptBASE64(key)); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, k); return cipher.doFinal(data); } /** * DES 算法生成密钥 * * @return * @throws Exception */ public static String initKey() throws Exception { return initKey(null); } /** * DES 算法生成密钥 * * @param seed * @return * @throws Exception */ public static String initKey(String seed) throws Exception { SecureRandom secureRandom = null; if (seed != null) { secureRandom = new SecureRandom(decryptBASE64(seed)); } else { secureRandom = new SecureRandom(); } KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM); kg.init(secureRandom); SecretKey secretKey = kg.generateKey(); return encryptBASE64(secretKey.getEncoded()); } public static void main(String[] args) { try { String s = "阿伯才的覆盖"; String b = CryptUtil.encryptBASE64(s.getBytes("UTF-8")); System.out.println("BASE64加密后:" + b); byte[] c = CryptUtil.decryptBASE64(b); System.out.println("BASE64解密后:" + new String(c, "UTF-8")); c = encryptMD5(s.getBytes()); System.out.println("MD5 加密后:" + new BigInteger(c).toString(16)); c = encryptSHA(s.getBytes()); System.out.println("SHA 加密后:" + new BigInteger(c).toString(16)); String key = initMacKey(); System.out.println("HMAC密匙:" + key); c = encryptHMAC(s.getBytes(), key); System.out.println("HMAC 加密后:" + new BigInteger(c).toString(16)); key = initKey(); System.out.println(ALGORITHM + "密钥: " + key); c = encrypt(s.getBytes("UTF-8"), key); System.out.println(ALGORITHM + " 加密后:" + new BigInteger(c).toString(16)); c = decrypt(c, key); System.out.println(ALGORITHM + " 解密后:" + new String(c, "UTF-8")); } catch (UnsupportedEncodingException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } } }
转发 http://www.cnblogs.com/liubin0509/archive/2012/01/29/2331066.html