zoukankan      html  css  js  c++  java
  • 【Java安全】关于Java中常用加密/解密方法的实现

    安全问题已经成为一个越来越重要的问题,在Java中如何对重要数据进行加密解密是本文的主要内容。

    一、常用的加密/解密算法

    1.Base64

      严格来说Base64并不是一种加密/解密算法,而是一种编码方式。Base64不生成密钥,通过Base64编码后的密文就可以直接“翻译”为明文,但是可以通过向明文中添加混淆字符来达到加密的效果。

    2.DES

      DES是一种基于56位密钥的对称算法,1976年被美国联邦政府的国家标准局确定为联邦资料处理标准(FIPS),随后在国际上广泛流传开来。现在DES已经不是一种安全的加密算法,已被公开破解,现在DES已经被高级加密标准(AES)所代替。

    3.3DES

      3DES是DES的一种派生算法,主要提升了DES的一些实用所需的安全性。

    4.AES

      AES是现在对称加密算法中最流行的算法之一。

    二、实现所需的一些库

      为了实现上述的算法,我们可以实用JDK自带的实现,也可以使用一些开源的第三方库,例如Bouncy Castle(https://www.bouncycastle.org/)和comnons codec(https://commons.apache.org/proper/commons-codec/)。

    三、具体实现

      1.Base64

     1 package com.tancky.security;
     2 
     3 
     4 import java.io.IOException;
     5 
     6 import sun.misc.BASE64Decoder;
     7 import sun.misc.BASE64Encoder;
     8 
     9 public class Base64Demo {
    10     
    11     
    12     private static String src = "TestBase64";
    13     
    14 
    15     public static void main(String[] args) {
    16         Base64Demo.jdkBase64();
    17         Base64Demo.commonsCodecBase64 ();
    18         Base64Demo.bouncyCastleBase64 ();
    19     }
    20     
    21     //使用JDK的base64实现,
    22     public static void jdkBase64 (){
    23         BASE64Encoder encoder = new BASE64Encoder();
    24         String encode = encoder.encode(Base64Demo.src.getBytes());
    25         System.out.println("encode:  " + encode);
    26         
    27         BASE64Decoder decoder = new BASE64Decoder();
    28         try {
    29             String decode = new String ( decoder.decodeBuffer(encode));
    30             System.out.println("decode:  " + decode);
    31         } catch (IOException e) {
    32             e.printStackTrace();
    33         }    
    34     }
    35     
    36     
    37     //使用apache的commonsCodec实现
    38     public static void commonsCodecBase64 (){
    39         byte[] encodeBytes = org.apache.commons.codec.binary.Base64.encodeBase64(Base64Demo.src.getBytes());
    40         String encode = new String (encodeBytes);
    41         System.out.println("encode:  " + encode);
    42         
    43         byte[] decodeBytes = org.apache.commons.codec.binary.Base64.decodeBase64(encode);
    44         String decode = new String(decodeBytes);
    45         System.out.println("decode:  " + decode);
    46         
    47     }
    48     
    49     //使用bouncyCastlede实现
    50     public static void bouncyCastleBase64 () {
    51         byte[] encodeBytes = org.bouncycastle.util.encoders.Base64.encode(Base64Demo.src.getBytes()) ;
    52         String encode = new String (encodeBytes);
    53         System.out.println("encode:  " + encode);
    54 
    55         byte[] decodeBytes = org.bouncycastle.util.encoders.Base64.decode(encode);
    56         String decode = new String(decodeBytes);
    57         System.out.println("decode:  " + decode);
    58         
    59     }
    60 
    61 }

      2.DES

      

      1 package com.tancky.security;
      2 
      3 import java.security.InvalidKeyException;
      4 import java.security.Key;
      5 import java.security.NoSuchAlgorithmException;
      6 import java.security.NoSuchProviderException;
      7 import java.security.Security;
      8 import java.security.spec.InvalidKeySpecException;
      9 
     10 import javax.crypto.BadPaddingException;
     11 import javax.crypto.Cipher;
     12 import javax.crypto.IllegalBlockSizeException;
     13 import javax.crypto.KeyGenerator;
     14 import javax.crypto.NoSuchPaddingException;
     15 import javax.crypto.SecretKey;
     16 import javax.crypto.SecretKeyFactory;
     17 import javax.crypto.spec.DESKeySpec;
     18 
     19 import org.bouncycastle.jce.provider.BouncyCastleProvider;
     20 import org.bouncycastle.util.encoders.Hex;
     21 
     22 public class DESDemo {
     23     
     24     private static String src = "TestDES";
     25     
     26     
     27     public static void jdkDES () {
     28         
     29         try {
     30             //生成密钥Key
     31             KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
     32             keyGenerator.init(56);
     33             SecretKey secretKey = keyGenerator.generateKey();
     34             byte[] bytesKey = secretKey.getEncoded();
     35         
     36             
     37             //KEY转换
     38             DESKeySpec deSedeKeySpec = new DESKeySpec(bytesKey);
     39             SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
     40             Key convertSecretKey = factory.generateSecret(deSedeKeySpec);
     41             
     42             //加密
     43             Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
     44             cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
     45             byte[] encodeResult = cipher.doFinal(DESDemo.src.getBytes());
     46             System.out.println("DESEncode :" + Hex.toHexString(encodeResult));
     47             
     48             
     49             //解密
     50             cipher.init(Cipher.DECRYPT_MODE,convertSecretKey);
     51             byte[] DecodeResult = cipher.doFinal(encodeResult);
     52             System.out.println("DESDncode :" + new String (DecodeResult));
     53             
     54             
     55             
     56         } catch (NoSuchAlgorithmException e) {
     57             e.printStackTrace();
     58         } catch (InvalidKeyException e) {
     59             // TODO 自动生成的 catch 块
     60             e.printStackTrace();
     61         } catch (InvalidKeySpecException e) {
     62             // TODO 自动生成的 catch 块
     63             e.printStackTrace();
     64         } catch (NoSuchPaddingException e) {
     65             // TODO 自动生成的 catch 块
     66             e.printStackTrace();
     67         } catch (IllegalBlockSizeException e) {
     68             // TODO 自动生成的 catch 块
     69             e.printStackTrace();
     70         } catch (BadPaddingException e) {
     71             // TODO 自动生成的 catch 块
     72             e.printStackTrace();
     73         }
     74     
     75     }
     76     
     77     
     78     
     79     public static void bcDES (){
     80         try {
     81             
     82             
     83             //使用BouncyCastle 的DES加密
     84             Security.addProvider(new BouncyCastleProvider());
     85             
     86             
     87             //生成密钥Key
     88             KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC");
     89             keyGenerator.init(56);
     90             SecretKey secretKey = keyGenerator.generateKey();
     91             byte[] bytesKey = secretKey.getEncoded();
     92         
     93             
     94             //KEY转换
     95             DESKeySpec deSedeKeySpec = new DESKeySpec(bytesKey);
     96             SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
     97             Key convertSecretKey = factory.generateSecret(deSedeKeySpec);
     98             
     99             //加密
    100             Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
    101             cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
    102             byte[] encodeResult = cipher.doFinal(DESDemo.src.getBytes());
    103             System.out.println("DESEncode :" + Hex.toHexString(encodeResult));
    104             
    105             
    106             //解密
    107             cipher.init(Cipher.DECRYPT_MODE,convertSecretKey);
    108             byte[] DecodeResult = cipher.doFinal(encodeResult);
    109             System.out.println("DESDncode :" + new String (DecodeResult));
    110             
    111             
    112             
    113         } catch (NoSuchAlgorithmException e) {
    114             e.printStackTrace();
    115         } catch (InvalidKeyException e) {
    116             // TODO 自动生成的 catch 块
    117             e.printStackTrace();
    118         } catch (InvalidKeySpecException e) {
    119             // TODO 自动生成的 catch 块
    120             e.printStackTrace();
    121         } catch (NoSuchPaddingException e) {
    122             // TODO 自动生成的 catch 块
    123             e.printStackTrace();
    124         } catch (IllegalBlockSizeException e) {
    125             // TODO 自动生成的 catch 块
    126             e.printStackTrace();
    127         } catch (BadPaddingException e) {
    128             // TODO 自动生成的 catch 块
    129             e.printStackTrace();
    130         } catch (NoSuchProviderException e) {
    131             // TODO 自动生成的 catch 块
    132             e.printStackTrace();
    133         }
    134     }
    135     
    136     
    137     public static void main(String[] args) {
    138         DESDemo.jdkDES ();
    139         DESDemo.bcDES();
    140     }
    141 
    142 }

      

      3.3DES

      

      1 package com.tancky.security;
      2 
      3 import java.security.InvalidKeyException;
      4 import java.security.Key;
      5 import java.security.NoSuchAlgorithmException;
      6 import java.security.NoSuchProviderException;
      7 import java.security.Security;
      8 import java.security.spec.InvalidKeySpecException;
      9 
     10 import javax.crypto.BadPaddingException;
     11 import javax.crypto.Cipher;
     12 import javax.crypto.IllegalBlockSizeException;
     13 import javax.crypto.KeyGenerator;
     14 import javax.crypto.NoSuchPaddingException;
     15 import javax.crypto.SecretKey;
     16 import javax.crypto.SecretKeyFactory;
     17 
     18 import javax.crypto.spec.DESedeKeySpec;
     19 
     20 import org.bouncycastle.jce.provider.BouncyCastleProvider;
     21 import org.bouncycastle.util.encoders.Hex;
     22 
     23 public class TripleDESDemo {
     24     
     25     private static String src = "TestTripleDES";
     26     
     27     public static void jdkTripleDES () {
     28         
     29         try {
     30             //生成密钥Key
     31             KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
     32             keyGenerator.init(168);
     33             SecretKey secretKey = keyGenerator.generateKey();
     34             byte[] bytesKey = secretKey.getEncoded();
     35         
     36             
     37             //KEY转换
     38             DESedeKeySpec deSedeKeySpec = new DESedeKeySpec(bytesKey);
     39             SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
     40             Key convertSecretKey = factory.generateSecret(deSedeKeySpec);
     41             
     42             //加密
     43             Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
     44             cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
     45             byte[] encodeResult = cipher.doFinal(TripleDESDemo.src.getBytes());
     46             System.out.println("TripleDESEncode :" + Hex.toHexString(encodeResult));
     47             
     48             
     49             //解密
     50             cipher.init(Cipher.DECRYPT_MODE,convertSecretKey);
     51             byte[] DecodeResult = cipher.doFinal(encodeResult);
     52             System.out.println("TripleDESDncode :" + new String (DecodeResult));
     53             
     54             
     55             
     56         } catch (NoSuchAlgorithmException e) {
     57             e.printStackTrace();
     58         } catch (InvalidKeyException e) {
     59             // TODO 自动生成的 catch 块
     60             e.printStackTrace();
     61         } catch (InvalidKeySpecException e) {
     62             // TODO 自动生成的 catch 块
     63             e.printStackTrace();
     64         } catch (NoSuchPaddingException e) {
     65             // TODO 自动生成的 catch 块
     66             e.printStackTrace();
     67         } catch (IllegalBlockSizeException e) {
     68             // TODO 自动生成的 catch 块
     69             e.printStackTrace();
     70         } catch (BadPaddingException e) {
     71             // TODO 自动生成的 catch 块
     72             e.printStackTrace();
     73         }
     74     
     75     }
     76 
     77     
     78     
     79     
     80 public static void bcTripleDES () {
     81         
     82         try {
     83             
     84             Security.addProvider(new BouncyCastleProvider());
     85             //生成密钥Key
     86             KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede","BC");
     87             keyGenerator.getProvider();
     88             keyGenerator.init(168);
     89             SecretKey secretKey = keyGenerator.generateKey();
     90             byte[] bytesKey = secretKey.getEncoded();
     91         
     92             
     93             //KEY转换
     94             DESedeKeySpec deSedeKeySpec = new DESedeKeySpec(bytesKey);
     95             SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
     96             Key convertSecretKey = factory.generateSecret(deSedeKeySpec);
     97             
     98             //加密
     99             Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
    100             cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
    101             byte[] encodeResult = cipher.doFinal(TripleDESDemo.src.getBytes());
    102             System.out.println("TripleDESEncode :" + Hex.toHexString(encodeResult));
    103             
    104             
    105             //解密
    106             cipher.init(Cipher.DECRYPT_MODE,convertSecretKey);
    107             byte[] DecodeResult = cipher.doFinal(encodeResult);
    108             System.out.println("TripleDESDncode :" + new String (DecodeResult));
    109             
    110             
    111             
    112         } catch (NoSuchAlgorithmException e) {
    113             e.printStackTrace();
    114         } catch (InvalidKeyException e) {
    115             // TODO 自动生成的 catch 块
    116             e.printStackTrace();
    117         } catch (InvalidKeySpecException e) {
    118             // TODO 自动生成的 catch 块
    119             e.printStackTrace();
    120         } catch (NoSuchPaddingException e) {
    121             // TODO 自动生成的 catch 块
    122             e.printStackTrace();
    123         } catch (IllegalBlockSizeException e) {
    124             // TODO 自动生成的 catch 块
    125             e.printStackTrace();
    126         } catch (BadPaddingException e) {
    127             // TODO 自动生成的 catch 块
    128             e.printStackTrace();
    129         } catch (NoSuchProviderException e) {
    130             // TODO 自动生成的 catch 块
    131             e.printStackTrace();
    132         }
    133     
    134     }
    135     
    136     
    137     
    138     public static void main(String[] args) {
    139         jdkTripleDES ();
    140         bcTripleDES ();
    141 
    142     }
    143 
    144 }

     

       4.AES

       

      1 package com.tancky.security;
      2 
      3 import java.security.InvalidKeyException;
      4 import java.security.Key;
      5 import java.security.NoSuchAlgorithmException;
      6 import java.security.NoSuchProviderException;
      7 import java.security.SecureRandom;
      8 import java.security.Security;
      9 
     10 import javax.crypto.BadPaddingException;
     11 import javax.crypto.Cipher;
     12 import javax.crypto.IllegalBlockSizeException;
     13 import javax.crypto.KeyGenerator;
     14 import javax.crypto.NoSuchPaddingException;
     15 import javax.crypto.SecretKey;
     16 import javax.crypto.spec.SecretKeySpec;
     17 
     18 import org.bouncycastle.jce.provider.BouncyCastleProvider;
     19 import org.bouncycastle.util.encoders.Hex;
     20 
     21 public class AESDemo {
     22     
     23     private static String src = "TestAES";
     24     
     25     public static void jdkAES (){
     26         try {
     27             
     28             
     29             //生成Key
     30             KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
     31             keyGenerator.init(128);  
     32             //keyGenerator.init(128, new SecureRandom("seedseedseed".getBytes()));  
     33             //使用上面这种初始化方法可以特定种子来生成密钥,这样加密后的密文是唯一固定的。
     34             SecretKey secretKey = keyGenerator.generateKey();
     35             byte[] keyBytes = secretKey.getEncoded();
     36             
     37             //Key转换
     38             Key key = new SecretKeySpec(keyBytes, "AES");
     39             
     40             //加密
     41             Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
     42             cipher.init(Cipher.ENCRYPT_MODE, key);
     43             byte[] encodeResult = cipher.doFinal(AESDemo.src.getBytes());
     44             System.out.println("AESencode : " + Hex.toHexString(encodeResult) );
     45             
     46             //解密
     47             cipher.init(Cipher.DECRYPT_MODE, key);
     48             byte[] decodeResult = cipher.doFinal(encodeResult);
     49             System.out.println("AESdecode : " + new String (decodeResult));
     50             
     51             
     52         
     53         
     54         } catch (NoSuchAlgorithmException e) {
     55             // TODO 自动生成的 catch 块
     56             e.printStackTrace();
     57         } catch (NoSuchPaddingException e) {
     58             // TODO 自动生成的 catch 块
     59             e.printStackTrace();
     60         } catch (InvalidKeyException e) {
     61             // TODO 自动生成的 catch 块
     62             e.printStackTrace();
     63         } catch (IllegalBlockSizeException e) {
     64             // TODO 自动生成的 catch 块
     65             e.printStackTrace();
     66         } catch (BadPaddingException e) {
     67             // TODO 自动生成的 catch 块
     68             e.printStackTrace();
     69         }
     70     
     71     }
     72     
     73     
     74     public static void bcAES (){
     75         try {
     76             
     77             //使用BouncyCastle 的DES加密
     78             Security.addProvider(new BouncyCastleProvider());
     79             
     80             //生成Key
     81             KeyGenerator keyGenerator = KeyGenerator.getInstance("AES","BC");
     82             keyGenerator.getProvider();
     83             keyGenerator.init(128);  
     84             SecretKey secretKey = keyGenerator.generateKey();
     85             byte[] keyBytes = secretKey.getEncoded();
     86             
     87             //Key转换
     88             Key key = new SecretKeySpec(keyBytes, "AES");
     89             
     90             //加密
     91             Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
     92             cipher.init(Cipher.ENCRYPT_MODE, key);
     93             byte[] encodeResult = cipher.doFinal(AESDemo.src.getBytes());
     94             System.out.println("AESencode : " + Hex.toHexString(encodeResult) );
     95             
     96             //解密
     97             cipher.init(Cipher.DECRYPT_MODE, key);
     98             byte[] decodeResult = cipher.doFinal(encodeResult);
     99             System.out.println("AESdecode : " + new String (decodeResult));
    100             
    101             
    102         
    103         
    104         } catch (NoSuchAlgorithmException e) {
    105             // TODO 自动生成的 catch 块
    106             e.printStackTrace();
    107         } catch (NoSuchPaddingException e) {
    108             // TODO 自动生成的 catch 块
    109             e.printStackTrace();
    110         } catch (InvalidKeyException e) {
    111             // TODO 自动生成的 catch 块
    112             e.printStackTrace();
    113         } catch (IllegalBlockSizeException e) {
    114             // TODO 自动生成的 catch 块
    115             e.printStackTrace();
    116         } catch (BadPaddingException e) {
    117             // TODO 自动生成的 catch 块
    118             e.printStackTrace();
    119         } catch (NoSuchProviderException e) {
    120             // TODO 自动生成的 catch 块
    121             e.printStackTrace();
    122         }
    123     
    124     }
    125     
    126 
    127     public static void main(String[] args) {
    128         jdkAES();
    129         bcAES();
    130 
    131     }
    132 
    133 }
  • 相关阅读:
    Ajax和Jsonp的工作原理,以及区别。
    git与GitHub
    Cookie的作用以及封装的方法
    关于angular-route后获取路由标签的一些问题
    javascriptDOM节点
    字符串转化为对象的方法
    将"goOd gooD stUdy dAy dAy up"每个单词的首字母转换成大写其余还是小写字母
    利用HashSet对list集合去重
    集合之Iterator迭代器
    java常用API之System类
  • 原文地址:https://www.cnblogs.com/tancky/p/6409823.html
Copyright © 2011-2022 走看看