【Java安全】关于Java中常用加密/解密方法的实现

编程爱好者联盟 2017-02-17

安全问题已经成为一个越来越重要的问题,在Java中如何对重要数据进行加密解密是本文的主要内容。

一、常用的加密/解密算法

1.Base64

严格来说Base64并不是一种加密/解密算法,而是一种编码方式。Base64不生成密钥,通过Base64编码后的密文就可以直接“翻译”为明文,但是可以通过向明文中添加混淆字符来达到加密的效果。

2.DES

DES是一种基于56位密钥的对称算法,1976年被美国联邦政府的国家标准局确定为联邦资料处理标准(FIPS),随后在国际上广泛流传开来。现在DES已经不是一种安全的加密算法,已被公开破解,现在DES已经被高级加密标准(AES)所代替。

3.3DES

3DES是DES的一种派生算法,主要提升了DES的一些实用所需的安全性。

4.AES

AES是现在对称加密算法中最流行的算法之一。

二、实现所需的一些库

为了实现上述的算法,我们可以实用JDK自带的实现,也可以使用一些开源的第三方库,例如Bouncy Castle(https://www.bouncycastle.org/)和comnons codec(https://commons.apache.org/proper/commons-codec/)。

三、具体实现

1.Base64

package com.tancky.security;
 
 
 import java.io.IOException;
 
 import sun.misc.BASE64Decoder;
 import sun.misc.BASE64Encoder;
 
 public class Base64Demo {
     
     
     private static String src = "TestBase64";
     
 
     public static void main(String[] args) {
         Base64Demo.jdkBase64();
         Base64Demo.commonsCodecBase64 ();
         Base64Demo.bouncyCastleBase64 ();
     }
     
     //使用JDK的base64实现,
     public static void jdkBase64 (){
         BASE64Encoder encoder = new BASE64Encoder();
         String encode = encoder.encode(Base64Demo.src.getBytes());
         System.out.println("encode:  " + encode);
         
         BASE64Decoder decoder = new BASE64Decoder();
         try {
             String decode = new String ( decoder.decodeBuffer(encode));
             System.out.println("decode:  " + decode);
         } catch (IOException e) {
             e.printStackTrace();
         }    
     }
     
     
     //使用apache的commonsCodec实现
     public static void commonsCodecBase64 (){
         byte[] encodeBytes = org.apache.commons.codec.binary.Base64.encodeBase64(Base64Demo.src.getBytes());
         String encode = new String (encodeBytes);
         System.out.println("encode:  " + encode);
         
         byte[] decodeBytes = org.apache.commons.codec.binary.Base64.decodeBase64(encode);
         String decode = new String(decodeBytes);
         System.out.println("decode:  " + decode);
         
     }
     
     //使用bouncyCastlede实现
     public static void bouncyCastleBase64 () {
         byte[] encodeBytes = org.bouncycastle.util.encoders.Base64.encode(Base64Demo.src.getBytes()) ;
         String encode = new String (encodeBytes);
         System.out.println("encode:  " + encode);
 
         byte[] decodeBytes = org.bouncycastle.util.encoders.Base64.decode(encode);
         String decode = new String(decodeBytes);
         System.out.println("decode:  " + decode);
         
     }
 
 }

2.DES

package com.tancky.security;
 
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.Security;
 import java.security.spec.InvalidKeySpecException;
 
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.KeyGenerator;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.DESKeySpec;
 
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.util.encoders.Hex;
 
 public class DESDemo {
     
     private static String src = "TestDES";
     
     
     public static void jdkDES () {
         
         try {
             //生成密钥Key
             KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
             keyGenerator.init(56);
             SecretKey secretKey = keyGenerator.generateKey();
             byte[] bytesKey = secretKey.getEncoded();
         
             
             //KEY转换
             DESKeySpec deSedeKeySpec = new DESKeySpec(bytesKey);
             SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
             Key convertSecretKey = factory.generateSecret(deSedeKeySpec);
             
             //加密
             Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
             cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
             byte[] encodeResult = cipher.doFinal(DESDemo.src.getBytes());
             System.out.println("DESEncode :" + Hex.toHexString(encodeResult));
             
             
             //解密
             cipher.init(Cipher.DECRYPT_MODE,convertSecretKey);
             byte[] DecodeResult = cipher.doFinal(encodeResult);
             System.out.println("DESDncode :" + new String (DecodeResult));
             
             
             
         } catch (NoSuchAlgorithmException e) {
             e.printStackTrace();
         } catch (InvalidKeyException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (InvalidKeySpecException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (IllegalBlockSizeException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (BadPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         }
     
     }
     
     
     
     public static void bcDES (){
         try {
             
             
             //使用BouncyCastle 的DES加密
             Security.addProvider(new BouncyCastleProvider());
             
             
             //生成密钥Key
             KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC");
             keyGenerator.init(56);
             SecretKey secretKey = keyGenerator.generateKey();
             byte[] bytesKey = secretKey.getEncoded();
         
             
             //KEY转换
             DESKeySpec deSedeKeySpec = new DESKeySpec(bytesKey);
             SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
             Key convertSecretKey = factory.generateSecret(deSedeKeySpec);
             
             //加密
             Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
             cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
             byte[] encodeResult = cipher.doFinal(DESDemo.src.getBytes());
             System.out.println("DESEncode :" + Hex.toHexString(encodeResult));
             
             
             //解密
             cipher.init(Cipher.DECRYPT_MODE,convertSecretKey);
             byte[] DecodeResult = cipher.doFinal(encodeResult);
             System.out.println("DESDncode :" + new String (DecodeResult));
             
             
             
         } catch (NoSuchAlgorithmException e) {
             e.printStackTrace();
         } catch (InvalidKeyException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (InvalidKeySpecException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (IllegalBlockSizeException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (BadPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchProviderException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         }
     }
     
     
     public static void main(String[] args) {
         DESDemo.jdkDES ();
         DESDemo.bcDES();
     }
 
 }

3.3DES

package com.tancky.security;
 
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.Security;
 import java.security.spec.InvalidKeySpecException;
 
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.KeyGenerator;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
 import javax.crypto.SecretKeyFactory;
 
 import javax.crypto.spec.DESedeKeySpec;
 
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.util.encoders.Hex;
 
 public class TripleDESDemo {
     
     private static String src = "TestTripleDES";
     
     public static void jdkTripleDES () {
         
         try {
             //生成密钥Key
             KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
             keyGenerator.init(168);
             SecretKey secretKey = keyGenerator.generateKey();
             byte[] bytesKey = secretKey.getEncoded();
         
             
             //KEY转换
             DESedeKeySpec deSedeKeySpec = new DESedeKeySpec(bytesKey);
             SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
             Key convertSecretKey = factory.generateSecret(deSedeKeySpec);
             
             //加密
             Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
             cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
             byte[] encodeResult = cipher.doFinal(TripleDESDemo.src.getBytes());
             System.out.println("TripleDESEncode :" + Hex.toHexString(encodeResult));
             
             
             //解密
             cipher.init(Cipher.DECRYPT_MODE,convertSecretKey);
             byte[] DecodeResult = cipher.doFinal(encodeResult);
             System.out.println("TripleDESDncode :" + new String (DecodeResult));
             
             
             
         } catch (NoSuchAlgorithmException e) {
             e.printStackTrace();
         } catch (InvalidKeyException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (InvalidKeySpecException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (IllegalBlockSizeException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (BadPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         }
     
     }
 
     
     
     
 public static void bcTripleDES () {
         
         try {
             
             Security.addProvider(new BouncyCastleProvider());
             //生成密钥Key
             KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede","BC");
             keyGenerator.getProvider();
             keyGenerator.init(168);
             SecretKey secretKey = keyGenerator.generateKey();
             byte[] bytesKey = secretKey.getEncoded();
         
             
             //KEY转换
             DESedeKeySpec deSedeKeySpec = new DESedeKeySpec(bytesKey);
             SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
             Key convertSecretKey = factory.generateSecret(deSedeKeySpec);
             
             //加密
             Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
             cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
             byte[] encodeResult = cipher.doFinal(TripleDESDemo.src.getBytes());
             System.out.println("TripleDESEncode :" + Hex.toHexString(encodeResult));
             
             
             //解密
             cipher.init(Cipher.DECRYPT_MODE,convertSecretKey);
             byte[] DecodeResult = cipher.doFinal(encodeResult);
             System.out.println("TripleDESDncode :" + new String (DecodeResult));
             
             
             
         } catch (NoSuchAlgorithmException e) {
             e.printStackTrace();
         } catch (InvalidKeyException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (InvalidKeySpecException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (IllegalBlockSizeException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (BadPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchProviderException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         }
     
     }
     
     
     
     public static void main(String[] args) {
         jdkTripleDES ();
         bcTripleDES ();
 
     }
 
 }

 

 4.AES

 

package com.tancky.security;
 
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.SecureRandom;
 import java.security.Security;
 
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.KeyGenerator;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.util.encoders.Hex;
 
 public class AESDemo {
     
     private static String src = "TestAES";
     
     public static void jdkAES (){
         try {
             
             
             //生成Key
             KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
             keyGenerator.init(128);  
             //keyGenerator.init(128, new SecureRandom("seedseedseed".getBytes()));  
             //使用上面这种初始化方法可以特定种子来生成密钥,这样加密后的密文是唯一固定的。
             SecretKey secretKey = keyGenerator.generateKey();
             byte[] keyBytes = secretKey.getEncoded();
             
             //Key转换
             Key key = new SecretKeySpec(keyBytes, "AES");
             
             //加密
             Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
             cipher.init(Cipher.ENCRYPT_MODE, key);
             byte[] encodeResult = cipher.doFinal(AESDemo.src.getBytes());
             System.out.println("AESencode : " + Hex.toHexString(encodeResult) );
             
             //解密
             cipher.init(Cipher.DECRYPT_MODE, key);
             byte[] decodeResult = cipher.doFinal(encodeResult);
             System.out.println("AESdecode : " + new String (decodeResult));
             
             
         
         
         } catch (NoSuchAlgorithmException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (InvalidKeyException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (IllegalBlockSizeException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (BadPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         }
     
     }
     
     
     public static void bcAES (){
         try {
             
             //使用BouncyCastle 的DES加密
             Security.addProvider(new BouncyCastleProvider());
             
             //生成Key
             KeyGenerator keyGenerator = KeyGenerator.getInstance("AES","BC");
             keyGenerator.getProvider();
             keyGenerator.init(128);  
             SecretKey secretKey = keyGenerator.generateKey();
             byte[] keyBytes = secretKey.getEncoded();
             
             //Key转换
             Key key = new SecretKeySpec(keyBytes, "AES");
             
             //加密
             Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
             cipher.init(Cipher.ENCRYPT_MODE, key);
             byte[] encodeResult = cipher.doFinal(AESDemo.src.getBytes());
             System.out.println("AESencode : " + Hex.toHexString(encodeResult) );
             
             //解密
             cipher.init(Cipher.DECRYPT_MODE, key);
             byte[] decodeResult = cipher.doFinal(encodeResult);
             System.out.println("AESdecode : " + new String (decodeResult));
             
             
         
         
         } catch (NoSuchAlgorithmException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (InvalidKeyException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (IllegalBlockSizeException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (BadPaddingException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         } catch (NoSuchProviderException e) {
             // TODO 自动生成的 catch 块
             e.printStackTrace();
         }
     
     }
     
 
     public static void main(String[] args) {
         jdkAES();
         bcAES();
 
     }
 
 }

相关推荐