一.代码
package com.handler;
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class AES256Encryption{
public static final String KEY_ALGORITHM="AES";
public static final String CIPHER_ALGORITHM="AES/ECB/PKCS7Padding";
public static byte[] initkey() throws Exception{
//实例化密钥生成器
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
KeyGenerator kg=KeyGenerator.getInstance(KEY_ALGORITHM, "BC");
kg.init(256);
kg.init(128);
SecretKey secretKey=kg.generateKey();
return secretKey.getEncoded();
}
public static byte[] initRootKey() throws Exception{
return new byte[] { 0x08, 0x08, 0x04, 0x0b, 0x02, 0x0f, 0x0b, 0x0c,
0x01, 0x03, 0x09, 0x07, 0x0c, 0x03, 0x07, 0x0a, 0x04, 0x0f,
0x06, 0x0f, 0x0e, 0x09, 0x05, 0x01, 0x0a, 0x0a, 0x01, 0x09,
0x06, 0x07, 0x09, 0x0d };
}
public static Key toKey(byte[] key) throws Exception{
SecretKey secretKey=new SecretKeySpec(key,KEY_ALGORITHM);
return secretKey;
}
public static byte[] encrypt(byte[] data,byte[] key) throws Exception{
Key k=toKey(key);
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
Cipher cipher=Cipher.getInstance(CIPHER_ALGORITHM, "BC");
cipher.init(Cipher.ENCRYPT_MODE, k);
return cipher.doFinal(data);
}
public static byte[] decrypt(byte[] data,byte[] key) throws Exception{
Key k =toKey(key);
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
Cipher cipher=Cipher.getInstance(CIPHER_ALGORITHM, "BC");
cipher.init(Cipher.DECRYPT_MODE, k);
return cipher.doFinal(data);
}
public static void main(String[] args) throws UnsupportedEncodingException{
String str="芸sweet";
//打印原文
System.out.println("原文:"+str);
//密钥
byte[] key;
try {
//生成随机密钥
key = AES256Encryption.initkey();
//打印密钥
System.out.print("密钥:");
for(int i = 0;i
System.out.printf("%x", key[i]);
}
System.out.print("\n");
//加密
byte[] data=AES256Encryption.encrypt(str.getBytes(), key);
//打印密文
System.out.print("加密后:");
for(int i = 0;i
System.out.printf("%x", data[i]);
}
System.out.print("\n");
//解密密文
data=AES256Encryption.decrypt(data, key);
//打印原文
System.out.println("解密后:"+new String(data));
} catch (Exception e) {
e.printStackTrace();
}
}
}
二.注意
1.需要在工程中引入 bcprov-jdk15-133.jar
下载链接:http://pan.baidu.com/s/1dDBY9xB
2.替换\jre\lib\security下的
local_policy.jar 和 US_export_policy.jar
下载链接:
http://pan.baidu.com/s/1dDBY9xB
1)如果程序使用是系统jdk,则替换系统环境变量的jdk中
\jre\lib\security下
的
jar
包。
2)如果程序是在MyEclipse中运行,则找到MyEclipse使用的jdk(方法:在MyEclipse里面进入window->Preferences->java选项里面有一个Installed JREs的选项,点击右边会出现一个列表,里面有你现在用到的JDK版本及路径),替换该
jdk中
\jre\lib\security下
的
jar
包。
可以解决:
java.security.InvalidKeyException: Illegal key size or default parameters异常
三.如果密钥需要存入数据库,则需要对密钥进行base64编码,即将密钥(byte数组)通过base64编码转换成密钥(String类型);从数据库中读取密钥时,则使用base64解码,即将密钥(String类型)转换成密钥(byte数组)。详见《Java实现base64编码》