java之对称加密算法
对称加密算法是以一种使用频率高的初等的加密算法,如你所想,之所以称之为加密算法,说明加密秘钥是相同,加密过程可逆,而前面介绍的base64加密,和消息摘要加密算法是不可逆的.一般的对称加密算法有DES,DES秘钥长度不够,易被破解,进而衍生除了3DES,在DES的基础上有出现了AES算法,还有PBE,IDEA等算法.
DES(Data Encryption Standrad)数据加密标准
| 秘钥长度 | 默认 | 工作模式 | 填充方式 | 实现方 |
| 56 | 56 | ECB|CBC|PCBC|CTR|CTS| CFB|CFB8|到128|OFB|OFB8到128 |
NoPadding|PKCS5Padding| ISO10126Padding |
jdk |
| 64 | 56 | 同上 | PKCS7Padding|ISO10126d2Padding| X932Padding|ISO7816d4Padding| ZeroBytePadding |
bc |
代码实现
- jdk实现
try {
//生成kye
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
keyGenerator.init(56);
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
//key转换
KeySpec keySpec = new DESKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
SecretKey convertSecretKey = factory.generateSecret(keySpec);
//加密
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk des en:"+ Hex.toHexString(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
byte[] raw = cipher.doFinal(result);
System.out.println("jdk des de:"+ new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}- bc的实现
try {
Security.addProvider(new BouncyCastleProvider());
//生成kye
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC");
keyGenerator.init(56);
System.out.println(keyGenerator.getProvider());
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
//key转换
KeySpec keySpec = new DESKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
SecretKey convertSecretKey = factory.generateSecret(keySpec);
//加密
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk des en:"+ Hex.toHexString(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
byte[] raw = cipher.doFinal(result);
System.out.println("bc des de:"+ new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}3DES在实际应用中十分广泛,但效率比较低,下面是jdk实现3DES
try {
//生成kye
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
// keyGenerator.init(168);
keyGenerator.init(new SecureRandom());//生成默认长度
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
//key转换
KeySpec keySpec = new DESedeKeySpec(bytesKey);
SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
SecretKey convertSecretKey = factory.generateSecret(keySpec);
//加密
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk 3des en:"+ Hex.toHexString(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);
byte[] raw = cipher.doFinal(result);
System.out.println("jdk 3des de:"+ new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}AES是DES算法的代替者,目前还没有被破解的消息.
java实现AES与实现DES相似
try {
//生成key
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(new SecureRandom());
SecretKey secretKye = keyGenerator.generateKey();
byte[] keyBytes = secretKye.getEncoded();
//转换key
SecretKeySpec keySpec= new SecretKeySpec(keyBytes, "AES");
//加密
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk aes en:"+ Base64.encodeBase64String(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, keySpec);
byte[] raw = cipher.doFinal(result);
System.out.println("jdk aes de:"+new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
PBE(Password Based Encryption)基于口令的加密
算法结合了消息摘要算法和对称加密算法的特点,是对已有算法是包装(口令+盐)
代码实现
try {
//初始化盐
SecureRandom secureRandom = new SecureRandom();
byte[] salt = secureRandom.generateSeed(8);
salt = new byte[]{'a','a','a','a','a','a','a','a'};
//口令与秘钥
String password = "yexiu";
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5andDES");
Key key = factory.generateSecret(pbeKeySpec);
//加密
PBEParameterSpec parameter = new PBEParameterSpec(salt, 100);
Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");
cipher.init(Cipher.ENCRYPT_MODE, key, parameter);
byte[] result = cipher.doFinal(str.getBytes());
System.out.println("jdk pbe en:"+Base64.encodeBase64String(result));
//解密
cipher.init(Cipher.DECRYPT_MODE, key, parameter);
byte[] raw = cipher.doFinal(result);
System.out.println("jdk pbe de:"+new String(raw));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}