AES加密
此文采用对称加密算法-AES,所谓对称是说发送方和接收方的密钥是一样的。
据说实现该算法的时候,设置密钥长度大于128会出现错误:Illegal key size or default parameters,这是因为美国的出口限制,Sun通过权限文件(local_policy.jar、US_export_policy.jar)做了相应限制,Oracle在其官方网站上提供了无政策限制权限文件(Unlimited Strength Jurisdiction Policy Files),我们只需要将其部署在JRE环境中,就可以解决限制问题
JDK8的无政策限制权限文件(http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html)
将下载的local_policy.jar和US_export_policy.jar替换JDK的JRE环境中,或者是JRE环境中上述两个jar文件即可(此文我没有用超长度秘钥,所以没有涉及解决该问题的代码)。
详见代码吧:
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*AES加密解密工具类
*@author M-Y
*/
public class AESUtil {
private static Logger log = LoggerFactory.getLogger(AESUtil.class);
private static final String defaultCharset = "UTF-8";
private static final String KEY_AES = "AES";
private static final String KEY = "2A3D75862E69BF61DFAD94017E930227A715C8E533AA1A12361D6";
/**
* 加密
*
* @param data 需要加密的内容
* @param key 加密密码
* @return
*/
public static String encrypt(String data, String key) {
return doAES(data, key, Cipher.ENCRYPT_MODE);
}
/**
* 解密
*
* @param data 待解密内容
* @param key 解密密钥
* @return
*/
public static String decrypt(String data, String key) {
return doAES(data, key, Cipher.DECRYPT_MODE);
}
/**
* 加解密
*
* @param data 待处理数据
* @param password 密钥
* @param mode 加解密mode
* @return
*/
private static String doAES(String data, String key, int mode) {
try {
if (StringUtils.isBlank(data) || StringUtils.isBlank(key)) {
return null;
}
//判断是加密还是解密
boolean encrypt = mode == Cipher.ENCRYPT_MODE;
byte[] content;
//true 加密内容 false 解密内容
if (encrypt) {
content = data.getBytes(defaultCharset);
} else {
content = parseHexStr2Byte(data);
}
//1.构造密钥生成器,指定为AES算法,不区分大小写
KeyGenerator kgen = KeyGenerator.getInstance(KEY_AES);
//2.根据ecnodeRules规则初始化密钥生成器
/*
* 问题我已解决,这个是由于linux和window的内核不同造成的!
* SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
* secureRandom.setSeed(PASSWORD.getBytes());
* 然后初始化,就能解决这个问题!
*/
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
secureRandom.setSeed(key.getBytes());
//生成一个128位的随机源,根据传入的字节数组
kgen.init(128, secureRandom);
//3.产生原始对称密钥
SecretKey secretKey = kgen.generateKey();
//4.获得原始对称密钥的字节数组
byte[] enCodeFormat = secretKey.getEncoded();
//5.根据字节数组生成AES密钥
SecretKeySpec keySpec = new SecretKeySpec(enCodeFormat, KEY_AES);
//6.根据指定算法AES自成密码器
Cipher cipher = Cipher.getInstance(KEY_AES);// 创建密码器
//7.初始化密码器,第一个参数为加密(Encrypt_mode)或者解密解密(Decrypt_mode)操作,第二个参数为使用的KEY
cipher.init(mode, keySpec);// 初始化
byte[] result = cipher.doFinal(content);
if (encrypt) {
//将二进制转换成16进制
return parseByte2HexStr(result);
} else {
return new String(result, defaultCharset);
}
} catch (Exception e) {
log.error("AES 密文处理异常", e);
}
return null;
}
/**
* 将二进制转换成16进制
*
* @param buf
* @return
*/
public static String parseByte2HexStr(byte buf[]) {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
return sb.toString();
}
/**
* 将16进制转换为二进制
*
* @param hexStr
* @return
*/
public static byte[] parseHexStr2Byte(String hexStr) {
if (hexStr.length() < 1) {
return null;
}
byte[] result = new byte[hexStr.length() / 2];
for (int i = 0; i < hexStr.length() / 2; i++) {
int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
result[i] = (byte) (high * 16 + low);
}
return result;
}
public static void main(String[] args) throws Exception {
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize(512, new SecureRandom());
KeyPair pair = generator.generateKeyPair();
PublicKey pubKey = pair.getPublic();
PrivateKey privKey = pair.getPrivate();
byte[] pk = pubKey.getEncoded();
byte[] privk = privKey.getEncoded();
String strpk = new String(Base64.encodeBase64(pk));
System.out.println("=====================生成公钥秘钥:"+strpk);
String strppk = new String(Base64.encodeBase64(privk));
System.out.println("=====================生成私钥秘钥:"+strppk);
//*******************************************************************************************************************
String content = "{'repairPhone':'18547854787','customPhone':'12365478965','captchav':'58m7'}";
System.out.println("加密前:" + content);
System.out.println("加密密钥和解密密钥:" + KEY);
String encrypt = encrypt(content, KEY);
System.out.println("加密后:" + encrypt);
String decrypt = decrypt(encrypt, KEY);
System.out.println("解密后:" + decrypt);
}
}