知乎專欄 | 多維度架構 | 微信號 netkiller-ebook | QQ群:128659835 請註明“讀者” |
目錄
package cn.netkiller.crypto; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.security.MessageDigest; import java.security.SecureRandom; public class TestAES { public static void main(String[] args) { // TODO Auto-generated method stub String key = "fm6I1D2HTFVVOWUKny76TThagNq5Czrv"; String clean = "Helloworld!!!"; try { byte[] encrypted = encrypt(clean, key); String decrypted = decrypt(encrypted, key); System.out.println(decrypted); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } } public static byte[] encrypt(String plainText, String key) throws Exception { byte[] clean = plainText.getBytes(); // Generating IV. int ivSize = 16; byte[] iv = new byte[ivSize]; SecureRandom random = new SecureRandom(); random.nextBytes(iv); IvParameterSpec ivParameterSpec = new IvParameterSpec(iv); // Hashing key. MessageDigest digest = MessageDigest.getInstance("SHA-256"); digest.update(key.getBytes("UTF-8")); byte[] keyBytes = new byte[16]; System.arraycopy(digest.digest(), 0, keyBytes, 0, keyBytes.length); SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES"); // Encrypt. Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec); byte[] encrypted = cipher.doFinal(clean); // Combine IV and encrypted part. byte[] encryptedIVAndText = new byte[ivSize + encrypted.length]; System.arraycopy(iv, 0, encryptedIVAndText, 0, ivSize); System.arraycopy(encrypted, 0, encryptedIVAndText, ivSize, encrypted.length); return encryptedIVAndText; } public static String decrypt(byte[] encryptedIvTextBytes, String key) throws Exception { int ivSize = 16; int keySize = 16; // Extract IV. byte[] iv = new byte[ivSize]; System.arraycopy(encryptedIvTextBytes, 0, iv, 0, iv.length); IvParameterSpec ivParameterSpec = new IvParameterSpec(iv); // Extract encrypted part. int encryptedSize = encryptedIvTextBytes.length - ivSize; byte[] encryptedBytes = new byte[encryptedSize]; System.arraycopy(encryptedIvTextBytes, ivSize, encryptedBytes, 0, encryptedSize); // Hash key. byte[] keyBytes = new byte[keySize]; MessageDigest md = MessageDigest.getInstance("SHA-256"); md.update(key.getBytes()); System.arraycopy(md.digest(), 0, keyBytes, 0, keyBytes.length); SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, "AES"); // Decrypt. Cipher cipherDecrypt = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipherDecrypt.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec); byte[] decrypted = cipherDecrypt.doFinal(encryptedBytes); return new String(decrypted); } }
上面是 byte 類型使用中不是很方便,尤其是WEB中作為參數傳遞的情況,所以我們使用 BASE64編碼
package cn.netkiller.crypto; import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec; import java.util.Base64.*; /** * @author netkiller * */ public class aes { public static String encrypt(String input, String key) { byte[] crypted = null; try { SecretKeySpec skey = new SecretKeySpec(key.getBytes(), "AES"); Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, skey); crypted = cipher.doFinal(input.getBytes()); } catch (Exception e) { System.out.println(e.toString()); } java.util.Base64.Encoder encoder = java.util.Base64.getEncoder(); return new String(encoder.encodeToString(crypted)); } public static String decrypt(String input, String key) { byte[] output = null; try { java.util.Base64.Decoder decoder = java.util.Base64.getDecoder(); SecretKeySpec skey = new SecretKeySpec(key.getBytes(), "AES"); Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, skey); output = cipher.doFinal(decoder.decode(input)); } catch (Exception e) { System.out.println(e.toString()); } return new String(output); } /** * @param args */ public static void main(String[] args) { // TODO Auto-generated method stub String key = "mvLBiZsiTbGwrfJB"; String data = "ABC"; System.out.println(aes.encrypt(data, key)); System.out.println(aes.decrypt(aes.encrypt(data, key), key)); } }
package cn.netkiller.security; import java.util.Base64; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; public class AES { private static final String initVector = "encryptionIntVec"; private String key; public AES(String key) { // TODO Auto-generated constructor stub this.key = key; } public String encrypt(String value) { return this.encrypt(value, this.key); } public String encrypt(String value, String key) { try { IvParameterSpec ivParameterSpec = new IvParameterSpec(initVector.getBytes("UTF-8")); SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING"); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec); byte[] encrypted = cipher.doFinal(value.getBytes()); return Base64.getEncoder().encodeToString(encrypted); } catch (Exception ex) { ex.printStackTrace(); } return null; } public String decrypt(String encrypted) { return this.decrypt(encrypted, this.key); } public String decrypt(String encrypted, String key) { try { IvParameterSpec ivParameterSpec = new IvParameterSpec(initVector.getBytes("UTF-8")); SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING"); cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec); byte[] original = cipher.doFinal(Base64.getDecoder().decode(encrypted)); return new String(original); } catch (Exception ex) { ex.printStackTrace(); } return null; } public static void main(String[] args) { // key 長度16個位元組 String key = "www.netkiller.cn"; System.out.println(key.length()); AES aes = new AES(key); String en = aes.encrypt("Helloworld!!!"); String de = aes.decrypt(en); System.out.println(en); System.out.println(de); } }