java 加密技術(二)
1 對稱加密算法
1.1 介紹
- 對稱加密算法是說加密祕鑰與解密祕鑰使用的是同一把.
- 他是屬於初等(初級)加密算法, 使用範圍廣,使用頻率高 .
- 常用對稱加密算法有
- DES
- 3DES
- AES
- PBE
- IDEA
2 DES算法
2.1 介紹
DES (Data Encryption Standard) 數據加密標準. 由美國國家標準性研究所提供, 但是自98年之後,已經被破解,安全性較差. 所以現在項目中不推薦使用DES.
默認祕鑰長度56位
2.2 代碼實現
package secret;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import org.apache.commons.codec.binary.Hex;
public class DESTest {
public static String src ="i am gc DES";
public static void main(String[] args) {
System.out.println("====jdkDES實現====");
jdkDES();
System.out.println("=================");
//運行結果
/*
====jdkDES實現====
生成的DES祕鑰:e5312a52d93b8325
加密之後的結果0b980d14f67e7e2dbf3bf45e5edc5c11
解密之後的結果:i am gc DES
=================
*/
}
public static void jdkDES(){
try {
//由DES算法生成算法生成器KeyGenerator
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
//由算法生成器生成祕鑰
SecretKey secretKey = keyGenerator.generateKey();
//將祕鑰轉成byte數組
byte[] byteKey = secretKey.getEncoded();
//將byte數組十六進制轉換成字符串
System.out.println("生成的DES祕鑰:"+Hex.encodeHexString(byteKey));
//加密
Cipher cipher = Cipher.getInstance("DES");
//加密初始化,傳入加密模式和祕鑰
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("加密之後的結果"+Hex.encodeHexString(result));
//進行byteKey的轉換
//先將byteKey生成DESKeySpec
DESKeySpec desKeySpec = new DESKeySpec(byteKey);
//再製造DES祕鑰工廠
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("DES");
//由祕鑰工廠將deskeyspec加工成SecretKey
//此時的secreteKey2與secreteKey是相等的
SecretKey secretKey2 = secretKeyFactory.generateSecret(desKeySpec);
//解密
//初始化cipher,解密模式,傳入祕鑰
cipher.init(Cipher.DECRYPT_MODE, secretKey2);
//開始解密
result = cipher.doFinal(result);
//輸出
System.out.println("解密之後的結果:"+new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
如果感興趣的話可以多次運行,比較祕鑰內容,發現每次生成的祕鑰都不一樣
3 三重DES
3.1 介紹
三重DES是對DES的補充,在密鑰長度與迭代次數都有所加強
3.2 代碼實現
package secret;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import org.apache.commons.codec.binary.Hex;
public class SDESTest {
public static String src = "i am 3DES";
public static void main(String[] args) {
System.out.println("====jdk3DES實現====");
jdk3DES();
System.out.println("=================");
//運行結果
/*====jdk3DES實現====
生成的祕鑰爲:e37616b6d920151637927c5ecb10abf2c46262bf34522abf
加密之後的結果:75e21263547078139f0953e45e5aa683
解密之後的結果:i am 3DES
=================
*/
}
public static void jdk3DES(){
//生成Key
try {
//用DESede來實例化三重DES
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
//生成祕鑰
SecretKey secretKey = keyGenerator.generateKey();
//獲取祕鑰到byte數組裏
byte[] byteKey = secretKey.getEncoded();
//輸出祕鑰
System.out.println("生成的祕鑰爲:"+Hex.encodeHexString(byteKey));
//加密
Cipher cipher = Cipher.getInstance("DESede");
//根據祕鑰進行加密
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
//輸出加密之後的密文
byte[] result = cipher.doFinal(src.getBytes());
//輸出加密結果
System.out.println("加密之後的結果:"+Hex.encodeHexString(result));
//將byteKey轉換成祕鑰
//根據byteKey生成3DES祕鑰規範
DESedeKeySpec deSedeKeySpec = new DESedeKeySpec(byteKey);
//創建3DES祕鑰工廠
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("DESede");
//生產祕鑰
SecretKey secretKey2 = secretKeyFactory.generateSecret(deSedeKeySpec);
//解密
cipher.init(Cipher.DECRYPT_MODE, secretKey2);
result = cipher.doFinal(result);
System.out.println("解密之後的結果:"+new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
4 AES加密算法
4.1 介紹
爲什麼有了3DES還要出現AES呢?因爲3DES處理效率比較慢,所以產生AES.
AES應用更加廣泛,到目前,還沒有官方報道AES被破解
4.2 代碼實現
package secret;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Hex;
public class AESTest {
public static String src = "i am AES";
public static void main(String[] args) {
jdkAES();
//運行結果
/*
生成的祕鑰爲:4a4cb6b6cffc650cc4f7010d939a64f8
加密後的結果:740bc2b2535a401eec755326a25ca134
解密後的結果:i am AES
*/
}
public static void jdkAES(){
try {
//生成祕鑰
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
//初始化KeyGenerator,密鑰長度默認
keyGenerator.init(new SecureRandom());
//生成祕鑰
SecretKey secretKey = keyGenerator.generateKey();
//生成byte數組
byte[] byteKey = secretKey.getEncoded();
//輸出
System.out.println("生成的祕鑰爲:"+Hex.encodeHexString(byteKey));
//加密
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("加密後的結果:"+Hex.encodeHexString(result));
//byteKey轉換
//AES的Key轉換與DES有點區別
Key key = new SecretKeySpec(byteKey, "AES");
//解密
cipher.init(Cipher.DECRYPT_MODE, key);
result = cipher.doFinal(result);
System.out.println("解密後的結果:"+new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
5 PBE加密
5.1 介紹
PBE加密算法結合了”消息摘要”算法與”對稱加密”算法的優勢
PBE ( Password Based Encrtption) 基於口令的加密技術
5.2 代碼實現
package secret;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.asn1.pkcs.PBEParameter;
public class PBETest {
public static String src = "i am gc PBE";
public static void main(String[] args) {
jdkPBE();
//運行結果
/*
* 加密之後的結果:e9c7035f7c54def110404a3218ed351d
* 解密之後的結果:i am gc PBE
*/
}
public static void jdkPBE() {
try {
// 初始化鹽
SecureRandom random = new SecureRandom();
// 產生一個8位的鹽,鹽必須8位長度
byte[] salt = random.generateSeed(8);
// 創建口令
String password = "gc";
// 將口令轉換成祕鑰
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
// PBEWITHMD5andDES產生祕鑰工廠
SecretKeyFactory secretKeyFactory = SecretKeyFactory
.getInstance("PBEWITHMD5andDES");
// 產生Key
Key key = secretKeyFactory.generateSecret(pbeKeySpec);
// 加密
// 產生PBE參數, 用鹽和迭代次數初始化
PBEParameterSpec pbeParameterSpec = new PBEParameterSpec(salt, 100);
Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");
cipher.init(Cipher.ENCRYPT_MODE, key, pbeParameterSpec);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("加密之後的結果:" + Hex.encodeHexString(result));
// 解密
cipher.init(Cipher.DECRYPT_MODE, key, pbeParameterSpec);
result = cipher.doFinal(result);
System.out.println("解密之後的結果:" + new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
- 文章中避免不了錯誤的出現,如果有讀者發現文章中的錯誤,或者有疑問的地方,請留言/Email To Gc
- 請轉發OR複製的同學,標註出處,尊重作者勞動成果,謝謝親
- 本篇出自GC博客
- 本文主要參考moocer老師的java實現對稱加密