Java加密系列之(四)对称加密算法,java加密算法
分享于 点击 30633 次 点评:79
Java加密系列之(四)对称加密算法,java加密算法
对称加密算法,是目前应用范围最广,使用频率最高的加密算法
加密密钥=解密密钥,所以叫对称加密算法。
初等:安全性不是那么高
DES
——密钥长度不够,衍生出3重des,即3DES
AES
PBE
IDEA
对称加密算法——DES
DES(Data Encryption Standard)数据加密标准官方出身,98年已被破解
目前一般已不被使用,当做一些案例(教科书)或者遗留的很老的系统中还在使用
在对称加解密的发展过程中地位很高,有必要介绍下
加解密过程:
1.发送者构建密钥;
2.发送者公布密钥给接收者;
3.发送者使用密钥对数据加密;
4.发送者发送加密数据到接收者;
5.接收者使用密钥对数据解密。
package com.tvm.mrz.security.des;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class DESTest {
private static String src = "Mr.Z Security Base64";
public static void jdkDES() {
try {
// 生成KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance( "DES" );
keyGenerator.init( 56 );
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// KEY转换
DESKeySpec desKeySpec = new DESKeySpec( bytesKey );
SecretKeyFactory factory = SecretKeyFactory.getInstance( "DES" );
SecretKey resultSecretKey = factory.generateSecret( desKeySpec );
// 加密
Cipher cipher = Cipher.getInstance( "DES/ECB/PKCS5Padding" );
cipher.init( Cipher.ENCRYPT_MODE, resultSecretKey );
byte[] result = cipher.doFinal( src.getBytes() );
System.out.println( "JDK DES ENCRYPT: " + Hex.encodeHexString( result ) );
// 加密
cipher.init( Cipher.DECRYPT_MODE, resultSecretKey );
result = cipher.doFinal( result );
System.out.println( "JDK DES DECRYPT: " + new String( result ) );
} catch( Exception e ) {
e.printStackTrace();
}
}
public static void bcDES() {
try {
Security.addProvider( new BouncyCastleProvider() );
// 生成KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance( "DES", "BC" );
keyGenerator.init( 56 );
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// KEY转换
DESKeySpec desKeySpec = new DESKeySpec( bytesKey );
SecretKeyFactory factory = SecretKeyFactory.getInstance( "DES" );
SecretKey resultSecretKey = factory.generateSecret( desKeySpec );
// 加密
Cipher cipher = Cipher.getInstance( "DES/ECB/PKCS5Padding" );
cipher.init( Cipher.ENCRYPT_MODE, resultSecretKey );
byte[] result = cipher.doFinal( src.getBytes() );
System.out.println( "BC DES ENCRYPT: " + Hex.encodeHexString( result ) );
// 加密
cipher.init( Cipher.DECRYPT_MODE, resultSecretKey );
result = cipher.doFinal( result );
System.out.println( "BC DES DECRYPT: " + new String( result ) );
} catch( Exception e ) {
e.printStackTrace();
}
}
public static void main( String[] args ) {
jdkDES();
bcDES();
}
}
对称加密算法——3重DES
好处:1.密钥长度增强
2.迭代次数提高
package com.tvm.mrz.security.des;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.DESedeKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class DES3Test {
private static String src = "Mr.Z Security Base64";
public static void jdk3DES() {
try {
// 生成KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance( "DESede" );
// keyGenerator.init( 168 );
keyGenerator.init( new SecureRandom() );
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// KEY转换
DESedeKeySpec desKeySpec = new DESedeKeySpec( bytesKey );
SecretKeyFactory factory = SecretKeyFactory.getInstance( "DESede" );
SecretKey resultSecretKey = factory.generateSecret( desKeySpec );
// 加密
Cipher cipher = Cipher.getInstance( "DESede/ECB/PKCS5Padding" );
cipher.init( Cipher.ENCRYPT_MODE, resultSecretKey );
byte[] result = cipher.doFinal( src.getBytes() );
System.out.println( "JDK 3DES ENCRYPT: " + Hex.encodeHexString( result ) );
// 加密
cipher.init( Cipher.DECRYPT_MODE, resultSecretKey );
result = cipher.doFinal( result );
System.out.println( "JDK 3DES DECRYPT: " + new String( result ) );
} catch( Exception e ) {
e.printStackTrace();
}
}
public static void bc3DES() {
try {
Security.addProvider( new BouncyCastleProvider() );
// 生成KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance( "DESede", "BC" );
keyGenerator.init( 168 );
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// KEY转换
DESedeKeySpec desKeySpec = new DESedeKeySpec( bytesKey );
SecretKeyFactory factory = SecretKeyFactory.getInstance( "DESede" );
SecretKey resultSecretKey = factory.generateSecret( desKeySpec );
// 加密
Cipher cipher = Cipher.getInstance( "DESede/ECB/PKCS5Padding" );
cipher.init( Cipher.ENCRYPT_MODE, resultSecretKey );
byte[] result = cipher.doFinal( src.getBytes() );
System.out.println( "BC 3DES ENCRYPT: " + Hex.encodeHexString( result ) );
// 加密
cipher.init( Cipher.DECRYPT_MODE, resultSecretKey );
result = cipher.doFinal( result );
System.out.println( "BC 3DES DECRYPT: " + new String( result ) );
} catch( Exception e ) {
e.printStackTrace();
}
}
public static void main( String[] args ) {
jdk3DES();
bc3DES();
}
}
对称加密算法——AES
AES是目前使用最多的对称加密算法通常用于移动通信系统加密以及基于SSH协议的软件。如:SSH Client、secureCRT
特点:
高级
DES替代者
package com.tvm.mrz.security.aes;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
public class AESTest {
private static String src = "Mr.Z Security AES";
public static void jdkAES() {
try {
// 生成KEY
KeyGenerator keyGenerator = KeyGenerator.getInstance( "AES" );
keyGenerator.init( 128 );
SecretKey secretKey = keyGenerator.generateKey();
byte[] bytesKey = secretKey.getEncoded();
// KEY转换
Key key = new SecretKeySpec( bytesKey, "AES" );
// 加密
Cipher cipher = Cipher.getInstance( "AES/ECB/PKCS5Padding" );
cipher.init( Cipher.ENCRYPT_MODE, key );
byte[] result = cipher.doFinal( src.getBytes() );
System.out.println( "JDK AES ENCRYPT: " + Base64.encodeBase64String( result ) );
// 加密
cipher.init( Cipher.DECRYPT_MODE, key );
result = cipher.doFinal( result );
System.out.println( "JDK AES DECRYPT: " + new String( result ) );
} catch( Exception e ) {
e.printStackTrace();
}
}
public static void bcAES() {
// TODO
// 和DES的bc实现都类似
}
public static void main( String[] args ) {
jdkAES();
bcAES();
}
}
对称加密算法——PBE
AES、DES和3重DES在使用上比较一致PBE是一个另类,它综合了消息摘要算法和对称加密算法的优点,形成了一个特殊的对称加密算法
PBE(Password Based Encryption)基于口令加密
对已有算法的包装,如PBEWithMD5AndDES
加解密过程:
1.发送者构建口令;
2.发送者公布口令给接收者;
3.发送者构建盐;
4.发送者使用口令、盐对数据加密;
5.发送者发送盐、加密数据到接收者;
6.接收者使用口令、盐对数据解密。
package com.tvm.mrz.security.pbe;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.apache.commons.codec.binary.Base64;
public class PBETest {
private static String src = "Mr.Z Security PBE";
public static void jdkPBE() {
try {
// 初始化盐
SecureRandom random = new SecureRandom();
byte[] salt = random.generateSeed( 8 );
// 口令与密钥
String password = "Mr.Z";
PBEKeySpec pbeKeySpec = new PBEKeySpec( password.toCharArray() );
SecretKeyFactory factory = SecretKeyFactory.getInstance( "PBEWithMD5AndDES" );
Key key = factory.generateSecret( pbeKeySpec );
// 加密
PBEParameterSpec pbeParameterSpec = new PBEParameterSpec( salt, 100 );
Cipher cipher = Cipher.getInstance( "PBEWithMD5AndDES" );
cipher.init( Cipher.ENCRYPT_MODE, key, pbeParameterSpec );
byte[] result = cipher.doFinal( src.getBytes() );
System.out.println( "jdk pbe ENCRYPT:" + Base64.encodeBase64String( result ) );
// 解密
cipher.init( Cipher.DECRYPT_MODE, key, pbeParameterSpec );
result = cipher.doFinal( result );
System.out.println( "jdk pbe DECRYPT:" + new String( result ) );
} catch( Exception e ) {
e.printStackTrace();
}
}
public static void main( String[] args ) {
jdkPBE();
}
}
相关文章
- 暂无相关文章
用户点评