1.jdk與bc實現DES算法:
package com.samlai.security;import java.security.Key;import java.security.NoSuchAlgorithmException;import java.security.Security;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESKeySpec;import org.apache.commons.codec.binary.Hex;import org.bouncycastle.jce.PRovider.BouncyCastleProvider;public class DesStudy { /** * 對稱加密算法---DES * */ private static String STR = "one type of security:DES"; public static void main(String[] args) { jdkDES(); bcDES(); } // jdk的DES public static void jdkDES() { try { // 生成key KeyGenerator keyGenerator = KeyGenerator.getInstance("DES"); //打斷點可以查看對應keyGenerator.getProvider()是哪個class:BC keyGenerator.getProvider(); keyGenerator.init(56); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); // Key轉換 DESKeySpec desKeySpec = new DESKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DES"); Key converSecretKey = factory.generateSecret(desKeySpec); // 加密 Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, converSecretKey); byte[] result = cipher.doFinal(STR.getBytes()); System.out .println("jdk des encode: " + Hex.encodeHexString(result)); // 解密 cipher.init(Cipher.DECRYPT_MODE, converSecretKey); result = cipher.doFinal(result); System.out.println("jdk des decode: " + new String(result)); } catch (Exception e) { e.printStackTrace(); } } // bc方式的DES public static void bcDES() { try { Security.addProvider(new BouncyCastleProvider()); // 生成key KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC"); //打斷點可以查看對應keyGenerator.getProvider()是哪個class:BC keyGenerator.getProvider(); keyGenerator.init(56); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); // Key轉換 DESKeySpec desKeySpec = new DESKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DES"); Key converSecretKey = factory.generateSecret(desKeySpec); // 加密 Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, converSecretKey); byte[] result = cipher.doFinal(STR.getBytes()); System.out .println("bc des encode: " + Hex.encodeHexString(result)); // 解密 cipher.init(Cipher.DECRYPT_MODE, converSecretKey); result = cipher.doFinal(result); System.out.println("bc des decode: " + new String(result)); } catch (Exception e) { e.printStackTrace(); } }}運行的結果是:
jdk des encode: 78a3c4cff016308a7d916fd3f072d35682c4fd7bdb1ef9357cfc890d711ce6dajdk des decode: one type of security:DESbc des encode: 6b0daa8478df9ed8ae70f2e442e0eedd996aa8412ac951859bc7a00188cb1c63bc des decode: one type of security:DES2.三重DES使用jdk,bc方式進行實現:
package com.samlai.security;import java.security.Key;import java.security.SecureRandom;import java.security.Security;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESKeySpec;import javax.crypto.spec.DESedeKeySpec;import org.apache.commons.codec.binary.Hex;import org.bouncycastle.jce.provider.BouncyCastleProvider;import org.bouncycastle.jce.provider.JCEBlockCipher.DESede;public class ThreeDesStudy { /** * 為什么使用3DES: 補充DES的不足,因為其違反了柯克霍夫原則,與安全性問題 * 優點: 1.密鑰長度增強 2.迭代次數提高 */ private static String STR = "one type of security:3DES"; public static void main(String[] args) { jdk3DES(); bc3DES(); } // jdk的DES public static void jdk3DES() { try { // 生成key KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede"); // 打斷點可以查看對應keyGenerator.getProvider()是哪個class:BC keyGenerator.getProvider(); // 長度比des長,比如168位 // keyGenerator.init(168); keyGenerator.init(new SecureRandom()); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); // Key轉換 DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede"); Key converSecretKey = factory.generateSecret(desKeySpec); // 加密 Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, converSecretKey); byte[] result = cipher.doFinal(STR.getBytes()); System.out.println("jdk 3des encode: " + Hex.encodeHexString(result)); // 解密 cipher.init(Cipher.DECRYPT_MODE, converSecretKey); result = cipher.doFinal(result); System.out.println("jdk 3des decode: " + new String(result)); } catch (Exception e) { e.printStackTrace(); } } // bc方式的3DES public static void bc3DES() { try { Security.addProvider(new BouncyCastleProvider()); // 生成key KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede", "BC"); // 打斷點可以查看對應keyGenerator.getProvider()是哪個class:BC keyGenerator.getProvider(); keyGenerator.init(new SecureRandom()); SecretKey secretKey = keyGenerator.generateKey(); byte[] bytesKey = secretKey.getEncoded(); // Key轉換 DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey); SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede"); Key converSecretKey = factory.generateSecret(desKeySpec); // 加密 Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, converSecretKey); byte[] result = cipher.doFinal(STR.getBytes()); System.out .println("bc 3des encode: " + Hex.encodeHexString(result)); // 解密 cipher.init(Cipher.DECRYPT_MODE, converSecretKey); result = cipher.doFinal(result); System.out.println("bc 3des decode: " + new String(result)); } catch (Exception e) { e.printStackTrace(); } }}運行的結果是:jdk 3des encode: 1db97710868ab0cb03c0f7c5f919a9904d8b19baad82828f7384a70555e141a7jdk 3des decode: one type of security:3DESbc 3des encode: e8c29dc519020175d5603aefb46aa586ae0f37afdc67dfcfcb4706b92fbe40fcbc 3des decode: one type of security:3DES
3.jdk,bc實現AES的算法:
package com.samlai.security;import java.security.Key;import java.security.Security;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.SecretKey;import javax.crypto.spec.SecretKeySpec;import org.apache.commons.codec.binary.Base64;import org.bouncycastle.jce.provider.BouncyCastleProvider;public class AESStudy { /** * 比較普遍使用,效率比3DES效果高,安全性也比較高,高級,DES替代者 */ private static String STR = "one type of security:AES"; public static void main(String[] args) { jdkAES(); bcAES(); } //jdk實現:256位限制性政策性文件 public static void jdkAES(){ try { //生成key KeyGenerator keyGenerator=KeyGenerator.getInstance("AES"); //可以是128 256// keyGenerator.init(new SecureRandom()); keyGenerator.init(128); SecretKey secretKey=keyGenerator.generateKey(); byte[] keyBytes=secretKey.getEncoded(); //key的轉換 Key key=new SecretKeySpec(keyBytes, "AES"); //加密 Cipher cipher=Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, key); byte[] result=cipher.doFinal(STR.getBytes()); System.out.println("jdk AES encode: "+Base64.encodeBase64String(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, key); result=cipher.doFinal(result); System.out.println("jdk AES decode:"+new String(result)); } catch (Exception e) { e.printStackTrace(); } } //bc實現AES public static void bcAES(){ try { Security.addProvider(new BouncyCastleProvider()); //生成key KeyGenerator keyGenerator=KeyGenerator.getInstance("AES","BC"); keyGenerator.getProvider(); //可以是128 256 keyGenerator.init(128); SecretKey secretKey=keyGenerator.generateKey(); byte[] keyBytes=secretKey.getEncoded(); //key的轉換 Key key=new SecretKeySpec(keyBytes, "AES"); //加密 Cipher cipher=Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, key); byte[] result=cipher.doFinal(STR.getBytes()); System.out.println("bc AES encode: "+Base64.encodeBase64String(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, key); result=cipher.doFinal(result); System.out.println("bc AES decode:"+new String(result)); } catch (Exception e) { e.printStackTrace(); } } }運行的結果:
jdk AES encode: 1OYQyHApgsyqFXRolOPing39HY9yBfAJGF0tagOEmEA=jdk AES decode:one type of security:AESbc AES encode: PbvF8JGq8B4x7NQtO6t2/qY/muDb/eijHa9zGIxQj7k=bc AES decode:one type of security:AES
4.使用jdk實現PBE算法:
package com.samlai.security.xEs;import java.security.Key;import java.security.SecureRandom;import javax.crypto.Cipher;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.PBEKeySpec;import javax.crypto.spec.PBEParameterSpec;import org.apache.commons.codec.binary.Base64;public class PbeStudy { /** * PBE算法結合了消息摘要算法和對稱加密算法的優點 * PBE(PassWord Based Encryption)基于口令加密 -- Salt * 對已有算法的包裝 * JDK BC * 鹽 * PBEWithmd5AndDES */ private static String STR = "one type of security:PBE"; public static void main(String[] args) { jdkPBE(); } //jdk實現PBE public static void jdkPBE(){ try { //初始化鹽 SecureRandom random=new SecureRandom(); byte[] salt=random.generateSeed(8); //口令與密鑰 String password="studySecurity"; PBEKeySpec pbeKeySpec=new PBEKeySpec(password.toCharArray()); SecretKeyFactory factory=SecretKeyFactory.getInstance("PBEWITHMD5andDES"); Key key=factory.generateSecret(pbeKeySpec); //加密 PBEParameterSpec pbeParameterSpec=new PBEParameterSpec(salt, 100); Cipher cipher=Cipher.getInstance("PBEWITHMD5andDES"); cipher.init(Cipher.ENCRYPT_MODE, key,pbeParameterSpec); byte[] result=cipher.doFinal(STR.getBytes()); System.out.println("jdk PBE encode: "+Base64.encodeBase64String(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, key,pbeParameterSpec); result=cipher.doFinal(result); System.out.println("jdk PBE decode: "+new String(result)); } catch (Exception e) { e.printStackTrace(); } }}運行的結果:jdk PBE encode: LMjza18BhB0jgGmngAGwW+cb3sblayHKHB/tmDFM9m0=jdk PBE decode: one type of security:PBE
新聞熱點
疑難解答
