最近生活乱七八糟,什么都懒上了天。感觉自己会的东西好少 领导新分配了一个任务,让我将http换成https,对参数进行加密 可选择有两个加密算法AES和RSA 由于公司内部使用,且数据量大,可以用私钥。于是就用AES。
AES
1.概念
AES又叫Rijndael算法,是DES升级的加密标准,运行要求低,不需计算机有非常高的处理能力和大的内存;
操作可以很容易的抵御时间和空间的攻击,在不同的运行环境下始终保持良好的性能;
AES密钥长度:最长只有256bit,可用软件和硬件实现高速处理;
密钥管理:要求在通信前对密钥进行秘密分配,解密的私钥必须通过网络传送至加密数据接收方;
AES加密速度很快;
对称加密;
2.帮助类
import java
.io
.UnsupportedEncodingException
;
import java
.security
.InvalidKeyException
;
import java
.security
.NoSuchAlgorithmException
;
import java
.security
.SecureRandom
;
import javax
.crypto
.BadPaddingException
;
import javax
.crypto
.Cipher
;
import javax
.crypto
.IllegalBlockSizeException
;
import javax
.crypto
.KeyGenerator
;
import javax
.crypto
.NoSuchPaddingException
;
import javax
.crypto
.SecretKey
;
import javax
.crypto
.spec
.SecretKeySpec
;
import com
.util
.encrypt
.Base64
;
import sun
.misc
.BASE64Decoder
;
import sun
.misc
.BASE64Encoder
;
public class AesEncrypt {
private static final String AES_STR
= "AES";
private static final String SHA1PRNG_STR
= "SHA1PRNG";
public static String
encrypt(String bef_aes
, String password
) {
byte[] byteContent
= null
;
try {
byteContent
= bef_aes
.getBytes("utf-8");
} catch (UnsupportedEncodingException e
) {
e
.printStackTrace();
}
return encrypt(byteContent
,password
);
}
public static String
encrypt(byte[] content
, String password
) {
try {
SecretKey secretKey
= getKey(password
);
byte[] enCodeFormat
= secretKey
.getEncoded();
SecretKeySpec key
= new SecretKeySpec(enCodeFormat
, AES_STR
);
Cipher cipher
= Cipher
.getInstance(AES_STR
);
cipher
.init(Cipher
.ENCRYPT_MODE
, key
);
byte[] result
= cipher
.doFinal(content
);
String aft_aes
= parseByte2HexStr(result
);
return aft_aes
;
} catch (NoSuchAlgorithmException e
) {
e
.printStackTrace();
} catch (NoSuchPaddingException e
) {
e
.printStackTrace();
} catch (InvalidKeyException e
) {
e
.printStackTrace();
} catch (IllegalBlockSizeException e
) {
e
.printStackTrace();
} catch (BadPaddingException e
) {
e
.printStackTrace();
}
return null
;
}
public static String
decrypt(String aft_aes_base64
, String password
,String charset
){
String aft_aes
="";
try {
aft_aes
= Base64
.decode(aft_aes_base64
);
} catch (UnsupportedEncodingException e
) {
e
.printStackTrace();
}
return decrypt(aft_aes
,password
);
}
public static String
decrypt(String aft_aes
, String password
) {
try {
byte[] content
= parseHexStr2Byte(aft_aes
);
SecretKey secretKey
= getKey(password
);
byte[] enCodeFormat
= secretKey
.getEncoded();
SecretKeySpec key
= new SecretKeySpec(enCodeFormat
, AES_STR
);
Cipher cipher
= Cipher
.getInstance(AES_STR
);
cipher
.init(Cipher
.DECRYPT_MODE
, key
);
byte[] result
= cipher
.doFinal(content
);
String bef_aes
= new String(result
);
return bef_aes
;
} catch (NoSuchAlgorithmException e
) {
e
.printStackTrace();
} catch (NoSuchPaddingException e
) {
e
.printStackTrace();
} catch (InvalidKeyException e
) {
e
.printStackTrace();
} catch (IllegalBlockSizeException e
) {
e
.printStackTrace();
} catch (BadPaddingException e
) {
e
.printStackTrace();
} catch (Exception e
) {
e
.printStackTrace();
}
return null
;
}
public static String
parseByte2HexStr(byte buf
[]) {
StringBuffer sb
= new StringBuffer();
for (int i
= 0; i
< buf
.length
; i
++) {
String hex
= Integer
.toHexString(buf
[i
] & 0xFF);
if (hex
.length() == 1) {
hex
= '0' + hex
;
}
sb
.append(hex
.toUpperCase());
}
return sb
.toString();
}
public static byte[] parseHexStr2Byte(String hexStr
) {
if (hexStr
.length() < 1)
return null
;
byte[] result
= new byte[hexStr
.length()/2];
for (int i
= 0;i
< hexStr
.length()/2; i
++) {
int value
= Integer
.parseInt(hexStr
.substring(i
*2, i
*2+2), 16);
result
[i
] = (byte)value
;
}
return result
;
}
public static SecretKey
getKey(String strKey
) {
try {
KeyGenerator _generator
= KeyGenerator
.getInstance(AES_STR
);
SecureRandom secureRandom
= SecureRandom
.getInstance(SHA1PRNG_STR
);
secureRandom
.setSeed(strKey
.getBytes());
_generator
.init(128,secureRandom
);
return _generator
.generateKey();
} catch (Exception e
) {
throw new RuntimeException("初始化密钥出现异常");
}
}
@SuppressWarnings("restriction")
public static String
aesEncrypt(String str
, String key
) throws Exception
{
if (str
== null
|| key
== null
) return null
;
Cipher cipher
= Cipher
.getInstance("AES/ECB/PKCS5Padding");
cipher
.init(Cipher
.ENCRYPT_MODE
, new SecretKeySpec(key
.getBytes("utf-8"), "AES"));
byte[] bytes
= cipher
.doFinal(str
.getBytes("utf-8"));
return new BASE64Encoder().encode(bytes
);
}
@SuppressWarnings("restriction")
public static String
aesDecrypt(String str
, String key
) throws Exception
{
if (str
== null
|| key
== null
) return null
;
Cipher cipher
= Cipher
.getInstance("AES/ECB/PKCS5Padding");
cipher
.init(Cipher
.DECRYPT_MODE
, new SecretKeySpec(key
.getBytes("utf-8"), "AES"));
byte[] bytes
= new BASE64Decoder().decodeBuffer(str
);
bytes
= cipher
.doFinal(bytes
);
return new String(bytes
, "utf-8");
}
}
3.controller
@RequestMapping(value
="/ts",method
= RequestMethod
.POST
, produces
= MediaType
.APPLICATION_JSON_VALUE
)
public @ResponseBody String
aa(@RequestBody String param
)
{
byte[] byteContent
= param
.getBytes("utf-8");
String key
="ABCDEFGHIJKLMNRS";
String dataJson
="";
String simpleResult
= AesEncrypt
.aesEncrypt(dataJson
, key
);
String simpleContent
= AesEncrypt
.aesDecrypt(dataJson
, key
);
String result
= AesEncrypt
.encrypt(dataJson
, key
);
String content
= AesEncrypt
.decrypt(dataJson
, key
);
}
RSA
1.概念
是公开密钥系统的代表;
安全性:建立在具有大素数因子的合数,其因子分解困难这一法则之上;
处理速度慢;
密钥管理:加解密过程中不必网络传输保密的密钥;密钥管理优于AES算法;
RSA加解密速度慢,不适合大量数据文件加密;
公钥加密 私钥解密
钥加密 公钥解密 使用签名确定是否为该私钥加密
2.使用
public static final String KEY_ALGORITHM
= "RSA";
private static final int KEY_SIZE
= 512;
private static final String PUBLIC_KEY
= "RSAPublicKey";
private static final String PRIVATE_KEY
= "RSAPrivateKey";
public static Map
<String, Object> initKey() throws Exception
{
KeyPairGenerator keyPairGenerator
= KeyPairGenerator
.getInstance(KEY_ALGORITHM
);
keyPairGenerator
.initialize(KEY_SIZE
);
KeyPair keyPair
= keyPairGenerator
.generateKeyPair();
RSAPublicKey publicKey
= (RSAPublicKey
) keyPair
.getPublic();
RSAPrivateKey privateKey
= (RSAPrivateKey
) keyPair
.getPrivate();
Map
<String, Object> keyMap
= new HashMap<String, Object>();
keyMap
.put(PUBLIC_KEY
, publicKey
);
keyMap
.put(PRIVATE_KEY
, privateKey
);
return keyMap
;
}
public static byte[] encryptByPrivateKey(byte[] data
, byte[] key
) throws Exception
{
PKCS8EncodedKeySpec pkcs8KeySpec
= new PKCS8EncodedKeySpec(key
);
KeyFactory keyFactory
= KeyFactory
.getInstance(KEY_ALGORITHM
);
PrivateKey privateKey
= keyFactory
.generatePrivate(pkcs8KeySpec
);
Cipher cipher
= Cipher
.getInstance(keyFactory
.getAlgorithm());
cipher
.init(Cipher
.ENCRYPT_MODE
, privateKey
);
return cipher
.doFinal(data
);
}
public static byte[] encryptByPublicKey(byte[] data
, byte[] key
) throws Exception
{
KeyFactory keyFactory
= KeyFactory
.getInstance(KEY_ALGORITHM
);
X509EncodedKeySpec x509KeySpec
= new X509EncodedKeySpec(key
);
PublicKey pubKey
= keyFactory
.generatePublic(x509KeySpec
);
Cipher cipher
= Cipher
.getInstance(keyFactory
.getAlgorithm());
cipher
.init(Cipher
.ENCRYPT_MODE
, pubKey
);
return cipher
.doFinal(data
);
}
public static byte[] decryptByPrivateKey(byte[] data
, byte[] key
) throws Exception
{
PKCS8EncodedKeySpec pkcs8KeySpec
= new PKCS8EncodedKeySpec(key
);
KeyFactory keyFactory
= KeyFactory
.getInstance(KEY_ALGORITHM
);
PrivateKey privateKey
= keyFactory
.generatePrivate(pkcs8KeySpec
);
Cipher cipher
= Cipher
.getInstance(keyFactory
.getAlgorithm());
cipher
.init(Cipher
.DECRYPT_MODE
, privateKey
);
return cipher
.doFinal(data
);
}
public static byte[] decryptByPublicKey(byte[] data
, byte[] key
) throws Exception
{
KeyFactory keyFactory
= KeyFactory
.getInstance(KEY_ALGORITHM
);
X509EncodedKeySpec x509KeySpec
= new X509EncodedKeySpec(key
);
PublicKey pubKey
= keyFactory
.generatePublic(x509KeySpec
);
Cipher cipher
= Cipher
.getInstance(keyFactory
.getAlgorithm());
cipher
.init(Cipher
.DECRYPT_MODE
, pubKey
);
return cipher
.doFinal(data
);
}
public static byte[] getPrivateKey(Map
<String, Object> keyMap
) {
Key key
= (Key
) keyMap
.get(PRIVATE_KEY
);
return key
.getEncoded();
}
public static byte[] getPublicKey(Map
<String, Object> keyMap
) throws Exception
{
Key key
= (Key
) keyMap
.get(PUBLIC_KEY
);
return key
.getEncoded();
}
使用
Map
<String, Object> keyMap
= initKey();
byte[] publicKey
= getPublicKey(keyMap
);
byte[] privateKey
= getPrivateKey(keyMap
);
System
.out
.println("公钥:/n" + Base64
.encodeBase64String(publicKey
));
System
.out
.println("私钥:/n" + Base64
.encodeBase64String(privateKey
));
System
.out
.println("================密钥对构造完毕,甲方将公钥公布给乙方,开始进行加密数据的传输=============");
String str
= "RSA密码交换算法";
System
.out
.println("/n===========甲方向乙方发送加密数据==============");
System
.out
.println("原文:" + str
);
byte[] code1
= encryptByPrivateKey(str
.getBytes(), privateKey
);
System
.out
.println("加密后的数据:" + Base64
.encodeBase64String(code1
));
System
.out
.println("===========乙方使用甲方提供的公钥对数据进行解密==============");
byte[] decode1
= decryptByPublicKey(code1
, publicKey
);
System
.out
.println("乙方解密后的数据:" + new String(decode1
) + "/n/n");
System
.out
.println("===========反向进行操作,乙方向甲方发送数据==============/n/n");
str
= "乙方向甲方发送数据RSA算法";
System
.out
.println("原文:" + str
);
byte[] code2
=encryptByPublicKey(str
.getBytes(), publicKey
);
System
.out
.println("===========乙方使用公钥对数据进行加密==============");
System
.out
.println("加密后的数据:" + Base64
.encodeBase64String(code2
));
System
.out
.println("=============乙方将数据传送给甲方======================");
System
.out
.println("===========甲方使用私钥对数据进行解密==============");
byte[] decode2
= decryptByPrivateKey(code2
, privateKey
);
System
.out
.println("甲方解密后的数据:" + new String(decode2
));