接下来我们介绍对称加密算法,最常用的莫过于DES数据加密算法。
DES
DES-Data Encryption Standard,即数据加密算法。是IBM公司于1975年研究成功并公开发表的。DES算法的入口参数有三个:Key、Data、Mode。其中Key为8个字节共64位,是DES算法的工作密钥;Data也为8个字节64位,是要被加密或被解密的数据;Mode为DES的工作方式,有两种:加密或解密。
DES算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是64位。
通过java代码实现如下:
1. import java.security.InvalidKeyException;
2. import java.security.Key;
3. import java.security.NoSuchAlgorithmException;
4. import java.security.SecureRandom;
5. import java.security.spec.InvalidKeySpecException;
6. import java.util.Arrays;
7.
8. import javax.crypto.Cipher;
9. import javax.crypto.KeyGenerator;
10. import javax.crypto.SecretKey;
11. import javax.crypto.SecretKeyFactory;
12. import javax.crypto.spec.DESKeySpec;
13. import javax.crypto.spec.SecretKeySpec;
14.
15. import org.apache.commons.codec.binary.Base64;
16. import org.apache.commons.codec.binary.Hex;
17.
18. /**对称加密算法DES&AES
19. * @description: TODO
20. * @author Somnus
21. * date 2015年4月8日 下午2:10:44
22. */
23. public class DESUtil {
24. /**
25. * ALGORITHM 算法 <br>
26. * 可替换为以下任意一种算法,同时key值的size相应改变。
27. *
28. * <pre>
29. * DES key size must be equal to 56
30. * DESede(TripleDES) key size must be equal to 112 or 168
31. * AES key size must be equal to 128, 192 or 256,but 192 and 256 bits may not be available
32. * Blowfish key size must be multiple of 8, and can only range from 32 to 448 (inclusive)
33. * RC2 key size must be between 40 and 1024 bits
34. * RC4(ARCFOUR) key size must be between 40 and 1024 bits
35. * </pre>
36. *
37. * 在Key keyGenerator(byte[] key)方法中使用下述代码
38. * <code>SecretKey secretKey = new SecretKeySpec(key, ALGORITHM);</code> 替换
39. * <code>
40. * DESKeySpec desKey = new DESKeySpec(key);
41. * SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
42. * SecretKey secretKey = keyFactory.generateSecret(desKey);
43. * </code>
44. */
45. public static final String ALGORITHM = "DES";
46. //算法名称/加密模式/填充方式
47. //DES共有四种工作模式-->>ECB:电子密码本模式、CBC:加密分组链接模式、CFB:加密反馈模式、OFB:输出反馈模式
48. public static final String CIPHER_ALGORITHM = "DES/ECB/NoPadding";
49.
50. /**
51. *
52. * 生成密钥key对象
53. * @param KeyStr 密钥字符串
54. * @return 密钥对象
55. * @throws InvalidKeyException
56. * @throws NoSuchAlgorithmException
57. * @throws InvalidKeySpecException
58. * @throws Exception
59. */
60. private static SecretKey keyGenerator(byte[] key) throws Exception {
61. new DESKeySpec(key);
62. //创建一个密匙工厂,然后用它把DESKeySpec转换成
63. SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
64. SecretKey securekey = keyFactory.generateSecret(desKey);
65.
66. /*当使用其他对称加密算法时,如AES、Blowfish等算法时,用下述代码替换上述三行代码 */
67. /*SecretKey secretKey = new SecretKeySpec(keyStr.getBytes(),KEY_ALGORITHM);*/
68. return securekey;
69. }
70.
71. /**
72. * 加密数据
73. * @param data 待加密数据
74. * @param key 密钥
75. * @return 加密后的数据
76. */
77. public static String encrypt(String data, String keyStr) throws Exception {
78. Key deskey = keyGenerator(Base64.decodeBase64(keyStr));
79. // 实例化Cipher对象,它用于完成实际的加密操作
80. Cipher cipher = Cipher.getInstance(ALGORITHM);
81. // 初始化Cipher对象,设置为加密模式
82. cipher.init(Cipher.ENCRYPT_MODE, deskey);
83. byte[] buff = cipher.doFinal(data.getBytes());
84. System.out.println(Arrays.toString(buff));
85. // 执行加密操作。加密后的结果通常都会用Base64编码进行传输
86. return Hex.encodeHexString(buff);
87. }
88.
89. /**
90. * 解密数据
91. * @param data 待解密数据
92. * @param key 密钥
93. * @return 解密后的数据
94. */
95. public static String decrypt(String data, String keyStr) throws Exception {
96. Key deskey = keyGenerator(Base64.decodeBase64(keyStr));
97. Cipher cipher = Cipher.getInstance(ALGORITHM);
98. //初始化Cipher对象,设置为解密模式
99. cipher.init(Cipher.DECRYPT_MODE, deskey);
100. // 执行解密操作
101. byte[] buff = cipher.doFinal(Hex.decodeHex(data.toCharArray()));
102. System.out.println(Arrays.toString(buff));
103. return new String(buff);
104. }
105. /**
106. * 生成密钥
107. * @return
108. * @throws Exception
109. */
110. public static String initKey() throws Exception {
111. return initKey(null);
112. }
113. /**
114. * 生成密钥
115. * @param seed
116. * @return
117. * @throws Exception
118. */
119. public static String initKey(String seed) throws Exception {
120. null;
121. if (seed != null) {
122. new SecureRandom(Base64.decodeBase64(seed));
123. else {
124. new SecureRandom();
125. }
126. KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM);
127. kg.init(secureRandom);
128. SecretKey secretKey = kg.generateKey();
129. return Base64.encodeBase64String(secretKey.getEncoded());
130. }
131. public static void main(String[] args) throws Exception {
132. String key = initKey();
133. "size:"+Base64.decodeBase64(key).length);
134.
135. "Somnus";
136. "原文: " + source);
137.
138. String encryptData = encrypt(source, key);
139. "加密后: " + encryptData);
140.
141. String decryptData = decrypt(encryptData, key);
142. "解密后: " + decryptData);
143. }
144. }
得到的输出内容如下:
1. 5uMCAYNX9OY=size:8
2. 原文: Somnus
3. [40, 72, 46, 74, 49, 99, 10, 119]
4. 加密后: 28482e4a31630a77
5. [83, 111, 109, 110, 117, 115]
6. 解密后: Somnus
由控制台得到的输出,我们能够比对加密、解密后结果一致。这是一种简单的加密解密方式,只有一个密钥。
其实DES有很多同胞兄弟,如DESede(TripleDES)、AES、Blowfish、RC2、RC4(ARCFOUR)。这里就不过多阐述了,大同小异,只要换掉ALGORITHM换成对应的值,同时做一个代码替换 SecretKey secretKey = new SecretKeySpec(key, ALGORITHM);
就可以了,此外就是密钥长度不同了。
1. /**
2. * DES key size must be equal to 56
3. * DESede(TripleDES) key size must be equal to 112 or 168
4. * AES key size must be equal to 128, 192 or 256,but 192 and 256 bits may not be available
5. * Blowfish key size must be multiple of 8, and can only range from 32 to 448 (inclusive)
6. * RC2 key size must be between 40 and 1024 bits
7. * RC4(ARCFOUR) key size must be between 40 and 1024 bits
8. **/