对称加密算法-DES,3DES,AES

2019-11-10 18:03:15
字体：大中小
来源：转载
供稿：网友
1.jdk与bc实现DES算法:
package com.samlai.security;import java.security.Key;import java.security.NoSuchAlgorithmException;import java.security.Security;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESKeySpec;import org.apache.commons.codec.binary.Hex;import org.bouncycastle.jce.PRovider.BouncyCastleProvider;public class DesStudy {	/**	 * 对称加密算法---DES	 * 	 */	private static String STR = "one type of security:DES";	public static void main(String[] args) {		jdkDES();		bcDES();	}	// jdk的DES	public static void jdkDES() {		try {			// 生成key			KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");			//打断点可以查看对应keyGenerator.getProvider()是哪个class：BC			keyGenerator.getProvider();			keyGenerator.init(56);			SecretKey secretKey = keyGenerator.generateKey();			byte[] bytesKey = secretKey.getEncoded();			// Key转换			DESKeySpec desKeySpec = new DESKeySpec(bytesKey);			SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");			Key converSecretKey = factory.generateSecret(desKeySpec);			// 加密			Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");			cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);			byte[] result = cipher.doFinal(STR.getBytes());			System.out					.println("jdk des encode: " + Hex.encodeHexString(result));			// 解密			cipher.init(Cipher.DECRYPT_MODE, converSecretKey);			result = cipher.doFinal(result);			System.out.println("jdk des decode: " + new String(result));		} catch (Exception e) {			e.printStackTrace();		}	}		// bc方式的DES	public static void bcDES() {		try {						Security.addProvider(new BouncyCastleProvider());						// 生成key			KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC");			//打断点可以查看对应keyGenerator.getProvider()是哪个class：BC			keyGenerator.getProvider();			keyGenerator.init(56);			SecretKey secretKey = keyGenerator.generateKey();			byte[] bytesKey = secretKey.getEncoded();			// Key转换			DESKeySpec desKeySpec = new DESKeySpec(bytesKey);			SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");			Key converSecretKey = factory.generateSecret(desKeySpec);			// 加密			Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");			cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);			byte[] result = cipher.doFinal(STR.getBytes());			System.out					.println("bc des encode: " + Hex.encodeHexString(result));			// 解密			cipher.init(Cipher.DECRYPT_MODE, converSecretKey);			result = cipher.doFinal(result);			System.out.println("bc des decode: " + new String(result));		} catch (Exception e) {			e.printStackTrace();		}	}}
运行的结果是:
jdk des encode: 78a3c4cff016308a7d916fd3f072d35682c4fd7bdb1ef9357cfc890d711ce6dajdk des decode: one type of security:DESbc des encode: 6b0daa8478df9ed8ae70f2e442e0eedd996aa8412ac951859bc7a00188cb1c63bc des decode: one type of security:DES
2.三重DES使用jdk,bc方式进行实现:
package com.samlai.security;import java.security.Key;import java.security.SecureRandom;import java.security.Security;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESKeySpec;import javax.crypto.spec.DESedeKeySpec;import org.apache.commons.codec.binary.Hex;import org.bouncycastle.jce.provider.BouncyCastleProvider;import org.bouncycastle.jce.provider.JCEBlockCipher.DESede;public class ThreeDesStudy {	/**	 * 为什么使用3DES: 补充DES的不足,因为其违反了柯克霍夫原则,与安全性问题	 * 优点: 1.密钥长度增强 2.迭代次数提高	 */	private static String STR = "one type of security:3DES";	public static void main(String[] args) {		jdk3DES();		bc3DES();	}	// jdk的DES	public static void jdk3DES() {		try {			// 生成key			KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");			// 打断点可以查看对应keyGenerator.getProvider()是哪个class：BC			keyGenerator.getProvider();			// 长度比des长,比如168位			// keyGenerator.init(168);			keyGenerator.init(new SecureRandom());			SecretKey secretKey = keyGenerator.generateKey();			byte[] bytesKey = secretKey.getEncoded();			// Key转换			DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey);			SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");			Key converSecretKey = factory.generateSecret(desKeySpec);			// 加密			Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");			cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);			byte[] result = cipher.doFinal(STR.getBytes());			System.out.println("jdk 3des encode: "					+ Hex.encodeHexString(result));			// 解密			cipher.init(Cipher.DECRYPT_MODE, converSecretKey);			result = cipher.doFinal(result);			System.out.println("jdk 3des decode: " + new String(result));		} catch (Exception e) {			e.printStackTrace();		}	}	// bc方式的3DES	public static void bc3DES() {		try {			Security.addProvider(new BouncyCastleProvider());			// 生成key			KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede", "BC");			// 打断点可以查看对应keyGenerator.getProvider()是哪个class：BC			keyGenerator.getProvider();			keyGenerator.init(new SecureRandom());			SecretKey secretKey = keyGenerator.generateKey();			byte[] bytesKey = secretKey.getEncoded();			// Key转换			DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey);			SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");			Key converSecretKey = factory.generateSecret(desKeySpec);			// 加密			Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");			cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);			byte[] result = cipher.doFinal(STR.getBytes());			System.out					.println("bc 3des encode: " + Hex.encodeHexString(result));			// 解密			cipher.init(Cipher.DECRYPT_MODE, converSecretKey);			result = cipher.doFinal(result);			System.out.println("bc 3des decode: " + new String(result));		} catch (Exception e) {			e.printStackTrace();		}	}}运行的结果是：
jdk 3des encode: 1db97710868ab0cb03c0f7c5f919a9904d8b19baad82828f7384a70555e141a7jdk 3des decode: one type of security:3DESbc 3des encode: e8c29dc519020175d5603aefb46aa586ae0f37afdc67dfcfcb4706b92fbe40fcbc 3des decode: one type of security:3DES
3.jdk,bc实现AES的算法:
package com.samlai.security;import java.security.Key;import java.security.Security;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.SecretKey;import javax.crypto.spec.SecretKeySpec;import org.apache.commons.codec.binary.Base64;import org.bouncycastle.jce.provider.BouncyCastleProvider;public class AESStudy {	/**	 * 比较普遍使用,效率比3DES效果高,安全性也比较高,高级,DES替代者	 */	private static String STR = "one type of security:AES";		public static void main(String[] args) {		jdkAES();		bcAES();	}		//jdk实现：256位限制性政策性文件	public static void jdkAES(){		try {			//生成key			KeyGenerator keyGenerator=KeyGenerator.getInstance("AES");			//可以是128 256//			keyGenerator.init(new SecureRandom());			keyGenerator.init(128);			SecretKey secretKey=keyGenerator.generateKey();			byte[] keyBytes=secretKey.getEncoded();			//key的转换			Key key=new SecretKeySpec(keyBytes, "AES");			//加密			Cipher cipher=Cipher.getInstance("AES/ECB/PKCS5Padding");			cipher.init(Cipher.ENCRYPT_MODE, key);			byte[] result=cipher.doFinal(STR.getBytes());			System.out.println("jdk AES encode: "+Base64.encodeBase64String(result));						//解密			cipher.init(Cipher.DECRYPT_MODE, key);			result=cipher.doFinal(result);			System.out.println("jdk AES decode："+new String(result));		} catch (Exception e) {			e.printStackTrace();		}	}	   //bc实现AES   public static void bcAES(){	   	try {		    Security.addProvider(new BouncyCastleProvider());		    //生成key		    KeyGenerator keyGenerator=KeyGenerator.getInstance("AES","BC");		    keyGenerator.getProvider();		   //可以是128 256			keyGenerator.init(128);			SecretKey secretKey=keyGenerator.generateKey();			byte[] keyBytes=secretKey.getEncoded();			//key的转换			Key key=new SecretKeySpec(keyBytes, "AES");			//加密			Cipher cipher=Cipher.getInstance("AES/ECB/PKCS5Padding");			cipher.init(Cipher.ENCRYPT_MODE, key);			byte[] result=cipher.doFinal(STR.getBytes());			System.out.println("bc AES encode: "+Base64.encodeBase64String(result));						//解密			cipher.init(Cipher.DECRYPT_MODE, key);			result=cipher.doFinal(result);			System.out.println("bc AES decode："+new String(result));	} catch (Exception e) {		e.printStackTrace();	}	   }	}
运行的结果:
jdk AES encode: 1OYQyHApgsyqFXRolOPing39HY9yBfAJGF0tagOEmEA=jdk AES decode：one type of security:AESbc AES encode: PbvF8JGq8B4x7NQtO6t2/qY/muDb/eijHa9zGIxQj7k=bc AES decode：one type of security:AES
4.使用jdk实现PBE算法:
package com.samlai.security.xEs;import java.security.Key;import java.security.SecureRandom;import javax.crypto.Cipher;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.PBEKeySpec;import javax.crypto.spec.PBEParameterSpec;import org.apache.commons.codec.binary.Base64;public class PbeStudy {	/**	 * PBE算法结合了消息摘要算法和对称加密算法的优点	 * PBE(PassWord Based Encryption)基于口令加密  -- Salt	 * 对已有算法的包装	 * JDK BC	 * 盐	 * PBEWithmd5AndDES	 */	private static String STR = "one type of security:PBE";		public static void main(String[] args) {		jdkPBE();	}				//jdk实现PBE	public static void jdkPBE(){		try {			//初始化盐			SecureRandom random=new SecureRandom();			byte[] salt=random.generateSeed(8);						//口令与密钥			String password="studySecurity";			PBEKeySpec pbeKeySpec=new PBEKeySpec(password.toCharArray());			SecretKeyFactory factory=SecretKeyFactory.getInstance("PBEWITHMD5andDES");			Key key=factory.generateSecret(pbeKeySpec);						//加密			PBEParameterSpec pbeParameterSpec=new PBEParameterSpec(salt, 100);			Cipher cipher=Cipher.getInstance("PBEWITHMD5andDES");			cipher.init(Cipher.ENCRYPT_MODE, key,pbeParameterSpec);			byte[] result=cipher.doFinal(STR.getBytes());			System.out.println("jdk PBE encode: "+Base64.encodeBase64String(result));						//解密			cipher.init(Cipher.DECRYPT_MODE, key,pbeParameterSpec);			result=cipher.doFinal(result);			System.out.println("jdk PBE decode: "+new String(result));		} catch (Exception e) {			e.printStackTrace();		}	}}运行的结果:
jdk PBE encode: LMjza18BhB0jgGmngAGwW+cb3sblayHKHB/tmDFM9m0=jdk PBE decode: one type of security:PBE