对称加密算法-DES,3DES,AES

2/10/2017来源:ASP.NET技巧人气:999

1.jdk与bc实现DES算法:

package com.samlai.security;

import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Security;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;

import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.PRovider.BouncyCastleProvider;

public class DesStudy {
	/**
	 * 对称加密算法---DES
	 * 
	 */
	private static String STR = "one type of security:DES";

	public static void main(String[] args) {
		jdkDES();
		bcDES();
	}

	// jdk的DES
	public static void jdkDES() {
		try {
			// 生成key
			KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
			//打断点可以查看对应keyGenerator.getProvider()是哪个class:BC
			keyGenerator.getProvider();
			keyGenerator.init(56);
			SecretKey secretKey = keyGenerator.generateKey();
			byte[] bytesKey = secretKey.getEncoded();

			// Key转换
			DESKeySpec desKeySpec = new DESKeySpec(bytesKey);
			SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
			Key converSecretKey = factory.generateSecret(desKeySpec);

			// 加密
			Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
			cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);
			byte[] result = cipher.doFinal(STR.getBytes());
			System.out
					.println("jdk des encode: " + Hex.encodeHexString(result));

			// 解密
			cipher.init(Cipher.DECRYPT_MODE, converSecretKey);
			result = cipher.doFinal(result);
			System.out.println("jdk des decode: " + new String(result));
		} catch (Exception e) {
			e.printStackTrace();
		}
	}
	

	// bc方式的DES
	public static void bcDES() {
		try {
			
			Security.addProvider(new BouncyCastleProvider());
			
			// 生成key
			KeyGenerator keyGenerator = KeyGenerator.getInstance("DES","BC");
			//打断点可以查看对应keyGenerator.getProvider()是哪个class:BC
			keyGenerator.getProvider();
			keyGenerator.init(56);
			SecretKey secretKey = keyGenerator.generateKey();
			byte[] bytesKey = secretKey.getEncoded();

			// Key转换
			DESKeySpec desKeySpec = new DESKeySpec(bytesKey);
			SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");
			Key converSecretKey = factory.generateSecret(desKeySpec);

			// 加密
			Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
			cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);
			byte[] result = cipher.doFinal(STR.getBytes());
			System.out
					.println("bc des encode: " + Hex.encodeHexString(result));

			// 解密
			cipher.init(Cipher.DECRYPT_MODE, converSecretKey);
			result = cipher.doFinal(result);
			System.out.println("bc des decode: " + new String(result));
		} catch (Exception e) {
			e.printStackTrace();
		}
	}
}


运行的结果是:

jdk des encode: 78a3c4cff016308a7d916fd3f072d35682c4fd7bdb1ef9357cfc890d711ce6da
jdk des decode: one type of security:DES
bc des encode: 6b0daa8478df9ed8ae70f2e442e0eedd996aa8412ac951859bc7a00188cb1c63
bc des decode: one type of security:DES


2.三重DES使用jdk,bc方式进行实现:

package com.samlai.security;

import java.security.Key;
import java.security.SecureRandom;
import java.security.Security;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.DESedeKeySpec;

import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.provider.JCEBlockCipher.DESede;

public class ThreeDesStudy {
	/**
	 * 为什么使用3DES: 补充DES的不足,因为其违反了柯克霍夫原则,与安全性问题
	 * 优点: 1.密钥长度增强 2.迭代次数提高
	 */

	private static String STR = "one type of security:3DES";

	public static void main(String[] args) {
		jdk3DES();
		bc3DES();
	}

	// jdk的DES
	public static void jdk3DES() {
		try {
			// 生成key
			KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
			// 打断点可以查看对应keyGenerator.getProvider()是哪个class:BC
			keyGenerator.getProvider();
			// 长度比des长,比如168位
			// keyGenerator.init(168);
			keyGenerator.init(new SecureRandom());
			SecretKey secretKey = keyGenerator.generateKey();
			byte[] bytesKey = secretKey.getEncoded();

			// Key转换
			DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey);
			SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
			Key converSecretKey = factory.generateSecret(desKeySpec);

			// 加密
			Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
			cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);
			byte[] result = cipher.doFinal(STR.getBytes());
			System.out.println("jdk 3des encode: "
					+ Hex.encodeHexString(result));

			// 解密
			cipher.init(Cipher.DECRYPT_MODE, converSecretKey);
			result = cipher.doFinal(result);
			System.out.println("jdk 3des decode: " + new String(result));
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

	// bc方式的3DES
	public static void bc3DES() {
		try {

			Security.addProvider(new BouncyCastleProvider());
			// 生成key
			KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede", "BC");
			// 打断点可以查看对应keyGenerator.getProvider()是哪个class:BC
			keyGenerator.getProvider();
			keyGenerator.init(new SecureRandom());
			SecretKey secretKey = keyGenerator.generateKey();
			byte[] bytesKey = secretKey.getEncoded();

			// Key转换
			DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey);
			SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
			Key converSecretKey = factory.generateSecret(desKeySpec);

			// 加密
			Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
			cipher.init(Cipher.ENCRYPT_MODE, converSecretKey);
			byte[] result = cipher.doFinal(STR.getBytes());
			System.out
					.println("bc 3des encode: " + Hex.encodeHexString(result));

			// 解密
			cipher.init(Cipher.DECRYPT_MODE, converSecretKey);
			result = cipher.doFinal(result);
			System.out.println("bc 3des decode: " + new String(result));
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

}

运行的结果是:

jdk 3des encode: 1db97710868ab0cb03c0f7c5f919a9904d8b19baad82828f7384a70555e141a7
jdk 3des decode: one type of security:3DES
bc 3des encode: e8c29dc519020175d5603aefb46aa586ae0f37afdc67dfcfcb4706b92fbe40fc
bc 3des decode: one type of security:3DES

3.jdk,bc实现AES的算法:

package com.samlai.security;

import java.security.Key;
import java.security.Security;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class AESStudy {
	/**
	 * 比较普遍使用,效率比3DES效果高,安全性也比较高,高级,DES替代者
	 */
	private static String STR = "one type of security:AES";
	
	public static void main(String[] args) {
		jdkAES();
		bcAES();
	}
	
	//jdk实现:256位限制性政策性文件
	public static void jdkAES(){
		try {
			//生成key
			KeyGenerator keyGenerator=KeyGenerator.getInstance("AES");
			//可以是128 256
//			keyGenerator.init(new SecureRandom());
			keyGenerator.init(128);
			SecretKey secretKey=keyGenerator.generateKey();
			byte[] keyBytes=secretKey.getEncoded();
			//key的转换
			Key key=new SecretKeySpec(keyBytes, "AES");
			//加密
			Cipher cipher=Cipher.getInstance("AES/ECB/PKCS5Padding");
			cipher.init(Cipher.ENCRYPT_MODE, key);
			byte[] result=cipher.doFinal(STR.getBytes());
			System.out.println("jdk AES encode: "+Base64.encodeBase64String(result));
			
			//解密
			cipher.init(Cipher.DECRYPT_MODE, key);
			result=cipher.doFinal(result);
			System.out.println("jdk AES decode:"+new String(result));
		} catch (Exception e) {
			e.printStackTrace();
		}
	}
	
   //bc实现AES
   public static void bcAES(){
	   
	try {
		    Security.addProvider(new BouncyCastleProvider());
		    //生成key
		    KeyGenerator keyGenerator=KeyGenerator.getInstance("AES","BC");
		    keyGenerator.getProvider();
		   //可以是128 256
			keyGenerator.init(128);
			SecretKey secretKey=keyGenerator.generateKey();
			byte[] keyBytes=secretKey.getEncoded();
			//key的转换
			Key key=new SecretKeySpec(keyBytes, "AES");
			//加密
			Cipher cipher=Cipher.getInstance("AES/ECB/PKCS5Padding");
			cipher.init(Cipher.ENCRYPT_MODE, key);
			byte[] result=cipher.doFinal(STR.getBytes());
			System.out.println("bc AES encode: "+Base64.encodeBase64String(result));
			
			//解密
			cipher.init(Cipher.DECRYPT_MODE, key);
			result=cipher.doFinal(result);
			System.out.println("bc AES decode:"+new String(result));
	} catch (Exception e) {
		e.printStackTrace();
	}
	
   }
	
}


运行的结果:

jdk AES encode: 1OYQyHApgsyqFXRolOPing39HY9yBfAJGF0tagOEmEA=
jdk AES decode:one type of security:AES
bc AES encode: PbvF8JGq8B4x7NQtO6t2/qY/muDb/eijHa9zGIxQj7k=
bc AES decode:one type of security:AES

4.使用jdk实现PBE算法:

package com.samlai.security.xEs;

import java.security.Key;
import java.security.SecureRandom;

import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;

import org.apache.commons.codec.binary.Base64;


public class PbeStudy {
	/**
	 * PBE算法结合了消息摘要算法和对称加密算法的优点
	 * PBE(PassWord Based Encryption)基于口令加密  -- Salt
	 * 对已有算法的包装
	 * JDK BC
	 * 盐
	 * PBEWithmd5AndDES
	 */
	private static String STR = "one type of security:PBE";
	
	public static void main(String[] args) {
		jdkPBE();
	}
	
	
	
	//jdk实现PBE
	public static void jdkPBE(){
		try {
			//初始化盐
			SecureRandom random=new SecureRandom();
			byte[] salt=random.generateSeed(8);
			
			//口令与密钥
			String password="studySecurity";
			PBEKeySpec pbeKeySpec=new PBEKeySpec(password.toCharArray());
			SecretKeyFactory factory=SecretKeyFactory.getInstance("PBEWITHMD5andDES");
			Key key=factory.generateSecret(pbeKeySpec);
			
			//加密
			PBEParameterSpec pbeParameterSpec=new PBEParameterSpec(salt, 100);
			Cipher cipher=Cipher.getInstance("PBEWITHMD5andDES");
			cipher.init(Cipher.ENCRYPT_MODE, key,pbeParameterSpec);
			byte[] result=cipher.doFinal(STR.getBytes());
			System.out.println("jdk PBE encode: "+Base64.encodeBase64String(result));
			
			//解密
			cipher.init(Cipher.DECRYPT_MODE, key,pbeParameterSpec);
			result=cipher.doFinal(result);
			System.out.println("jdk PBE decode: "+new String(result));
		} catch (Exception e) {
			e.printStackTrace();
		}
	}
}

运行的结果:

jdk PBE encode: LMjza18BhB0jgGmngAGwW+cb3sblayHKHB/tmDFM9m0=
jdk PBE decode: one type of security:PBE