本文借鑒：chengbinbbs，FKNIGHT0X，Central-Perk（特此感謝！）

對稱加密

定義：加密和解密使用相同密鑰的算法。

常見的有DES、3DES、AES、PBE等加密算法，這幾種算法安全性依次是逐漸增強的。

DES加密

特點：簡便、密鑰長度比較短。

/*** DES加密介紹* DES是一種對稱加密算法，所謂對稱加密算法即：加密和解密使用相同密鑰的算法。DES加密算法出自IBM的研究，* 后來被美國政府正式采用，之后開始廣泛流傳，但是近些年使用越來越少，因為DES使用56位密鑰，以現代計算能力，* 24小時內即可被破解。雖然如此，在某些簡單應用中，我們還是可以使用DES加密算法，本文簡單講解DES的JAVA實現* 。* 注意：DES加密和解密過程中，密鑰長度都必須是8的倍數*/ public class DESUtil {/*** 加密** @param datasource byte[] 需要加密的數據.getBytes()* @param password String 密碼（作用：生成密鑰，長度要是8的倍數）* @return byte[]*/public static byte[] encrypt(byte[] datasource, String password) {try {SecureRandom random = new SecureRandom();// 使用密碼，創建一個DESKeySpec對象DESKeySpec desKey = new DESKeySpec(password.getBytes());//創建一個密匙工廠，然后用它把DESKeySpec轉換成對應的密鑰SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");//根據密鑰工廠的入參生成對應的des密鑰SecretKey securekey = keyFactory.generateSecret(desKey);//Cipher對象實際完成加密操作Cipher cipher = Cipher.getInstance("DES");//用密匙初始化Cipher對象 cipher.init(Cipher.ENCRYPT_MODE, securekey, random);//現在，獲取數據并加密//正式執行加密操作return cipher.doFinal(datasource);} catch (Throwable e) {e.printStackTrace();}return null;}/*** 解密** @param src byte[] 密鑰加密過后的信息* @param password String* @return byte[]* @throws Exception*/public static byte[] decrypt(byte[] src, String password) throws Exception {// DES算法要求有一個可信任的隨機數源SecureRandom random = new SecureRandom();// 創建一個DESKeySpec對象DESKeySpec desKey = new DESKeySpec(password.getBytes());// 創建一個密匙工廠SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");// 將DESKeySpec對象轉換成SecretKey對象SecretKey securekey = keyFactory.generateSecret(desKey);// Cipher對象實際完成解密操作Cipher cipher = Cipher.getInstance("DES");// 用密匙初始化Cipher對象 cipher.init(Cipher.DECRYPT_MODE, securekey, random);// 真正開始解密操作return cipher.doFinal(src);}//測試public static void main(String args[]) {//待加密內容String str = "測試內容";//密碼，長度要是8的倍數String password = "9588028820109132570743325311898426347857298773549468758875018579537757772163084478873699447306034466200616411960574122434059469100235892702736860872901247123456";byte[] result = DESUtil.encrypt(str.getBytes(), password);System.out.println("加密后：" + new String(result));//直接將如上內容解密try {byte[] decryResult = DESUtil.decrypt(result, password);System.out.println("解密后：" + new String(decryResult));} catch (Exception e1) {e1.printStackTrace();}} } View Code

?AES加密

/*** AES 加密方法，是對稱的密碼算法(加密與解密的密鑰一致)，這里使用最大的 256 位的密鑰*/ public class AESUtil {/*** 獲得一個 密鑰長度為 256 位的 AES 密鑰，** @return 返回經 BASE64 處理之后的密鑰字符串*/public static String getStrKeyAES() throws NoSuchAlgorithmException, UnsupportedEncodingException {//密鑰生成器,指定生成AES類型的密鑰KeyGenerator keyGen = KeyGenerator.getInstance("AES");//加密的強隨機數SecureRandom secureRandom = new SecureRandom(String.valueOf(System.currentTimeMillis()).getBytes("utf-8"));//初始化密鑰生成器的長度為256位keyGen.init(256, secureRandom); // 這里可以是 128、192、256、越大越安全//生成密鑰SecretKey secretKey = keyGen.generateKey();//Base64.getEncoder():使用base64編碼來編碼字節數據return Base64.getEncoder().encodeToString(secretKey.getEncoded());}/*** 將使用 Base64 加密后的字符串類型的 SecretKey 解碼為 SecretKey** @param strKey* @return SecretKey*/public static SecretKey strKey2SecretKey(String strKey) {byte[] bytes = Base64.getDecoder().decode(strKey);SecretKeySpec secretKey = new SecretKeySpec(bytes, "AES");return secretKey;}/*** 加密** @param content 待加密內容* @param secretKey 加密使用的 AES 密鑰* @return 加密后的密文 byte[]*/public static byte[] encryptAES(byte[] content, SecretKey secretKey) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {Cipher cipher = Cipher.getInstance("AES");cipher.init(Cipher.ENCRYPT_MODE, secretKey);return cipher.doFinal(content);}/*** 解密** @param content 待解密內容* @param secretKey 解密使用的 AES 密鑰* @return 解密后的明文 byte[]*/public static byte[] decryptAES(byte[] content, SecretKey secretKey) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {Cipher cipher = Cipher.getInstance("AES");cipher.init(Cipher.DECRYPT_MODE, secretKey);return cipher.doFinal(content);} } View Code

?

?非對稱加密

定義：非對稱加密算法需要兩個密鑰：公開密鑰（publickey）和私有密鑰（privatekey）。一般公鑰是公開的，私鑰是自己保存。

常見的有RSA算法

RSA加密

/*** RSA公鑰/私鑰/簽名工具包* 羅納德·李維斯特（Ron [R]ivest）、阿迪·薩莫爾（Adi [S]hamir）和倫納德·阿德曼（Leonard [A]dleman）* 字符串格式的密鑰在未在特殊說明情況下都為BASE64編碼格式* 由于非對稱加密速度極其緩慢，一般文件不使用它來加密而是使用對稱加密，* 非對稱加密算法可以用來對對稱加密的密鑰加密，這樣保證密鑰的安全也就保證了數據的安全** @author IceWee* @version 1.0* @date 2012-4-26*/ public class RSAUtils {/** *//*** 加密算法RSA*/public static final String KEY_ALGORITHM = "RSA";/*** 簽名算法*/public static final String SIGNATURE_ALGORITHM = "MD5withRSA";/*** 獲取公鑰的key*/private static final String PUBLIC_KEY = "RSAPublicKey";/*** 獲取私鑰的key*/private static final String PRIVATE_KEY = "RSAPrivateKey";/*** RSA最大加密明文大小*/private static final int MAX_ENCRYPT_BLOCK = 117;/*** RSA最大解密密文大小*/private static final int MAX_DECRYPT_BLOCK = 128;/*** 生成密鑰對(公鑰和私鑰)** @return* @throws Exception*/public static Map<String, Object> genKeyPair() throws Exception {//實例化一個密鑰對生成器，并設置長度KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);keyPairGen.initialize(1024);//生成密鑰對KeyPair keyPair = keyPairGen.generateKeyPair();RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();//公鑰、私鑰Map<String, Object> keyMap = new HashMap<String, Object>(2);keyMap.put(PUBLIC_KEY, publicKey);keyMap.put(PRIVATE_KEY, privateKey);return keyMap;}/*** 用私鑰對信息生成數字簽名** @param data 已加密數據* @param privateKey 私鑰(BASE64編碼)* @return* @throws Exception*/public static String sign(byte[] data, String privateKey) throws Exception {//解碼私鑰byte[] keyBytes = Base64.decode(privateKey).getBytes();//以編碼格式來表示私鑰PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);//根據RSA算法創建key工廠，并使用PKCS8編碼生成一個私鑰KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);//簽名算法Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);signature.initSign(privateK);signature.update(data);return new String(Base64.encode(signature.sign()));}/*** 校驗數字簽名** @param data 已加密數據* @param publicKey 公鑰(BASE64編碼)* @param sign 數字簽名* @return* @throws Exception*/public static boolean verify(byte[] data, String publicKey, String sign)throws Exception {//解碼公鑰byte[] keyBytes = Base64.decode(publicKey).getBytes();X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);PublicKey publicK = keyFactory.generatePublic(keySpec);Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);signature.initVerify(publicK);signature.update(data);return signature.verify(Base64.decode(sign).getBytes());}/*** 私鑰解密** @param encryptedData 已加密數據* @param privateKey 私鑰(BASE64編碼)* @return* @throws Exception*/public static byte[] decryptByPrivateKey(byte[] encryptedData, String privateKey)throws Exception {byte[] keyBytes = Base64.decode(privateKey).getBytes();PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());cipher.init(Cipher.DECRYPT_MODE, privateK);int inputLen = encryptedData.length;ByteArrayOutputStream out = new ByteArrayOutputStream();int offSet = 0;byte[] cache;int i = 0;// 對數據分段解密while (inputLen - offSet > 0) {if (inputLen - offSet > MAX_DECRYPT_BLOCK) {cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);} else {cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);}out.write(cache, 0, cache.length);i++;offSet = i * MAX_DECRYPT_BLOCK;}byte[] decryptedData = out.toByteArray();out.close();return decryptedData;}/*** 公鑰解密** @param encryptedData 已加密數據* @param publicKey 公鑰(BASE64編碼)* @return* @throws Exception*/public static byte[] decryptByPublicKey(byte[] encryptedData, String publicKey)throws Exception {byte[] keyBytes = Base64.decode(publicKey).getBytes();X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);Key publicK = keyFactory.generatePublic(x509KeySpec);Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());cipher.init(Cipher.DECRYPT_MODE, publicK);int inputLen = encryptedData.length;ByteArrayOutputStream out = new ByteArrayOutputStream();int offSet = 0;byte[] cache;int i = 0;// 對數據分段解密while (inputLen - offSet > 0) {if (inputLen - offSet > MAX_DECRYPT_BLOCK) {cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);} else {cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);}out.write(cache, 0, cache.length);i++;offSet = i * MAX_DECRYPT_BLOCK;}byte[] decryptedData = out.toByteArray();out.close();return decryptedData;}/*** 公鑰加密** @param data 源數據* @param publicKey 公鑰(BASE64編碼)* @return* @throws Exception*/public static byte[] encryptByPublicKey(byte[] data, String publicKey)throws Exception {byte[] keyBytes = Base64.decode(publicKey).getBytes();X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);Key publicK = keyFactory.generatePublic(x509KeySpec);// 對數據加密Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());cipher.init(Cipher.ENCRYPT_MODE, publicK);int inputLen = data.length;ByteArrayOutputStream out = new ByteArrayOutputStream();int offSet = 0;byte[] cache;int i = 0;// 對數據分段加密while (inputLen - offSet > 0) {if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);} else {cache = cipher.doFinal(data, offSet, inputLen - offSet);}out.write(cache, 0, cache.length);i++;offSet = i * MAX_ENCRYPT_BLOCK;}byte[] encryptedData = out.toByteArray();out.close();return encryptedData;}/*** 私鑰加密** @param data 源數據* @param privateKey 私鑰(BASE64編碼)* @return* @throws Exception*/public static byte[] encryptByPrivateKey(byte[] data, String privateKey)throws Exception {byte[] keyBytes = Base64.decode(privateKey).getBytes();PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());cipher.init(Cipher.ENCRYPT_MODE, privateK);int inputLen = data.length;ByteArrayOutputStream out = new ByteArrayOutputStream();int offSet = 0;byte[] cache;int i = 0;// 對數據分段加密while (inputLen - offSet > 0) {if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);} else {cache = cipher.doFinal(data, offSet, inputLen - offSet);}out.write(cache, 0, cache.length);i++;offSet = i * MAX_ENCRYPT_BLOCK;}byte[] encryptedData = out.toByteArray();out.close();return encryptedData;}/*** 獲取私鑰** @param keyMap 密鑰對* @return* @throws Exception*/public static String getPrivateKey(Map<String, Object> keyMap)throws Exception {Key key = (Key) keyMap.get(PRIVATE_KEY);return new String(Base64.encode(key.getEncoded()));}/*** 獲取公鑰** @param keyMap 密鑰對* @return* @throws Exception*/public static String getPublicKey(Map<String, Object> keyMap)throws Exception {Key key = (Key) keyMap.get(PUBLIC_KEY);return new String(Base64.encode(key.getEncoded()));}} View Code

?

轉載于:https://www.cnblogs.com/riches/p/11370243.html

總結

以上是生活随笔為你收集整理的Java Web学习（三）数据加密方式详解的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。