java中对于加密的支持api都在
java.security
和
javax.crypto
包下,主要用到的类有:
Cipher
主要用于加密行为,如进行AES/DES/RSA等加密行为
初始化对象
static Cipher getInstance(String transformation)
transformation
的组成可以概括为algorithm/mode/padding,
algorithm
用于指定加密的方式,
mode
用于指定特定加密方式的变换模式,
padding
是字节填充规则。
mode
和
padding
可以不写,可用的
transformation
组合有:
//括号数值为所需秘钥的长度
AES/CBC/NoPadding (128)
AES/CBC/PKCS5Padding (128)
AES/ECB/NoPadding (128)
AES/ECB/PKCS5Padding (128)
DES/CBC/NoPadding (56)
DES/CBC/PKCS5Padding (56)
DES/ECB/NoPadding (56)
DES/ECB/PKCS5Padding (56)
DESede/CBC/NoPadding (168)
DESede/CBC/PKCS5Padding (168)
DESede/ECB/NoPadding (168)
DESede/ECB/PKCS5Padding (168)
RSA/ECB/PKCS1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-1AndMGF1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-256AndMGF1Padding (1024, 2048)
初始化参数
void init(int opmode, Key key)
opmode
用于指定该对象是要进行加密还是解密,
key
是加密所用的秘钥信息。
加密方法
byte[] doFinal(byte[] input)
cipher.doFinal(byte[] input)
等同于
cipher.update(byte[] input); cipher.doFinal();
示例代码:
1、AES加解密
@org.junit.Test
public void testCipherAES() throws Exception {
//指定使用AES加密
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
//使用KeyGenerator生成key,参数与获取cipher对象的algorithm必须相同
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
//指定生成的密钥长度为128
keyGenerator.init(128);
Key key = keyGenerator.generateKey();
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] bytes = cipher.doFinal("helloworld".getBytes());
System.out.println("AES加密: " + Base64.getEncoder().encodeToString(bytes));
//由于AES加密在CBC模式下是需要有一个初始向量数组byte[] initializeVector ,
// 而解密的时候也需要同样的初始向量,因此需要使用加密时的参数初始化解密的cipher,否则会出错
byte[] initializeVector = cipher.getIV();
IvParameterSpec ivParameterSpec = new IvParameterSpec(initializeVector);
cipher.init(Cipher.DECRYPT_MODE, key, ivParameterSpec);
//上面三步操作可以用此操作代替 cipher.init(Cipher.DECRYPT_MODE, key, cipher.getParameters());
bytes = cipher.doFinal(bytes);
System.out.println("AES解密: " + new String(bytes));
}
//输出
AES加密: pRy4ZbW7qgZ33iWBJ60BDA==
AES加密: helloworld
2、DES加解密
@org.junit.Test
public void testCipherDES() throws Exception {
//指定使用DES加密
Cipher cipher = Cipher.getInstance("DES");
//使用KeyGenerator生成key,参数与获取cipher对象的algorithm必须相同
KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
//DES的秘钥长度必须是56位
keyGenerator.init(56);
Key key = keyGenerator.generateKey();
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] bytes = cipher.doFinal("helloworld".getBytes());
System.out.println("DES加密: " + Base64.getEncoder().encodeToString(bytes));
//与AES不同,由于DES并不需要初始向量,因此解密的时候不需要第三个参数
cipher.init(Cipher.DECRYPT_MODE, key);
bytes = cipher.doFinal(bytes);
System.out.println("DES解密: " + new String(bytes));
}
//输出
DES加密: XoG4lEjZN4VBlZYTXjw6BQ==
DES解密: helloworld
3、RSA加解密
@org.junit.Test
public void testCipherRSA() throws Exception {
//获取cipher对象
Cipher cipher = Cipher.getInstance("RSA");
//通过KeyPairGenerator来生成公钥和私钥
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
PublicKey publicKey = keyPair.getPublic();//公钥
PrivateKey privateKey = keyPair.getPrivate();//私钥
/*加密*/
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] bytes = cipher.doFinal(TEXT.getBytes());
final String encryptText = Base64.getEncoder().encodeToString(bytes);
System.out.println("RSA公钥加密:" + encryptText);
/*解密*/
cipher.init(Cipher.DECRYPT_MODE, privateKey);
bytes = cipher.doFinal(Base64.getDecoder().decode(encryptText));
System.out.println("RSA解密:" + new String(bytes));
}
//输出
RSA公钥加密:bKbbpARpcHcCqcMdGmA/WzvyO2G3eXFJhmrK5F0yFlJsoGohg4XIq5egNc1eBQwP7BRD6m7c12byB/KpYNgWg7J5Y3kupWBahZyhJ7SWWF0YY9CrdWf55zQ/CPyn+KlWQg1ViBnIBnejABFuqjDgBmZ3Q3txT1tD4MIpGPCE+NY=
RSA私钥解密:helloworld
![JAVA面试技巧之自我介绍[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)