Shiro 加密机制

概要

  Shiro专注于密码学的两个核心要素:使用公钥或私钥加密数据的密码,以及对密码等数据进行不可逆加密的哈希。

Jce加密数据Demo

package com.wjz.demo.crypto;

import java.security.Key;
import java.security.SecureRandom;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class JceDemo {

    private static final String ALGORITHM_NAME = "AES";
    private static final String TRANSFORMATION_STRING_DELIMITER = "/";
    private static final String RANDOM_NUM_GENERATOR_ALGORITHM_NAME = "SHA1PRNG";
    private static final int DEFAULT_KEY_SIZE = 128;
    private static final int BITS_PER_BYTE = 8;
    private static byte[] encryptionCipherKey;
    private static byte[] decryptionCipherKey;
    private static String modeName = "CBC";
    private static String paddingSchemeName = "PKCS5Padding";
    private static String transformationString = ALGORITHM_NAME + TRANSFORMATION_STRING_DELIMITER + modeName
            + TRANSFORMATION_STRING_DELIMITER + paddingSchemeName;

    public static void main(String[] args) throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(ALGORITHM_NAME);
        keyGenerator.init(DEFAULT_KEY_SIZE);
        SecretKey key = keyGenerator.generateKey();
        encryptionCipherKey = key.getEncoded();
        decryptionCipherKey = key.getEncoded();

        int sizeInBytes = DEFAULT_KEY_SIZE / BITS_PER_BYTE;
        byte[] ivBytes = new byte[sizeInBytes];
        SecureRandom random = SecureRandom.getInstance(RANDOM_NUM_GENERATOR_ALGORITHM_NAME);
        random.nextBytes(ivBytes);

        Cipher cipher = Cipher.getInstance(transformationString);
        Key jdkKey = new SecretKeySpec(encryptionCipherKey, ALGORITHM_NAME);
        IvParameterSpec spec = new IvParameterSpec(ivBytes);
        cipher.init(Cipher.ENCRYPT_MODE, jdkKey, spec, random);

        byte[] encrypted = cipher.doFinal("Shiro安全加密".getBytes());

        byte[] output = new byte[ivBytes.length + encrypted.length];
        System.arraycopy(ivBytes, 0, output, 0, ivBytes.length);
        System.arraycopy(encrypted, 0, output, ivBytes.length, encrypted.length);

        byte[] input = de(output);

        System.out.println(new String(input));
    }

    public static byte[] de(byte[] output) throws Exception {
        int sizeInBytes = DEFAULT_KEY_SIZE / BITS_PER_BYTE;
        byte[] ivBytes = new byte[sizeInBytes];
        System.arraycopy(output, 0, ivBytes, 0, sizeInBytes);
        int encryptedSize = output.length - sizeInBytes;
        byte[] encrypted = new byte[encryptedSize];
        System.arraycopy(output, sizeInBytes, encrypted, 0, encryptedSize);

        Cipher cipher = Cipher.getInstance(transformationString);
        Key jdkKey = new SecretKeySpec(decryptionCipherKey, ALGORITHM_NAME);
        IvParameterSpec spec = new IvParameterSpec(ivBytes);
        cipher.init(Cipher.DECRYPT_MODE, jdkKey, spec);

        byte[] decrypted = cipher.doFinal(encrypted);

        return decrypted;
    }

}

AesCipherService

DefaultBlockCipherService

定义加密模式(默认CBC),填充方案(默认PKCS5),块个数(默认0)

AbstractSymmetricCipherService

生成密钥

JcaCipherService

加密、解密

CipherService

Hash

其主要行为是获得Hash加密所需要的元素,算法名称、佐料、加密次数

SimpleHash

其功能是根据加密所需的元素进行加密(使用java.security.*的API),将加密后的byte数组toHex或toBase64

Md5Hash

其主要作用是注入加密所需的元素

 

posted @ 2018-09-26 19:13  BINGJJFLY  阅读(1072)  评论(0编辑  收藏  举报