AES 加密
1.AES 程序加密
1 package com.demo.util; 2 3 import com.demo.exception.BusinessException; 4 import com.demo.model.enums.ErrorEnum; 5 import lombok.extern.slf4j.Slf4j; 6 import org.apache.commons.lang3.RandomStringUtils; 7 import org.apache.commons.lang3.StringUtils; 8 import org.springframework.beans.factory.annotation.Value; 9 import org.springframework.stereotype.Component; 10 11 import javax.crypto.Cipher; 12 import javax.crypto.IllegalBlockSizeException; 13 import javax.crypto.spec.IvParameterSpec; 14 import javax.crypto.spec.SecretKeySpec; 15 import java.nio.charset.StandardCharsets; 16 import java.util.Base64; 17 18 @Component 19 @Slf4j 20 public class AesUtil { 21 private final static String ENCRYPTION_ALGORITHM = "AES/CBC/PKCS5Padding"; 22 23 /** 24 * key 25 */ 26 public static final String aesKey = "lvzVf_JJ_NjFLWULEWpCfg=="; 27 28 /** 29 * key 30 */ 31 public static final String aesIv = "ezmhdhlzao32dtus"; 32 33 /** 34 * @return 生成密码需要的盐 35 */ 36 public static String getSalt() { 37 return RandomStringUtils.randomAlphabetic(64); 38 } 39 40 /** 41 * 对字符串类型的敏感信息,例如手机号,身份证号,银行卡号等进行加密 42 * 注意尽量将加密数据控制在域内,不同域使用不同的aes key及iv 43 * 如对同一个加密信息,需要跨服务加解密或匹配,则需要共享key及iv 44 * 45 * @param plainText 46 * @return 47 * @throws Exception 48 */ 49 public static String encrypt(String plainText) throws BusinessException { 50 if (StringUtils.isBlank(plainText)) { 51 return plainText; 52 } 53 try { 54 Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM); 55 byte[] keyBytes = aesKey.getBytes(StandardCharsets.UTF_8); 56 byte[] iv = aesIv.getBytes(StandardCharsets.UTF_8); 57 SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 58 IvParameterSpec ivSpec = new IvParameterSpec(iv); 59 cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); 60 byte[] cipherText = cipher.doFinal(plainText.getBytes()); 61 return Base64.getUrlEncoder() 62 .encodeToString(cipherText); 63 } catch (Exception ex) { 64 log.error("加密失败:------" + ex.getMessage()); 65 throw new BusinessException(ErrorEnum.ENCRYPTION_ERROR); 66 } 67 } 68 69 /** 70 * 对字符串类型的敏感信息,例如手机号,身份证号,银行卡号等进行解密 71 * 72 * @param cipherText 73 * @return 考虑对未加密内容的兼容,对出现异常的返回原始值 74 * @throws Exception 75 */ 76 public static String decrypt(String cipherText) { 77 if (StringUtils.isBlank(cipherText)) { 78 return cipherText; 79 } 80 try { 81 Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM); 82 byte[] keyBytes = aesKey.getBytes(StandardCharsets.UTF_8); 83 byte[] iv = aesIv.getBytes(StandardCharsets.UTF_8); 84 SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); 85 IvParameterSpec ivSpec = new IvParameterSpec(iv); 86 cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec); 87 byte[] plainText = cipher.doFinal(Base64.getUrlDecoder().decode(cipherText)); 88 return new String(plainText); 89 } catch (IllegalBlockSizeException | IllegalArgumentException ex) { 90 return cipherText; 91 } catch (Exception ex) { 92 log.error("解密失败:------" + ex.getMessage()); 93 throw new BusinessException(ErrorEnum.DECRYPTION_ERROR); 94 } 95 } 96 97 public String getRandom(int length) { 98 char[] arr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 99 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'}; 100 String result = String.valueOf(arr[(int) Math.floor(Math.random() * 36)]); 101 for (int i = 1; i < length; i++) { 102 result += arr[(int) Math.floor(Math.random() * 36)]; 103 } 104 return result; 105 } 106 107 /** 108 * 处理查询手机号加密字符串,假如不是手机号则返回原字符串 109 * 110 * @param rawStr 111 * @return 112 */ 113 public String getQueryPhone(String rawStr) { 114 return TelephoneUtil.isPhoneNumber(rawStr) ? encrypt(rawStr) : rawStr; 115 } 116 117 public static void main(String... args) { 118 //key 119 AesUtil securityUtil = new AesUtil(); 120 // System.out.println(securityUtil.getRandom(32)); 121 //iv 122 System.out.println(securityUtil.getRandom(16)); 123 String param = "1231546"; 124 System.out.println("param:" + param); 125 String encrypt = encrypt(param); 126 System.out.println("encrypt:" + encrypt); 127 String decrypt = decrypt(encrypt); 128 System.out.println("decrypt:" + decrypt); 129 } 130 }