AES 256 , KEY 的长度为 32字节(32*8=256bit).
AES 128 , KEY 的长度为 16字节(16*8=128bit)
CBC 模式需要IV, IV的值是固定写死,还是当参数传入,自己看情况。IV的长度没研究,这里用的是16字符。
java PKCS5Padding 对应 C#.NET 的 PKCS7 。
明文,KEY和IV 三者 string 转 byte[] 时要统一编码,如UTF-8。
加密后 cipher.doFinal() 得到密文byte[] ,是直接转string,还是转为base64编码的string ,要统一。
Base64Utils :
package com.company; import org.apache.commons.codec.binary.Base64; public class Base64Utils { public static final String _charset = "UTF-8"; /** * BASE64字符串解码为二进制数据 * @param str * @return * @throws Exception */ public static byte[] decode(String str) throws Exception { Base64 _base64 = new Base64(); return _base64.decodeBase64(str.getBytes(_charset)); } /** * 二进制数据编码为BASE64字符串 * @param bytes * @return * @throws Exception */ public static String encode(byte[] bytes) throws Exception { Base64 _base64 = new Base64(); return new String(_base64.encodeBase64Chunked(bytes)); } }
AesUtil:
package com.company; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.io.UnsupportedEncodingException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; /** * AES CBC PKCS5 模式加密解密 */ public class AesUtil { private static final String charset = "UTF-8"; /** * 加密 * @param content * @param key * @param iv * @return * @throws Exception */ public static String encrypt(String content, String key, String iv) throws Exception { //明文 byte[] contentBytes = content.getBytes(charset); //AES KEY byte[] keyBytes = key.getBytes(charset); SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); //AES IV byte[] initParam = iv.getBytes(charset); IvParameterSpec ivParameterSpec = new IvParameterSpec(initParam); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivParameterSpec); byte[] byEnd = cipher.doFinal(contentBytes); //加密后的byte数组转BASE64字符串 String strEnd = Base64Utils.encode(byEnd); return strEnd; } /** * 解密 * @param content * @param key * @param iv * @return * @throws Exception */ public static String decrypt(String content, String key, String iv) throws Exception { //反向解析BASE64字符串为byte数组 byte[] encryptedBytes = Base64Utils.decode(content); //AES KEY byte[] keyBytes = key.getBytes(charset); SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); //AES IV byte[] initParam = iv.getBytes(charset); IvParameterSpec ivParameterSpec = new IvParameterSpec(initParam); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, keySpec, ivParameterSpec); byte[] byEnd = cipher.doFinal(encryptedBytes); //加密后的byte数组直接转字符串 String strEnd = new String(byEnd, charset); return strEnd; } }
AesUtil:base 64 编码引用了 org.apache.commons.codec.binary.Base64,可以从网上下载。http://commons.apache.org/proper/commons-codec/download_codec.cgi
名字:commons-codec-1.12.jar
--
测试代码 main:
package com.company; public class Main { private static final String IV_STRING = "abcdefghABCDEFGH"; public static void main(String[] args) { try { String cc = "中华 HELLO~!@#¥%……&*()——+1"; System.out.println("明文:\r\n" + cc); System.out.println("AES 256 -------:\r\n"); String aesKey = "12345678901234567890123456789012"; String aa = AesUtil.encrypt(cc, aesKey, IV_STRING); System.out.println("密文:\r\n" + aa); String dd = AesUtil.decrypt(aa, aesKey, IV_STRING); System.out.println("解密后明文:\r\n" + dd); } catch (Exception ex) { System.out.println("ex:\r\n" + ex.getMessage()); } } }
end
