设为首页收藏本站
开启辅助访问

java

 您所在的位置:网站首页 java数据传输 java

java

2023-06-29 00:08| 来源: 网络整理| 查看: 265

加密、解密算法类型

看下常见的加密、解密算法类型:

对称加密:速度快,可逆,常见DES,AES等非对称加密:速度慢,可逆,常见RSA等签名算法:唯一,不可逆,常见MD5,SHA,SHA256等

安全数据传输方案

如果安全的数据传输,考虑传输数据较大,则可以将几类加密、解密算法结合起来使用:安全的数据传输方案如下:

这里按照 A、B作为交换数据的双方,A向B发送加密数据。前提,A,B都有自己的RSA公钥和私钥且A,B已经交换过RSA公钥A,B使用相同的一套加密、解密算法(对称加密DES、非对称加密RSA、签名算法SHA256举例)

A,B使用相同的一套加密、解密算法,可以让A,B使用同一套SDK,SDK包含了标准的对称加密DES、非对称加密RSA、签名算法SHA256的实现;A,B也按照相同的SDK处理加密、解密以及数据传输。

源码

不废话了,下面直接上代码:

业务数据的加密、解密:接口:

import java.util.Map; public interface BusinessCryptoService { /** * 根据key加密数据 * * @param yourPublicKey 对方公钥 * @param password 密码 * @param data 数据 * @return 加密数据 */ Map encrypt(String yourPublicKey, String publicKey, String privateKey, String password, String data); /** * 根据key解密数据 * * @param yourPublicKey 对方公钥 * @param password 加密密码 * @param data 加密数据 * @param sign 签名数据 * @return 解密数据 */ Map decrypt(String yourPublicKey, String privateKey, String password, String data, String sign); }

实现类:

import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.util.Base64Utils; import java.nio.charset.StandardCharsets; import java.util.HashMap; import java.util.Map; /** * 业务数据加密/解密 */ @Service public class BusinessCryptoServiceImpl implements BusinessCryptoService { /** * 对称加密 */ @Autowired private DESCryptoServiceImpl desCryptoService; /** * 非对称加密 */ @Autowired private RSACryptoServiceImpl rsaCryptoService; /** * 非对称加密反向算法 */ @Autowired private RSAReverseCryptoServiceImpl rsaReverseCryptoService; /** * 签名算法 */ @Autowired private SHA256CryptoServiceImpl sha256CryptoService; @Override public Map encrypt(String yourPublicKey, String publicKey, String privateKey, String password, String data) { Map encryptDataMap = new HashMap(16); byte[] passwordData = Base64Utils.encode(password.getBytes(StandardCharsets.UTF_8)); byte[] encryptPassword = rsaCryptoService.encrypt(Base64Utils.decodeFromString(yourPublicKey), passwordData); //密码公钥加密 encryptDataMap.put("password", Base64Utils.encodeToString(encryptPassword)); byte[] srcData = Base64Utils.encode(data.getBytes(StandardCharsets.UTF_8)); byte[] encryptData = desCryptoService.encrypt(passwordData, srcData); encryptDataMap.put("data", Base64Utils.encodeToString(encryptData)); byte[] signData = sha256CryptoService.encrypt(null, encryptData); byte[] encryptSignData = rsaReverseCryptoService.encrypt(Base64Utils.decodeFromString(privateKey), signData); encryptDataMap.put("sign", Base64Utils.encodeToString(encryptSignData)); return encryptDataMap; } @Override public Map decrypt(String yourPublicKey, String privateKey, String password, String data, String sign) { Map decryptDataMap = new HashMap(); //接收数据签名 byte[] decryptSignData = sha256CryptoService.encrypt(null, Base64Utils.decodeFromString(data)); decryptDataMap.put("decryptSign", Base64Utils.encodeToString(decryptSignData)); //解密签名 byte[] signData = rsaReverseCryptoService.decrypt(Base64Utils.decodeFromString(yourPublicKey), Base64Utils.decodeFromString(sign)); decryptDataMap.put("realSign", Base64Utils.encodeToString(signData)); //验签 if (!Base64Utils.encodeToString(decryptSignData).equals(Base64Utils.encodeToString(signData))) { //验签不通过 return decryptDataMap; } //解密密码 byte[] decyptPassword = rsaCryptoService.decrypt(Base64Utils.decodeFromString(privateKey), Base64Utils.decodeFromString(password)); decryptDataMap.put("decyptPassword", new String(Base64Utils.decode(decyptPassword), StandardCharsets.UTF_8)); //解密数据 byte[] decryptData = desCryptoService.decrypt(decyptPassword, Base64Utils.decodeFromString(data)); decryptDataMap.put("decyptData", new String(Base64Utils.decode(decryptData), StandardCharsets.UTF_8)); return decryptDataMap; } }

通用加解密:接口

/** * 加解密服务 */ public interface CryptoService { /** * 根据key加密数据 * * @param password 密码 * @param data 数据 * @return 加密数据 */ byte[] encrypt(byte[] password, byte[] data); /** * 根据key解密数据 * * @param password 密码 * @param data 数据 * @return 解密数据 */ byte[] decrypt(byte[] password, byte[] data); }

DES对称加密、解密

import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import javax.crypto.*; import javax.crypto.spec.DESKeySpec; import javax.crypto.spec.IvParameterSpec; import java.nio.charset.StandardCharsets; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; /** * DES加密/解密 */ @Service @Slf4j public class DESCryptoServiceImpl implements CryptoService { /** * 密钥算法 */ private static final String KEY_ALGORITHM = "DES"; /** * 加密/解密算法-工作模式-填充模式 */ private static final String CIPHER_ALGORITHM = "DES/CBC/PKCS5Padding"; /** * 偏移量参数 */ private static final String IV_PARAMETER_SPEC = "00000000"; public static Key generateKey(byte[] password) { Key key = null; try { if (null == password || password.length < 8) { log.error("generateKey.exception,req:{}", new String(password), new InvalidKeyException("生成密钥失败,密码不能小于8位")); return null; } DESKeySpec desKeySpec = new DESKeySpec(password); SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(KEY_ALGORITHM); key = secretKeyFactory.generateSecret(desKeySpec); } catch (InvalidKeyException e) { log.error("generateKey.exception,req:{}", new String(password), e); } catch (NoSuchAlgorithmException e) { log.error("generateKey.exception,req:{}", new String(password), e); } catch (InvalidKeySpecException e) { log.error("generateKey.exception,req:{}", new String(password), e); } return key; } @Override public byte[] encrypt(byte[] password, byte[] data) { byte[] encryptData = null; if (null == password) { log.error("encrypt.exception:password is null"); return null; } if (null == data) { log.error("encrypt.exception:data is null"); return null; } try { IvParameterSpec ivParameterSpec = new IvParameterSpec(IV_PARAMETER_SPEC.getBytes(StandardCharsets.UTF_8)); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, generateKey(password), ivParameterSpec); encryptData = cipher.doFinal(data); } catch (NoSuchPaddingException e) { log.error("encrypt.exception:", e); } catch (NoSuchAlgorithmException e) { log.error("encrypt.exception:", e); } catch (InvalidKeyException e) { log.error("encrypt.exception:", e); } catch (IllegalBlockSizeException e) { log.error("encrypt.exception:", e); } catch (BadPaddingException e) { log.error("encrypt.exception:", e); } catch (InvalidAlgorithmParameterException e) { log.error("encrypt.exception:", e); } return encryptData; } @Override public byte[] decrypt(byte[] password, byte[] data) { byte[] decryptData = null; if (null == password) { log.error("decrypt.exception:key is null"); return null; } if (null == data) { log.error("decrypt.exception:data is null"); return null; } try { IvParameterSpec ivParameterSpec = new IvParameterSpec(IV_PARAMETER_SPEC.getBytes(StandardCharsets.UTF_8)); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, generateKey(password), ivParameterSpec); decryptData = cipher.doFinal(data); } catch (NoSuchPaddingException e) { log.error("decrypt.exception:", e); } catch (IllegalBlockSizeException e) { log.error("decrypt.exception:", e); } catch (NoSuchAlgorithmException e) { log.error("decrypt.exception:", e); } catch (BadPaddingException e) { log.error("decrypt.exception:", e); } catch (InvalidKeyException e) { log.error("decrypt.exception:", e); } catch (InvalidAlgorithmParameterException e) { log.error("decrypt.exception:", e); } return decryptData; } }

RSA非对称公钥加密、私钥解密

import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import java.security.*; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.ArrayList; import java.util.List; /** * REA正向公钥加密/私钥解密 */ @Service @Slf4j public class RSACryptoServiceImpl implements CryptoService { /** * 密钥算法 */ private static final String ALGORITHM = "RSA"; public static List generateKey(int modulus) { List keyList = null; try { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM); keyPairGenerator.initialize(modulus); KeyPair keyPair = keyPairGenerator.generateKeyPair(); keyList = new ArrayList(); keyList.add(keyPair.getPublic()); keyList.add(keyPair.getPrivate()); } catch (NoSuchAlgorithmException e) { log.error("generateKey.exception,req:{}", modulus, e); } return keyList; } public static List generateKeyByte(int modulus) { List keyStringList = null; List keyList = generateKey(modulus); if(null == keyList){ return keyStringList; } keyStringList = new ArrayList(); keyStringList.add(keyList.get(0).getEncoded()); keyStringList.add(keyList.get(1).getEncoded()); return keyStringList; } @Override public byte[] encrypt(byte[] password, byte[] data) { byte[] encryptData = null; try { X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(password); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, keyFactory.generatePublic(x509EncodedKeySpec)); encryptData = cipher.doFinal(data); } catch (NoSuchPaddingException e) { log.error("encrypt.exception:", e); } catch (IllegalBlockSizeException e) { log.error("encrypt.exception:", e); } catch (NoSuchAlgorithmException e) { log.error("encrypt.exception:", e); } catch (InvalidKeySpecException e) { log.error("encrypt.exception:", e); } catch (BadPaddingException e) { log.error("encrypt.exception:", e); } catch (InvalidKeyException e) { log.error("encrypt.exception:", e); } return encryptData; } @Override public byte[] decrypt(byte[] password, byte[] data) { byte[] decryptData = null; try { PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(password); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, keyFactory.generatePrivate(pkcs8EncodedKeySpec)); decryptData = cipher.doFinal(data); } catch (NoSuchPaddingException e) { log.error("decrypt.exception:", e); } catch (IllegalBlockSizeException e) { log.error("decrypt.exception:", e); } catch (NoSuchAlgorithmException e) { log.error("decrypt.exception:", e); } catch (InvalidKeySpecException e) { log.error("decrypt.exception:", e); } catch (BadPaddingException e) { log.error("decrypt.exception:", e); } catch (InvalidKeyException e) { log.error("decrypt.exception:", e); } return decryptData; } }

RSA非对称,(反向),私钥加密,公钥解密

import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import java.security.*; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; /** * REA反向私钥加密/公钥解密 */ @Service @Slf4j public class RSAReverseCryptoServiceImpl implements CryptoService { /** * 密钥算法 */ private static final String ALGORITHM = "RSA"; @Override public byte[] encrypt(byte[] password, byte[] data) { byte[] encryptData = null; try { PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(password); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, keyFactory.generatePrivate(pkcs8EncodedKeySpec)); encryptData = cipher.doFinal(data); } catch (NoSuchPaddingException e) { log.error("encrypt.exception:", e); } catch (IllegalBlockSizeException e) { log.error("encrypt.exception:", e); } catch (NoSuchAlgorithmException e) { log.error("encrypt.exception:", e); } catch (InvalidKeySpecException e) { log.error("encrypt.exception:", e); } catch (BadPaddingException e) { log.error("encrypt.exception:", e); } catch (InvalidKeyException e) { log.error("encrypt.exception:", e); } return encryptData; } @Override public byte[] decrypt(byte[] password, byte[] data) { byte[] decryptData = null; try { X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(password); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, keyFactory.generatePublic(x509EncodedKeySpec)); decryptData = cipher.doFinal(data); } catch (NoSuchPaddingException e) { log.error("decrypt.exception:", e); } catch (IllegalBlockSizeException e) { log.error("decrypt.exception:", e); } catch (NoSuchAlgorithmException e) { log.error("decrypt.exception:", e); } catch (InvalidKeySpecException e) { log.error("decrypt.exception:", e); } catch (BadPaddingException e) { log.error("decrypt.exception:", e); } catch (InvalidKeyException e) { log.error("decrypt.exception:", e); } return decryptData; } }

SHA256签名(加密),无解密

import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; /** * SHA256签名 */ @Service @Slf4j public class SHA256CryptoServiceImpl implements CryptoService { /** * 密钥算法 */ private static final String ALGORITHM = "SHA-256"; @Override public byte[] encrypt(byte[] password, byte[] data) { byte[] encryptData = null; if (null == data || data.length


【本文地址】


今日新闻

推荐新闻

CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3