java使用bouncycastle加解密

2023-11-07 00:28
文章标签 java 使用 加解密 bouncycastle

本文主要是介绍java使用bouncycastle加解密,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

jdk默认带了一些常见的加解密方式,当我们常见的加解密不能满足时,就需要用到一些第三方的库了,bouncycastle就是其中一种。

但是bouncycastle文档比较少。简单介绍一下写法

1.导入依赖

   <dependency><groupId>org.bouncycastle</groupId><artifactId>bcprov-jdk15on</artifactId><version>1.69</version></dependency>

2.写代码

常见的有两种方式,一种使用BouncyCastleProvider,另一种使用BlockCipherEngine

BouncyCastleProvider使用方式跟原生jdk类似,多数getInstance的地方指定一下provider就行

BouncyCastleProvider方式DES加解密代码如下

package com.vvvtimes.demo.util.endecrypt;import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.jce.provider.BouncyCastleProvider;import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
import java.security.Key;
import java.security.NoSuchAlgorithmException;@Slf4j
public class BcDesUtil {private static final BouncyCastleProvider provider;//BouncyCastle与JDK加解密类区别//KeyFactory.getInstance("RSA"); +provider-->KeyFactory.getInstance("RSA", provider)//Cipher.getInstance("RSA");  +provider-->Cipher.getInstance("RSA", provider)//Signature.getInstance("SHA1withRSA"); +provider-->Signature.getInstance("SHA1withRSA", provider);//KeyGenerator.getInstance("DES") ; +provider-->KeyGenerator.getInstance("DES", provider); 或者KeyGenerator.getInstance("DES","BC")/*** 偏移变量,固定占8位字节*/private final static String IV_PARAMETER = "12345678";/** 生成key*/public byte[] generateKey() {KeyGenerator keyGenerator = null;try {keyGenerator = KeyGenerator.getInstance("DES",provider);keyGenerator.init(56);SecretKey secretKey = keyGenerator.generateKey();byte[] encoded = secretKey.getEncoded();return encoded;} catch (NoSuchAlgorithmException e) {e.printStackTrace();}return null;}/*** 生成key** @param password 密钥字符串* @return 密钥对象* @throws Exception*/private static Key convertKey(byte[] password) throws Exception {DESKeySpec dks = new DESKeySpec(password);SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES",provider);return keyFactory.generateSecret(dks);}/*** DES加密*/public static byte[] encrypt(byte[] data, byte[] password) {if (password == null || password.length < 8) {throw new RuntimeException("加密失败,key不能小于8位");}if (data == null)return null;try {Key secretKey = convertKey(password);Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding",provider);IvParameterSpec iv = new IvParameterSpec(IV_PARAMETER.getBytes("utf-8"));cipher.init(Cipher.ENCRYPT_MODE, secretKey, iv);byte[] bytes = cipher.doFinal(data);return bytes;} catch (Exception e) {e.printStackTrace();return data;}}/*** DES解密解密字符串*/public static byte[] decrypt(byte[] data, byte[] password) {if (password == null || password.length < 8) {throw new RuntimeException("加密失败,key不能小于8位");}if (data == null)return null;try {Key secretKey = convertKey(password);Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding",provider);IvParameterSpec iv = new IvParameterSpec(IV_PARAMETER.getBytes("utf-8"));cipher.init(Cipher.DECRYPT_MODE, secretKey, iv);byte[] bytes = cipher.doFinal(data);return bytes;} catch (Exception e) {e.printStackTrace();return data;}}/*** byte数组转十六进制** @param bytes* @return*/public static String byte2HexString(byte[] bytes) {StringBuilder hex = new StringBuilder();if (bytes != null) {for (Byte b : bytes) {hex.append(String.format("%02X", b.intValue() & 0xFF));}}return hex.toString();}//测试public static void main(String[] args) throws Exception {String source = "admin测试信息1234!@#$%^&*()_+";System.out.println("原  文: " + source);String password = "lw112190@2023";byte[] encryptDataBytes = encrypt(source.getBytes("utf-8"), password.getBytes("utf-8"));String encryptData = byte2HexString(encryptDataBytes);System.out.println("加密后: " + encryptData);byte[] decryptDataBytes = decrypt(encryptDataBytes, password.getBytes("utf-8"));String decryptData = new String(decryptDataBytes, "utf-8");;System.out.println("解密后: " + decryptData);}static {provider = new BouncyCastleProvider();}
}

BlockCipherEngine方式的DES加解密代码如下

package com.vvvtimes.demo.util.endecrypt;import org.bouncycastle.crypto.BlockCipher;
import org.bouncycastle.crypto.BufferedBlockCipher;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.DESEngine;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.PKCS7Padding;
import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import org.bouncycastle.crypto.params.DESParameters;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.jce.provider.BouncyCastleProvider;import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;public class BcDesEngineUtil {private final static BlockCipher engine;private static final BouncyCastleProvider provider;/*** 偏移变量,固定占8位字节*/private final static String IV_PARAMETER = "12345678";/*** 生成key** @param password 密钥字符串* @return 密钥对象* @throws Exception*/private static byte[] convertKeyEncoded(byte[] password) {byte[] result = null;try {DESKeySpec dks  = new DESKeySpec(password);SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES",provider);SecretKey secretKey = keyFactory.generateSecret(dks);return secretKey.getEncoded();} catch (InvalidKeyException e) {e.printStackTrace();} catch (NoSuchAlgorithmException e) {e.printStackTrace();} catch (InvalidKeySpecException e) {e.printStackTrace();}return result;}private static byte[] encrypt( byte[] ptBytes,byte[] key) throws InvalidCipherTextException, UnsupportedEncodingException {BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine), new PKCS7Padding());cipher.init(true, new ParametersWithIV(new DESParameters(key), IV_PARAMETER.getBytes("utf-8")));byte[] rv = new byte[cipher.getOutputSize(ptBytes.length)];int tam = cipher.processBytes(ptBytes, 0, ptBytes.length, rv, 0);cipher.doFinal(rv, tam);return rv;}private static byte[] decrypt( byte[] cipherText,byte[] key) throws InvalidCipherTextException, UnsupportedEncodingException {BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine), new PKCS7Padding());cipher.init(false, new ParametersWithIV(new DESParameters( key),IV_PARAMETER.getBytes("utf-8")));byte[] rv = new byte[cipher.getOutputSize(cipherText.length)];int tam = cipher.processBytes(cipherText, 0, cipherText.length, rv, 0);cipher.doFinal(rv, tam);return rv;}/*** byte数组转十六进制** @param bytes* @return*/public static String byte2HexString(byte[] bytes) {StringBuilder hex = new StringBuilder();if (bytes != null) {for (Byte b : bytes) {hex.append(String.format("%02X", b.intValue() & 0xFF));}}return hex.toString();}//测试public static void main(String[] args) throws Exception {String source = "admin测试信息1234!@#$%^&*()_+";System.out.println("原  文: " + source);String password = "lw112190@2023";//String password ="geffzhan";//String password ="lw112190";byte[] keyEncoded = convertKeyEncoded(password.getBytes("utf-8"));byte[] encryptDataBytes = encrypt(source.getBytes("utf-8"), keyEncoded);String encryptData = byte2HexString(encryptDataBytes);System.out.println("加密后: " + encryptData);byte[] decryptDataBytes = decrypt(encryptDataBytes, keyEncoded);String decryptData = new String(decryptDataBytes, "utf-8");;System.out.println("解密后: " + decryptData);/**原  文: admin测试信息1234!@#$%^&*()_+加密后: 1D5C21B694A9085A69BE7EA37C197D1632239545298613B944C3AC272750A519F66FB43EFEC55C89解密后: admin测试信息1234!@#$%^&*()_+*/}static {engine = new DESEngine();provider = new BouncyCastleProvider();}}

3.其他示例

AES加解密

package com.vvvtimes.demo.util.endecrypt;import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.jce.provider.BouncyCastleProvider;import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.AlgorithmParameters;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidParameterSpecException;@Slf4j
public class BcAesUtil {private static final BouncyCastleProvider provider;/*** 偏移变量,固定占8位字节*/private final static String IV_PARAMETER = "1234567890123456";/*** AES加密*/public static byte[] encrypt(byte[] data, byte[] password, byte[] iv) {if (data == null)return null;try {Key secretKey = new SecretKeySpec(password,"AES");Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding",provider);AlgorithmParameters generateIV = generateIV(iv);cipher.init(Cipher.ENCRYPT_MODE, secretKey, generateIV);byte[] bytes = cipher.doFinal(data);return bytes;} catch (Exception e) {e.printStackTrace();return data;}}/*** AES解密解密字符串*/public static byte[] decrypt(byte[] data, byte[] password, byte[] iv) {if (data == null)return null;try {Key secretKey = new SecretKeySpec(password,"AES");Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding",provider);AlgorithmParameters generateIV = generateIV(iv);cipher.init(Cipher.DECRYPT_MODE, secretKey, generateIV);byte[] bytes = cipher.doFinal(data);return bytes;} catch (Exception e) {e.printStackTrace();return data;}}public static AlgorithmParameters generateIV(byte[] iv){AlgorithmParameters params = null;try {params = AlgorithmParameters.getInstance("AES");params.init(new IvParameterSpec(iv));} catch (NoSuchAlgorithmException | InvalidParameterSpecException e) {e.printStackTrace();}return params;}/*** byte数组转十六进制** @param bytes* @return*/public static String byte2HexString(byte[] bytes) {StringBuilder hex = new StringBuilder();if (bytes != null) {for (Byte b : bytes) {hex.append(String.format("%02X", b.intValue() & 0xFF));}}return hex.toString();}//测试public static void main(String[] args) throws Exception {String source = "admin测试信息1234!@#$%^&*()_+";System.out.println("原  文: " + source);String password = "passwordpassword";byte[] encryptDataBytes = encrypt(source.getBytes("utf-8"), password.getBytes("utf-8"),IV_PARAMETER.getBytes("utf-8"));String encryptData = byte2HexString(encryptDataBytes);System.out.println("加密后: " + encryptData);byte[] decryptDataBytes = decrypt(encryptDataBytes, password.getBytes("utf-8"),IV_PARAMETER.getBytes("utf-8"));String decryptData = new String(decryptDataBytes, "utf-8");System.out.println("解密后: " + decryptData);}static {provider = new BouncyCastleProvider();}
}

RSA私钥解密 签名

package com.vvvtimes.demo.util.endecrypt;import cn.hutool.core.codec.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.nio.charset.Charset;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;public class BcRsaUtil {private static final BouncyCastleProvider provider;private static PrivateKey getPrivateKey(String pkcs8Key) {byte[] pkcs8Keybytes = Base64.decode(pkcs8Key.getBytes(Charset.forName("UTF-8")));final PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(pkcs8Keybytes);try {return KeyFactory.getInstance("RSA", provider).generatePrivate(pkcs8EncodedKeySpec);} catch (Exception ex) {ex.printStackTrace();return null;}}/*** RSA私钥解密** @param inputByte 待解密字节数组* @param pkcs8Key  私钥* @return 明文*/public static byte[] decrypt(byte[] inputByte, String pkcs8Key) {byte[] outputeByte = null;try {PrivateKey privateKey = getPrivateKey(pkcs8Key);//RSA解密Cipher cipher = Cipher.getInstance("RSA", provider);cipher.init(Cipher.DECRYPT_MODE, privateKey);outputeByte = cipher.doFinal(inputByte);} catch (NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException e) {e.printStackTrace();}return outputeByte;}public static byte[] sign(final byte[] array, String pkcs8Key) {try {PrivateKey privateKey = getPrivateKey(pkcs8Key);final Signature instance = Signature.getInstance("SHA1withRSA", provider);instance.initSign(privateKey);instance.update(array);return instance.sign();} catch (GeneralSecurityException ex) {throw new RuntimeException("License Server installation error 0000000F2", ex);}}static {provider = new BouncyCastleProvider();}
}

实际上bouncycastle还支持部分国密算法,这一部分不用自己写实现了。

这篇关于java使用bouncycastle加解密的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!


http://www.chinasem.cn/article/360008

相关文章

JVM 的类初始化机制

JVM 的类初始化机制

前言 当你在 Java 程序中new对象时,有没有考虑过 JVM 是如何把静态的字节码(byte code)转化为运行时对象的呢,这个问题看似简单,但清楚的同学相信也不会太多,这篇文章首先介绍 JVM 类初始化的机制,然后给出几个易出错的实例来分析,帮助大家更好理解这个知识点。 JVM 将字节码转化为运行时对象分为三个阶段,分别是:loading 、Linking、initialization
阅读更多...
Spring Security 基于表达式的权限控制

Spring Security 基于表达式的权限控制

前言 spring security 3.0已经可以使用spring el表达式来控制授权,允许在表达式中使用复杂的布尔逻辑来控制访问的权限。 常见的表达式 Spring Security可用表达式对象的基类是SecurityExpressionRoot。 表达式描述hasRole([role])用户拥有制定的角色时返回true (Spring security默认会带有ROLE_前缀),去
阅读更多...
浅析Spring Security认证过程

浅析Spring Security认证过程

类图 为了方便理解Spring Security认证流程,特意画了如下的类图,包含相关的核心认证类 概述 核心验证器 AuthenticationManager 该对象提供了认证方法的入口,接收一个Authentiaton对象作为参数; public interface AuthenticationManager {Authentication authenticate(Authenti
阅读更多...
Spring Security--Architecture Overview

Spring Security--Architecture Overview

1 核心组件 这一节主要介绍一些在Spring Security中常见且核心的Java类,它们之间的依赖,构建起了整个框架。想要理解整个架构,最起码得对这些类眼熟。 1.1 SecurityContextHolder SecurityContextHolder用于存储安全上下文(security context)的信息。当前操作的用户是谁,该用户是否已经被认证,他拥有哪些角色权限…这些都被保
阅读更多...
Spring Security基于数据库验证流程详解

Spring Security基于数据库验证流程详解

Spring Security 校验流程图 相关解释说明(认真看哦) AbstractAuthenticationProcessingFilter 抽象类 /*** 调用 #requiresAuthentication(HttpServletRequest, HttpServletResponse) 决定是否需要进行验证操作。* 如果需要验证,则会调用 #attemptAuthentica
阅读更多...
Spring Security 从入门到进阶系列教程

Spring Security 从入门到进阶系列教程

Spring Security 入门系列 《保护 Web 应用的安全》 《Spring-Security-入门(一):登录与退出》 《Spring-Security-入门(二):基于数据库验证》 《Spring-Security-入门(三):密码加密》 《Spring-Security-入门(四):自定义-Filter》 《Spring-Security-入门(五):在 Sprin
阅读更多...
Java架构师知识体认识

Java架构师知识体认识

源码分析 常用设计模式 Proxy代理模式Factory工厂模式Singleton单例模式Delegate委派模式Strategy策略模式Prototype原型模式Template模板模式 Spring5 beans 接口实例化代理Bean操作 Context Ioc容器设计原理及高级特性Aop设计原理Factorybean与Beanfactory Transaction 声明式事物
阅读更多...
中文分词jieba库的使用与实景应用(一)

中文分词jieba库的使用与实景应用(一)

知识星球:https://articles.zsxq.com/id_fxvgc803qmr2.html 目录 一.定义: 精确模式(默认模式): 全模式: 搜索引擎模式: paddle 模式(基于深度学习的分词模式): 二 自定义词典 三.文本解析   调整词出现的频率 四. 关键词提取 A. 基于TF-IDF算法的关键词提取 B. 基于TextRank算法的关键词提取
阅读更多...
使用SecondaryNameNode恢复NameNode的数据

使用SecondaryNameNode恢复NameNode的数据

1)需求: NameNode进程挂了并且存储的数据也丢失了,如何恢复NameNode 此种方式恢复的数据可能存在小部分数据的丢失。 2)故障模拟 (1)kill -9 NameNode进程 [lytfly@hadoop102 current]$ kill -9 19886 (2)删除NameNode存储的数据(/opt/module/hadoop-3.1.4/data/tmp/dfs/na
阅读更多...
Hadoop数据压缩使用介绍

Hadoop数据压缩使用介绍

一、压缩原则 (1)运算密集型的Job,少用压缩 (2)IO密集型的Job,多用压缩 二、压缩算法比较 三、压缩位置选择 四、压缩参数配置 1)为了支持多种压缩/解压缩算法,Hadoop引入了编码/解码器 2)要在Hadoop中启用压缩,可以配置如下参数
阅读更多...

Copyright China编程 23002807@qq.com

沪ICP备2023033072号-2