©2020-2024 ioDraw All rights reserved
<>场景
调用第三方接口返回数据需要AES/ECB/PKCS5Padding解密。
<>导入的包
import org.apache.commons.codec.binary.Hex; import org.slf4j.Logger; import org
.slf4j.LoggerFactory; import sun.misc.BASE64Decoder; import javax.crypto.Cipher;
import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.
crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java
.io.UnsupportedEncodingException; import java.security.NoSuchAlgorithmException;
import java.util.Base64;
<>代码片段
public class AESUtil { private static Logger log = LoggerFactory.getLogger(
AESUtil.class); /** * 密钥算法 */ private static final String ALGORITHM = "AES";
/** * 加解密算法/工作模式/填充方式 */ private static final String ALGORITHM_STR =
"AES/ECB/PKCS5Padding"; /** * SecretKeySpec类是KeySpec接口的实现类,用于构建秘密密钥规范 */ private
SecretKeySpec key; public AESUtil(String hexKey) { key = new SecretKeySpec(
hexKey.getBytes(), ALGORITHM); } /** * AES解密 * @param base64Data * @return *
@throws Exception */ public String decryptData(String base64Data) throws
Exception{ Cipher cipher = Cipher.getInstance(ALGORITHM_STR); cipher.init(Cipher
.DECRYPT_MODE, key); return new String(cipher.doFinal(new BASE64Decoder().
decodeBuffer(base64Data))); } /** * 获取密钥 * @return * @throws
NoSuchAlgorithmException */ public static String initKey() throws Exception {
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); //192,256
keyGenerator.init(128); SecretKey secretKey = keyGenerator.generateKey(); return
Base64.getEncoder().encodeToString(secretKey.getEncoded()); } /** *
AES+BASE64加密 * 加密方法 * 与 解密方法 {@link #decrypt} 配套使用 * @param data 要加密的数据 *
@param key 加密所使用的密钥 * @return 加密后的数据 * @throws Exception */ public static String
encrypt(String data, String key) throws Exception { byte[] keyBytes = Base64.
getDecoder().decode(key); SecretKey secretKey = new SecretKeySpec(keyBytes,
"AES"); Cipher decryptionCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
byte[] iv = KeyGenerator.getInstance("AES").generateKey().getEncoded();
IvParameterSpec ivSpec = new IvParameterSpec(iv); decryptionCipher.init(Cipher.
ENCRYPT_MODE, secretKey , ivSpec ); byte[] cipherText = decryptionCipher.doFinal
(data.getBytes()); byte[] iv_cipher = new byte[iv.length + cipherText.length];
int i = 0 ; for (; i < iv.length; i++) { iv_cipher[i] = iv[i]; } for (int j = 0;
j< cipherText.length; j++) { iv_cipher[(i + j)] = cipherText[j]; } return
Base64.getEncoder().encodeToString(iv_cipher); } /** * AES+BASE64解密 * 与
加密方法{@link #encrypt} 配套使用 * @param data 要解密的数据 * @param key 解密所使用的密钥 * @return
解密后的数据, 即源数据 * @throws Exception */ public static String decrypt(String data,
String key) throws Exception { byte[] keyBytes = Base64.getDecoder().decode(key)
; SecretKey keySpec = new SecretKeySpec(keyBytes, "AES"); Cipher
decryptionCipher= Cipher.getInstance("AES/CBC/PKCS5Padding"); byte[] iv_cipher =
Base64.getDecoder().decode(data); byte[] iv = new byte[16]; byte[] cipher = new
byte[iv_cipher.length - 16]; int i = 0; int j = 0; for (; i < 16; i++) { iv[i] =
iv_cipher[i]; } for (; i < iv_cipher.length; i++) { cipher[j] = iv_cipher[i]; j
++; } IvParameterSpec ivSpec = new IvParameterSpec(iv); decryptionCipher.init(2,
keySpec, ivSpec); return new String(decryptionCipher.doFinal(cipher), "UTF-8");
} /** * 加密方法 * 与 解密方法{@link #decryptWithHex} 配套使用 *
将不符合要求的密钥处理为16位的ASCII编码的数组,使用AES加密, * 将加密的字节数组转为十六进制字符数组,然后将其转换为utf-8字符串。 *
@param preString 待加密的字符串 * @param strKey 密钥 * @return */ public static String
encryptWithHex(String preString, String strKey) { try { SecretKey key =
generateMySQLAESKey(strKey,"ASCII"); Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key); byte[] cleartext = preString.getBytes(
"UTF-8"); byte[] ciphertextBytes = cipher.doFinal(cleartext); return new String(
Hex.encodeHex(ciphertextBytes)); } catch (Exception e) { log.error(
"{}字符串通过AES密钥{}加密异常",preString, strKey, e); } return null; } /** * 解密方法 * 与
加密方法{@link #encryptWithHex} 配套使用 * @param preString 待加密的字符串 * @param strKey 密钥
*/ public static String decryptWithHex(String preString, String strKey){ try {
SecretKey key = generateMySQLAESKey(strKey,"ASCII"); Cipher cipher = Cipher.
getInstance("AES"); cipher.init(Cipher.DECRYPT_MODE, key); byte[] cleartext =
Hex.decodeHex(preString.toCharArray()); byte[] ciphertextBytes = cipher.doFinal(
cleartext); return new String(ciphertextBytes, "UTF-8"); } catch (Exception e) {
log.error("{}字符串通过AES密钥{}解密异常",preString, strKey, e); } return null; } /** *
将不符合要求的密钥处理为16位的ASCII编码的字节数组 * 数据库AES算法也是如此处理的 */ private static SecretKeySpec
generateMySQLAESKey(final String key, final String encoding) { try { final byte[
] finalKey = new byte[16]; int i = 0; for(byte b : key.getBytes(encoding)){
finalKey[i++%16] ^= b; } return new SecretKeySpec(finalKey, "AES"); } catch(
UnsupportedEncodingException e) { throw new RuntimeException(e); } } }
<>总结
如有其他更好的方法或者想法,可以留言或联系分享,大家互相学习进步。