注意:本节内容主要参考自《Java加密与解密的艺术(第2版)》第7章“初等加密算法--对称加密算法”
9.1、IDEA
特点:
- 先于AES出来取代DES
- 安全性极高
- 常用于电子邮件加密算法
9.2、实现方式
- Bouncy Castle(BC,工作模式只有ECB,密钥长度为128位)
9.2.1、基于BC实现的IDEA算法
1 package com.util.idea; 2 3 import java.io.UnsupportedEncodingException; 4 import java.security.InvalidAlgorithmParameterException; 5 import java.security.InvalidKeyException; 6 import java.security.Key; 7 import java.security.NoSuchAlgorithmException; 8 import java.security.NoSuchProviderException; 9 import java.security.Security; 10 import java.security.spec.InvalidKeySpecException; 11 12 import javax.crypto.BadPaddingException; 13 import javax.crypto.Cipher; 14 import javax.crypto.IllegalBlockSizeException; 15 import javax.crypto.KeyGenerator; 16 import javax.crypto.NoSuchPaddingException; 17 import javax.crypto.SecretKey; 18 import javax.crypto.spec.SecretKeySpec; 19 20 import org.apache.commons.codec.binary.Base64; 21 import org.bouncycastle.jce.provider.BouncyCastleProvider; 22 23 /** 24 * 基于BC的IDEA算法,工作模式只有ECB 25 */ 26 public class IDEABC { 27 private static final String ENCODING = "UTF-8"; 28 private static final String KEY_ALGORITHM = "IDEA";//产生密钥的算法 29 private static final String CIPHER_ALGORITHM = "IDEA/ECB/PKCS5Padding";//加解密算法 格式:算法/工作模式/填充模式 30 /** 31 * 产生密钥 32 */ 33 public static byte[] getKey() throws NoSuchAlgorithmException{ 34 Security.addProvider(new BouncyCastleProvider());//在BC中用,JDK下去除 35 KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_ALGORITHM); 36 keyGenerator.init(128);//初始化密钥长度,128 37 SecretKey key =keyGenerator.generateKey();//产生密钥 38 return key.getEncoded(); 39 } 40 41 /** 42 * 还原密钥:二进制字节数组转换为Java对象 43 */ 44 public static Key toKey(byte[] keyByte){ 45 return new SecretKeySpec(keyByte, KEY_ALGORITHM); 46 } 47 48 /** 49 * IDEA加密 50 * @param data 带加密数据 51 * @param keyByte 密钥 52 */ 53 public static byte[] encrypt(String data, byte[] keyByte) throws NoSuchAlgorithmException, 54 NoSuchProviderException, 55 NoSuchPaddingException, 56 InvalidKeyException, 57 IllegalBlockSizeException, 58 BadPaddingException, 59 UnsupportedEncodingException { 60 Key key = toKey(keyByte);//还原密钥 61 Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM,"BC");//BC下用 62 cipher.init(Cipher.ENCRYPT_MODE, key);//设置加密模式并且初始化key 63 return cipher.doFinal(data.getBytes(ENCODING)); 64 } 65 66 /** 67 * IDEA加密,并转为16进制字符串或Base64编码字符串 68 */ 69 public static String encryptIDEAHex(String data, byte[] keyByte) throws NoSuchAlgorithmException, 70 NoSuchProviderException, 71 NoSuchPaddingException, 72 InvalidKeyException, 73 IllegalBlockSizeException, 74 BadPaddingException, 75 UnsupportedEncodingException { 76 byte[] encodedByte = encrypt(data, keyByte); 77 //return new String(Hex.encode(encodedByte));//借助BC 78 //return new String(org.apache.commons.codec.binary.Hex.encodeHexString(encodedByte));//借助CC 79 return Base64.encodeBase64String(encodedByte);//借助CC的Base64编码 80 } 81 82 /** 83 * IDEA解密 84 * @param data 待解密数据为字节数组 85 * @param keyByte 密钥 86 */ 87 public static byte[] decrypt(byte[] data, byte[] keyByte) throws NoSuchAlgorithmException, 88 NoSuchProviderException, 89 NoSuchPaddingException, 90 InvalidKeyException, 91 IllegalBlockSizeException, 92 BadPaddingException { 93 Key key = toKey(keyByte);//还原密钥 94 Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM,"BC");//BC下用 95 cipher.init(Cipher.DECRYPT_MODE, key); 96 return cipher.doFinal(data); 97 } 98 99 /** 100 * IDEA解密 101 * @param data 待解密数据为字符串 102 * @param keyByte 密钥 103 */ 104 public static byte[] decrypt(String data, byte[] keyByte) throws NoSuchAlgorithmException, 105 NoSuchProviderException, 106 NoSuchPaddingException, 107 InvalidKeyException, 108 IllegalBlockSizeException, 109 BadPaddingException { 110 Key key = toKey(keyByte);//还原密钥 111 Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM,"BC");//BC下用 112 cipher.init(Cipher.DECRYPT_MODE, key); 113 return cipher.doFinal(Base64.decodeBase64(data));//注意data不可以直接采用data.getByte()方法转化为字节数组,否则会抛异常 114 } 115 116 /** 117 * 测试 118 */ 119 public static void main(String[] args) throws NoSuchAlgorithmException, 120 InvalidKeyException, 121 InvalidKeySpecException, 122 NoSuchPaddingException, 123 IllegalBlockSizeException, 124 BadPaddingException, 125 UnsupportedEncodingException, 126 NoSuchProviderException, 127 InvalidAlgorithmParameterException { 128 String data = "找一个好姑娘做老婆是我的梦 想!"; 129 /*************测试encrypt()、decrypt()**************/ 130 System.out.println("原文-->"+data); 131 byte[] keyByte = IDEABC.getKey(); 132 System.out.println("密钥-->"+Base64.encodeBase64String(keyByte));//这里将二进制的密钥使用base64加密保存,这也是在实际中使用的方式 133 byte[] encodedByte = IDEABC.encrypt(data, keyByte); 134 System.out.println("加密后-->"+encodedByte); 135 byte[] encodedByte2 = IDEABC.encrypt(data, keyByte); 136 System.out.println("加密后-->"+encodedByte2); 137 byte[] decodedByte = IDEABC.decrypt(encodedByte, keyByte); 138 System.out.println("解密后-->"+decodedByte); 139 for(int i=0;i<encodedByte.length;i++){ 140 System.out.println(encodedByte[i]==encodedByte2[i]); 141 } 142 /*************测试encryptIDEAHex()、decrypt()**************/ 143 System.out.println("原文-->"+data); 144 byte[] keyByte3 = IDEABC.getKey(); 145 System.out.println("密钥-->"+Base64.encodeBase64String(keyByte3));//这里将二进制的密钥使用base64加密保存,这也是在实际中使用的方式 146 String encodedStr = IDEABC.encryptIDEAHex(data, keyByte3); 147 System.out.println("加密后-->"+encodedStr); 148 String encodedByte4 = IDEABC.encryptIDEAHex(data, keyByte3); 149 System.out.println("加密后-->"+encodedByte4); 150 byte[] decodedByte3 = IDEABC.decrypt(Base64.decodeBase64(encodedStr), keyByte3); 151 System.out.println("解密Byte[]后-->"+decodedByte3); 152 byte[] decodedByte4 = IDEABC.decrypt(encodedStr, keyByte3); 153 System.out.println("解密String后-->"+decodedByte4); 154 } 155 }
注意:
- 与基于BC实现的AES算法代码基本一样