1 package com.ice.webos.util.security;
2
3 import java.io.UnsupportedEncodingException;
4 import java.math.BigInteger;
5 import java.security.Key;
6 import java.security.MessageDigest;
7 import java.security.SecureRandom;
8
9 import javax.crypto.Cipher;
10 import javax.crypto.KeyGenerator;
11 import javax.crypto.Mac;
12 import javax.crypto.SecretKey;
13 import javax.crypto.SecretKeyFactory;
14 import javax.crypto.spec.DESKeySpec;
15 import javax.crypto.spec.SecretKeySpec;
16
17 import sun.misc.BASE64Decoder;
18 import sun.misc.BASE64Encoder;
19
20 /**
21 * <ul>
22 * <li>BASE64的加密解密是双向的,可以求反解。</li>
23 * <li>MD5、SHA以及HMAC是单向加密,任何数据加密后只会产生唯一的一个加密串,通常用来校验数据在传输过程中是否被修改。</li>
24 * <li>HMAC算法有一个密钥,增强了数据传输过程中的安全性,强化了算法外的不可控因素。</li>
25 * <li>DES DES-Data Encryption Standard,即数据加密算法。
26 * DES算法的入口参数有三个:Key、Data、Mode。
27 * <ul>
28 * <li>Key:8个字节共64位,是DES算法的工作密钥;</li>
29 * <li>Data:8个字节64位,是要被加密或被解密的数据;</li>
30 * <li>Mode:DES的工作方式,有两种:加密或解密。</li>
31 * </ul>
32 * </li>
33 * <ul>
34 *
35 * @author Ice_Liu
36 *
37 */
38 public class CryptUtil {
39 private static final String KEY_MD5 = "MD5";
40 private static final String KEY_SHA = "SHA";
41 /**
42 * MAC算法可选以下多种算法
43 *
44 * <pre>
45 *
46 * HmacMD5
47 * HmacSHA1
48 * HmacSHA256
49 * HmacSHA384
50 * HmacSHA512
51 * </pre>
52 */
53 public static final String KEY_MAC = "HmacMD5";
54
55 /**
56 * BASE64解密
57 *
58 * @param key
59 * @return
60 * @throws Exception
61 */
62 public static byte[] decryptBASE64(String key) throws Exception {
63 return (new BASE64Decoder()).decodeBuffer(key);
64 }
65
66 /**
67 * BASE64 加密
68 *
69 * @param key
70 * @return
71 * @throws Exception
72 */
73 public static String encryptBASE64(byte[] key) throws Exception {
74 return (new BASE64Encoder()).encodeBuffer(key);
75 }
76
77 /**
78 * MD5加密
79 *
80 * @param data
81 * @return
82 * @throws Exception
83 */
84 public static byte[] encryptMD5(byte[] data) throws Exception {
85
86 MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);
87 md5.update(data);
88
89 return md5.digest();
90
91 }
92
93 /**
94 * SHA加密
95 *
96 * @param data
97 * @return
98 * @throws Exception
99 */
100 public static byte[] encryptSHA(byte[] data) throws Exception {
101
102 MessageDigest sha = MessageDigest.getInstance(KEY_SHA);
103 sha.update(data);
104
105 return sha.digest();
106
107 }
108
109 /**
110 * 初始化HMAC密钥
111 *
112 * @return
113 * @throws Exception
114 */
115 public static String initMacKey() throws Exception {
116 KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC);
117 SecretKey secretKey = keyGenerator.generateKey();
118 return encryptBASE64(secretKey.getEncoded());
119 }
120
121 /**
122 * HMAC 加密
123 *
124 * @param data
125 * @param key
126 * @return
127 * @throws Exception
128 */
129 public static byte[] encryptHMAC(byte[] data, String key) throws Exception {
130 SecretKey secretKey = new SecretKeySpec(decryptBASE64(key), KEY_MAC);
131 Mac mac = Mac.getInstance(secretKey.getAlgorithm());
132 mac.init(secretKey);
133 return mac.doFinal(data);
134 }
135
136 /**
137 * DES 算法 <br>
138 * 可替换为以下任意一种算法,同时key值的size相应改变。
139 *
140 * <pre>
141 * DES key size must be equal to 56
142 * DESede(TripleDES) key size must be equal to 112 or 168
143 * AES key size must be equal to 128, 192 or 256,but 192 and 256 bits may not be available
144 * Blowfish key size must be multiple of 8, and can only range from 32 to 448 (inclusive)
145 * RC2 key size must be between 40 and 1024 bits
146 * RC4(ARCFOUR) key size must be between 40 and 1024 bits
147 * </pre>
148 */
149 public static final String ALGORITHM = "DES";
150
151 /**
152 * DES 算法转换密钥<br>
153 *
154 * @param key
155 * @return
156 * @throws Exception
157 */
158 private static Key toKey(byte[] key) throws Exception {
159 SecretKey secretKey = null;
160 if (ALGORITHM.equals("DES") || ALGORITHM.equals("DESede")) {
161 DESKeySpec dks = new DESKeySpec(key);
162 SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
163 secretKey = keyFactory.generateSecret(dks);
164 } else {
165 // 当使用其他对称加密算法时,如AES、Blowfish等算法时,用下述代码替换上述三行代码
166 secretKey = new SecretKeySpec(key, ALGORITHM);
167 }
168 return secretKey;
169 }
170
171 /**
172 * DES 算法解密
173 *
174 * @param data
175 * @param key
176 * @return
177 * @throws Exception
178 */
179 public static byte[] decrypt(byte[] data, String key) throws Exception {
180 Key k = toKey(decryptBASE64(key));
181 Cipher cipher = Cipher.getInstance(ALGORITHM);
182 cipher.init(Cipher.DECRYPT_MODE, k);
183 return cipher.doFinal(data);
184 }
185
186 /**
187 * DES 算法加密
188 *
189 * @param data
190 * @param key
191 * @return
192 * @throws Exception
193 */
194 public static byte[] encrypt(byte[] data, String key) throws Exception {
195 Key k = toKey(decryptBASE64(key));
196 Cipher cipher = Cipher.getInstance(ALGORITHM);
197 cipher.init(Cipher.ENCRYPT_MODE, k);
198 return cipher.doFinal(data);
199 }
200
201 /**
202 * DES 算法生成密钥
203 *
204 * @return
205 * @throws Exception
206 */
207 public static String initKey() throws Exception {
208 return initKey(null);
209 }
210
211 /**
212 * DES 算法生成密钥
213 *
214 * @param seed
215 * @return
216 * @throws Exception
217 */
218 public static String initKey(String seed) throws Exception {
219 SecureRandom secureRandom = null;
220 if (seed != null) {
221 secureRandom = new SecureRandom(decryptBASE64(seed));
222 } else {
223 secureRandom = new SecureRandom();
224 }
225 KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM);
226 kg.init(secureRandom);
227 SecretKey secretKey = kg.generateKey();
228 return encryptBASE64(secretKey.getEncoded());
229 }
230
231 public static void main(String[] args) {
232 try {
233 String s = "阿伯才的覆盖";
234 String b = CryptUtil.encryptBASE64(s.getBytes("UTF-8"));
235 System.out.println("BASE64加密后:" + b);
236 byte[] c = CryptUtil.decryptBASE64(b);
237 System.out.println("BASE64解密后:" + new String(c, "UTF-8"));
238
239 c = encryptMD5(s.getBytes());
240 System.out.println("MD5 加密后:" + new BigInteger(c).toString(16));
241
242 c = encryptSHA(s.getBytes());
243 System.out.println("SHA 加密后:" + new BigInteger(c).toString(16));
244
245 String key = initMacKey();
246 System.out.println("HMAC密匙:" + key);
247 c = encryptHMAC(s.getBytes(), key);
248 System.out.println("HMAC 加密后:" + new BigInteger(c).toString(16));
249
250 key = initKey();
251 System.out.println(ALGORITHM + "密钥:\t" + key);
252 c = encrypt(s.getBytes("UTF-8"), key);
253 System.out.println(ALGORITHM + " 加密后:" + new BigInteger(c).toString(16));
254 c = decrypt(c, key);
255 System.out.println(ALGORITHM + " 解密后:" + new String(c, "UTF-8"));
256 } catch (UnsupportedEncodingException e) {
257 // TODO Auto-generated catch block
258 e.printStackTrace();
259 } catch (Exception e) {
260 // TODO Auto-generated catch block
261 e.printStackTrace();
262 }
263 }
264 }
