1. 背景
细心的读者会发现,前面介绍的对称加密算法中,密钥的长度是固定位数的,但现实一般输入密码时都是
一些长度不太长的密码串,这时,我们可以使用一些随机数和原密码杂凑后,生成真正的密钥,在最终使用时,
我们不仅需要提供原始的密码串,还同时需要随机数信息(类似USB密码器),这两者结合才能真正进行解码。
- 下面介绍的算法,它底层的实现,仍是标准的对称加密算法
2. 示例
密文 = 运算(原文,简单密码,随机密钥)
//添加算法
Security.addProvider(new BouncyCastleProvider());
String content = "abc"; //加密内容
String encryptKey = "12345678"; //简单密码
//生成的随机口令密钥,用于后面的杂凑
byte[] salt = SecureRandom.getInstanceStrong().generateSeed(16);
//加密
PBEKeySpec keySpec = new PBEKeySpec(encryptKey.toCharArray());
SecretKeyFactory skeyFactory = SecretKeyFactory.getInstance("PBEwithSHA1and128bitAES-CBC-BC");
SecretKey key = skeyFactory.generateSecret(keySpec);
PBEParameterSpec pbeps = new PBEParameterSpec(salt,500);
Cipher cipher = Cipher.getInstance("PBEwithSHA1and128bitAES-CBC-BC");
cipher.init(Cipher.ENCRYPT_MODE, key,pbeps); //加密模式
byte[] encryptBytes = cipher.doFinal(content.getBytes("UTF-8")); //得到密文字节数组
System.out.println("encrypt data:" + Base64.getEncoder().encodeToString(encryptBytes));
//8xxrL9E+A0VMXCoK666c8A==
//解密
PBEKeySpec keySpec1 = new PBEKeySpec(encryptKey.toCharArray());
SecretKeyFactory skeyFactory1 = SecretKeyFactory.getInstance("PBEwithSHA1and128bitAES-CBC-BC");
SecretKey key1 = skeyFactory1.generateSecret(keySpec1);
PBEParameterSpec pbeps1 = new PBEParameterSpec(salt,500);
Cipher cipher1 = Cipher.getInstance("PBEwithSHA1and128bitAES-CBC-BC");
cipher1.init(Cipher.DECRYPT_MODE, key1,pbeps1); //解密模式
byte[] decryptBytes1 = cipher1.doFinal(encryptBytes); //得到原文字节数组
System.out.println("decrypt data:" + new String(decryptBytes1, "UTF-8"));
//abc
网友评论