概述
des算法是对称算法,加密的密钥和解密的密钥是一样的.
实例
客户端加密
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64; import org.bouncycastle.jce.provider.BouncyCastleProvider;
/ * 客户端加密 * * @author nemotan * */ public class BehaviorSecurityClient { public static final String ALGORITHM_NAME = "DESede"; private static SecretKey deskey = null; private static ThreadLocal<Cipher> cipher = new ThreadLocal<Cipher>(); / * 根据秘钥加密 * * @param src * 待加密内容 * @param key * 秘钥 * @return * @throws Exception */ public static byte[] encode(byte[] src, String key) throws Exception { if (deskey == null) { deskey = new SecretKeySpec(Base64.decodeBase64(key.getBytes()), ALGORITHM_NAME); } Cipher c = cipher.get(); if (c == null) { c = Cipher.getInstance(ALGORITHM_NAME, new BouncyCastleProvider()); cipher.set(c); } c.init(Cipher.ENCRYPT_MODE, deskey); return c.doFinal(src); } }
解密
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.pool.BasePoolableObjectFactory; import org.apache.commons.pool.impl.GenericObjectPool; import org.bouncycastle.jce.provider.BouncyCastleProvider;
/ * 服务端解密 * * @author nemotan * */ public class BehaviorSecurityServer { private static final String KEY_HEAD = "11111"; #头部 public static final String ALGORITHM_NAME = "DESede"; private static Map<String, SecretKey> secretKeyMap = new ConcurrentHashMap<String, SecretKey>(); @SuppressWarnings({ "unchecked", "rawtypes" }) private static final GenericObjectPool<Map<String, Cipher>> pool = new GenericObjectPool<Map<String, Cipher>>( new BasePoolableObjectFactory() { public Object makeObject() throws Exception { return new HashMap<String, SecretKey>(); } }); static { pool.setMaxActive(20); } / * * * @param src * @param projectId * @return * @throws Exception / public static byte[] decode(byte[] src, String projectId) throws Exception { Map<String, Cipher> cipherMap = (Map<String, Cipher>) pool.borrowObject(); Cipher c = (Cipher) cipherMap.get(projectId); if (c == null) { SecretKey deskey = getDeskey(projectId); c = Cipher.getInstance(ALGORITHM_NAME, new BouncyCastleProvider()); c.init(Cipher.DECRYPT_MODE, deskey); cipherMap.put(projectId, c); } byte[] bs = c.doFinal(src); pool.returnObject(cipherMap); return bs; }】 /** * 获取秘钥 * * @param projectId * @return * @throws Exception / public static SecretKey getDeskey(String projectId) throws Exception { if (secretKeyMap.get(projectId) != null) { return secretKeyMap.get(projectId); } //linux will get the diffent number see http://m.blog.csdn.net/blog/jonson123654/39083261 KeyGenerator generator = KeyGenerator.getInstance(ALGORITHM_NAME); SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); random.setSeed((projectId + KEY_HEAD).getBytes()); generator.init(random); SecretKey deskey = generator.generateKey(); secretKeyMap.put(projectId, deskey); return deskey; } /* * 获取秘钥(客户端用) * * @param projectId * @return * @throws Exception / public static String getClientKey(String projectId) throws Exception { SecretKey deskey = getDeskey(projectId); return new String(Base64.encodeBase64(deskey.getEncoded())); } }