1, BASE64
BASE64 is strictly an encoding format, not an encryption algorithm.
Encryption:
/** * encryption */
public static String encryptBASE64(byte[] data) {
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(data);
}
/** * decrypt */
public static byte[] decryptBASE64(String cipher) {
BASE64Decoder decoder = new BASE64Decoder();
byte[] bytes = null;
try {
bytes = decoder.decodeBuffer(cipher);
} catch (IOException e) {
e.printStackTrace();
}
return bytes;
}
Copy the code
2. MD5 and SHA
Message Digest Algorithm 5 (MD5) is used to verify files. Secure Hash Algorithm (SHA), also a non-reversible Algorithm, is similar to MD5. MD5 output is 128-bit, SHA output is 160-bit. SHA is more secure than MD5 and takes longer to encrypt.
So let’s set constants
private final static String KEY_SHA = "SHA";
private final static String KEY_MD5 = "MD5";
Copy the code
encryption
/** * MD5 encryption */
public static String encryptMD5(byte[] data) {
String cipher = null;
try {
MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);
md5.update(data);
cipher = encryptBASE64(md5.digest());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return cipher;
}
/** * SHA encryption */
public static String encryptSHA(byte[] data) {
String cipher = null;
try {
MessageDigest sha = MessageDigest.getInstance(KEY_SHA);
sha.update(data);
cipher = encryptBASE64(sha.digest());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return cipher;
}
Copy the code
3, RSA
RSA is an asymmetric cryptographic algorithm. See RSA algorithm for details)
RSA_INIT_LENGTH is the initialization length of the key. The longer the key length, the better the security, but the longer the encryption and decryption time. The length of ciphertext that can be encrypted at a time is as follows: Key length /8-11. Therefore, a key of 1024 bits can encrypt 117 bits of ciphertext at a time. So asymmetric encryption is generally used to encrypt the key of a symmetric encryption algorithm, rather than directly encrypt the content. RSA encryption can be used for small files, but the encryption process may still be segmented.
private final static String KEY_RSA = "RSA";
private final static int RSA_INIT_LENGTH = 1024;
Copy the code
3.1. Initialize public and private keys in Java
/** * initializes */
public static String[] initRSAKey() {
String[] keys = null;
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_RSA);
keyPairGenerator.initialize(RSA_INIT_LENGTH);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
/ / the public key
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
/ / the private key
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
keys = new String[]{encryptBASE64(publicKey.getEncoded()), encryptBASE64(privateKey.getEncoded())};
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return keys;
}
Copy the code
3.2 encryption and decryption
RSA has two keys, so there are two encryption and decryption modes: private key encryption-public key decryption, and public key encryption-private key decryption. The encryption and decryption modes are as follows:
/** * private key encryption */
public static byte[] encryptByPrivateKey(byte[] data, String key) {
try {
byte[] keyBytes = decryptBASE64(key);
// Get the private key
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_RSA);
Key privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
// Encrypt data
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(data);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/** * Public key decryption */
public static byte[] decryptByPublicKey(byte[] data, String key) {
try {
// Decrypt the private key
byte[] keyBytes = decryptBASE64(key);
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_RSA);
Key publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
// Decrypt data
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return cipher.doFinal(data);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/** * Public key encryption */
public static byte[] encryptByPublicKey(byte[] data, String key) {
try {
// Decrypt the public key
byte[] keyBytes = decryptBASE64(key);
/ / get the public key
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_RSA);
Key publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
// Decrypt data
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(data);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/** * private key decryption */
public static byte[] decryptByPrivateKey(byte[] data, String key) throws Exception {
try {
// Decrypt the private key
byte[] keyBytes = decryptBASE64(key);
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_RSA);
Key privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
// Decrypt data
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(data);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
Copy the code
3.3 Signature Verification
RSA is used for signature verification. Digital signature technology is to encrypt the abstract information with the sender’s private key and send it to the receiver together with the original text. The receiver can decrypt the encrypted digest only with the sender’s public key, and then generate a digest of the received text and compare it with the decrypted digest. If they are the same, the received information is complete and has not been modified during transmission. Otherwise, the received information has been modified. Therefore, the digital signature can verify the integrity of the information.
This method is feasible under two conditions:
1. It is impossible to deduce the private key from the public key. 2. (Note that interceptors can still decrypt data using public keys and see the transmitted data)Copy the code
Define constants
private final static String RSA_MD5 = "MD5withRSA";
Copy the code
Signature and signature verification
/** * Private key signature */
public static String signByPrivateKey(byte[] data, String privateKey) {
try {
Decrypt the private key
byte[] keyBytes = decryptBASE64(privateKey);
Construct the PKCS8EncodedKeySpec object
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyBytes);
// Specify the encryption algorithm
KeyFactory keyFactory = KeyFactory.getInstance(KEY_RSA);
// Get the private key object
PrivateKey privateKey2 = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
// Use the private key to generate a digital signature for the information
Signature signature = Signature.getInstance(RSA_MD5);
signature.initSign(privateKey2);
signature.update(data);
return encryptBASE64(signature.sign());
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
Public key validation */
public static boolean verifyByPublicKey(byte[] data, String publicKey, String sign) {
try {
// Decrypt the public key
byte[] keyBytes = decryptBASE64(publicKey);
Construct the X509EncodedKeySpec object
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyBytes);
// Specify the encryption algorithm
KeyFactory keyFactory = KeyFactory.getInstance(KEY_RSA);
// Get the male key object
PublicKey publicKey2 = keyFactory.generatePublic(x509EncodedKeySpec);
Signature signature = Signature.getInstance(RSA_MD5);
signature.initVerify(publicKey2);
signature.update(data);
// Verify that the signature is normal
return signature.verify(decryptBASE64(sign));
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
Copy the code
4, DES
DES (DataEncryption Standard) is a symmetric encryption algorithm!
Define constants
private final static String KEY_DES = "DES";
Copy the code
Encryption and decryption, where key is an 8-bit password
/** * encryption */
public static byte[] encryptDES(byte[] data, String key) {
try {
SecureRandom random = new SecureRandom();
DESKeySpec desKey = new DESKeySpec(key.getBytes());
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(KEY_DES);
SecretKey secureKey = keyFactory.generateSecret(desKey);
Cipher cipher = Cipher.getInstance(KEY_DES);
cipher.init(Cipher.ENCRYPT_MODE, secureKey, random);
return cipher.doFinal(data);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/** * decrypt */
public static byte[] decryptDES(byte[] data, String key) {
try {
SecureRandom random = new SecureRandom();
DESKeySpec desKey = new DESKeySpec(key.getBytes());
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(KEY_DES);
SecretKey secureKey = keyFactory.generateSecret(desKey);
Cipher cipher = Cipher.getInstance(KEY_DES);
cipher.init(Cipher.DECRYPT_MODE, secureKey, random);
return cipher.doFinal(data);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
Copy the code