AES加密算法是目前比较流行加密方式,目前还没有针对AES有效的破解方式,比较靠谱。AES又称Rijndael加密法,是美国联邦政府采用的一种区块加密标准。这个标准用来替代原先的DES,已经被多方分析且广为全世界所使用。
AES加密数据块和密钥长度可以是128比特、192比特、256比特中的任意一个。
AES加密有很多轮的重复和变换。大致步骤如下:
1、密钥扩展(KeyExpansion),
2、初始轮(Initial Round),
3、重复轮(Rounds),每一轮又包括:SubBytes、ShiftRows、MixColumns、AddRoundKey,
4、最终轮(Final Round),最终轮没有MixColumns。
jdk中算法的支持:
密钥长度:128位
工作模式:ECB/CBC/PCBC/CTR/CTS/CFB/CFB8 to CFB128/OFB/OBF8 to OFB128
填充方式:Nopadding/PKCS5Padding/ISO10126Padding/
这里需要注意一个问题,在创建Cipher对象是需要一个第三方Provider来提供算法实现,在标准JDK中只是规定了JCE(JCE (Java Cryptography Extension) 是一组包,它们提供用于加密、密钥生成和协商以及 Message Authentication Code(MAC)算法的框架和实现。)接口,但是内部实现需要自己或者第三方提供,因此我们这里使用bouncycastle的开源的JCE实现包,下载地址:http://bouncycastle.org/latest_releases.html,我使用的是bcprov-jdk15on-150.jar jdk1.6。
下面是Android中一种实现方式:
- public class AESKeyModel {
-
- public static final String KEY_ALGORITHM = "AES";
- private static final String DEFAULT_CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";
- private String srcFile="",destionFile="";
-
-
-
-
-
-
- public byte[] initSecretKey() {
-
- KeyGenerator kg = null;
- try {
- kg = KeyGenerator.getInstance(KEY_ALGORITHM);
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- return new byte[0];
- }
-
-
- kg.init(128);
-
- SecretKey secretKey = kg.generateKey();
- return secretKey.getEncoded();
- }
-
- public void setDestionFile(String destionFile) {
- this.destionFile = destionFile;
- }
-
- public void setSrcFile(String srcFile) {
- this.srcFile = srcFile;
- }
-
-
-
-
-
-
- private static Key toKey(byte[] key){
-
- return new SecretKeySpec(key, KEY_ALGORITHM);
- }
-
-
-
-
-
-
-
-
-
- public static byte[] encrypt(byte[] data,Key key) throws Exception{
- return encrypt(data, key,DEFAULT_CIPHER_ALGORITHM);
- }
-
-
-
-
-
-
-
-
-
- public static byte[] encrypt(byte[] data,byte[] key) throws Exception{
- return encrypt(data, key,DEFAULT_CIPHER_ALGORITHM);
- }
-
-
-
-
-
-
-
-
-
-
-
- public static byte[] encrypt(byte[] data,byte[] key,String cipherAlgorithm) throws Exception{
-
- Key k = toKey(key);
- return encrypt(data, k, cipherAlgorithm);
- }
-
-
-
-
-
-
-
-
-
-
- public static byte[] encrypt(byte[] data,Key key,String cipherAlgorithm) throws Exception{
-
- Cipher cipher = Cipher.getInstance(cipherAlgorithm);
-
- cipher.init(Cipher.ENCRYPT_MODE, key);
-
- return cipher.doFinal(data);
- }
-
-
-
-
-
-
-
-
-
- public static byte[] decrypt(byte[] data,byte[] key) throws Exception{
- return decrypt(data, key,DEFAULT_CIPHER_ALGORITHM);
- }
-
-
-
-
-
-
-
-
-
- public static byte[] decrypt(byte[] data,Key key) throws Exception{
- return decrypt(data, key,DEFAULT_CIPHER_ALGORITHM);
- }
-
-
-
-
-
-
-
-
-
-
- public static byte[] decrypt(byte[] data,byte[] key,String cipherAlgorithm) throws Exception{
-
- Key k = toKey(key);
- return decrypt(data, k, cipherAlgorithm);
- }
-
-
-
-
-
-
-
-
-
-
- public static byte[] decrypt(byte[] data,Key key,String cipherAlgorithm) throws Exception{
-
- Cipher cipher = Cipher.getInstance(cipherAlgorithm);
-
- cipher.init(Cipher.DECRYPT_MODE, key);
-
- return cipher.doFinal(data);
- }
-
- public void encryptionFile(Key sessionKey) throws Exception {
- int len = 0;
- byte[] buffer = new byte[5 * 1024];
- byte[] cipherbuffer = null;
-
-
- Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM,new BouncyCastleProvider());
- IvParameterSpec iv = new IvParameterSpec("0000000000123456".getBytes());
- cipher.init(Cipher.ENCRYPT_MODE, sessionKey,iv);
-
- FileInputStream fis = new FileInputStream(new File(srcFile));
- FileOutputStream fos = new FileOutputStream(new File(destionFile));
-
-
- while ((len = fis.read(buffer)) != -1) {
- cipherbuffer = cipher.update(buffer, 0, len);
- fos.write(cipherbuffer);
- fos.flush();
- }
- cipherbuffer = cipher.doFinal();
- fos.write(cipherbuffer);
- fos.flush();
-
- if (fis != null)
- fis.close();
- if (fos != null)
- fos.close();
- }
-
- public void descryptionFile(Key sessionKey) throws Exception{
- int len = 0;
- byte[] buffer = new byte[5 * 1024];
- byte[] plainbuffer = null;
-
- Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM,new BouncyCastleProvider());
- IvParameterSpec iv = new IvParameterSpec("0000000000123456".getBytes());
- cipher.init(Cipher.DECRYPT_MODE,sessionKey,iv);
-
- FileInputStream fis = new FileInputStream(new File(srcFile));
- FileOutputStream fos = new FileOutputStream(new File(destionFile));
-
- while ((len = fis.read(buffer)) != -1){
- plainbuffer = cipher.update(buffer,0,len);
- fos.write(plainbuffer);
- fos.flush();
- }
-
- plainbuffer = cipher.doFinal();
- fos.write(plainbuffer);
- fos.flush();
-
- if(fis!=null)
- fis.close();
- if(fos!=null)
- fos.close();
- }
-
-
-
- }
加密文件:
Key key_AES;
private srcjiamiFile,outjiemiFile;
- void testAESJia(String srcPath){
- File f=new File(srcPath);
- if(!f.exists()||f.isDirectory())
- Toast.makeText(getApplicationContext(), "该文件不合法!", Toast.LENGTH_SHORT).show();
- else{
- String prefix=f.getName().substring(0, f.getName().indexOf('.'));
- String suffix=f.getName().substring(f.getName().indexOf('.'));
- srcjiamiFile=Environment.getExternalStorageDirectory()+File.separator+prefix+"AES_jiAMi"+suffix;
-
- AESKeyModel model_aes=new AESKeyModel();
- model_aes.setSrcFile(srcPath);
- model_aes.setDestionFile(srcjiamiFile);
-
- try {
- key_AES=new SecretKeySpec(model_aes.initSecretKey(),AESKeyModel.KEY_ALGORITHM);
- model_aes.encryptionFile(key_AES);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- }
解密文件:
- void testAESJieMi(String JiamiFilePath){
- File f=new File(JiamiFilePath);
- if(!f.exists()||f.isDirectory())
- Toast.makeText(getApplicationContext(), "该文件不合法!", Toast.LENGTH_SHORT).show();
- else{
- String prefix=f.getName().substring(0, f.getName().indexOf('.'));
- String suffix=f.getName().substring(f.getName().indexOf('.'));
- outjiemiFile=Environment.getExternalStorageDirectory()+File.separator+prefix+"AES_jieMi"+suffix;
-
- AESKeyModel model_aes=new AESKeyModel();
- model_aes.setSrcFile(JiamiFilePath);
- model_aes.setDestionFile(outjiemiFile);
-
- try {
- model_aes.descryptionFile(key_AES);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- }