package com.ice.webos.util.security;import java.io.UnsupportedEncodingException;import java.math.BigInteger;import java.security.Key;import java.security.MessageDigest;import java.security.SecureRandom;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.Mac;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESKeySpec;import javax.crypto.spec.SecretKeySpec;import sun.misc.BASE64Decoder;import sun.misc.BASE64Encoder;/*** <ul>* <li>BASE64的加密解密是双向的，可以求反解。</li>* <li>MD5、SHA以及HMAC是单向加密，任何数据加密后只会产生唯一的一个加密串，通常用来校验数据在传输过程中是否被修改。</li>* <li>HMAC算法有一个密钥，增强了数据传输过程中的安全性，强化了算法外的不可控因素。</li>* <li>DES DES-Data Encryption Standard,即数据加密算法。* DES算法的入口参数有三个:Key、Data、Mode。* <ul>* <li>Key:8个字节共64位,是DES算法的工作密钥;</li>* <li>Data:8个字节64位,是要被加密或被解密的数据;</li>* <li>Mode:DES的工作方式,有两种:加密或解密。</li>* </ul>* </li>* <ul>* * @author Ice_Liu* */public class CryptUtil {private static final String KEY_MD5 = "MD5";private static final String KEY_SHA = "SHA";/*** MAC算法可选以下多种算法* * <pre>* * HmacMD5 * HmacSHA1 * HmacSHA256 * HmacSHA384 * HmacSHA512 * </pre>*/public static final String KEY_MAC = "HmacMD5";/*** BASE64解密* * @param key* @return* @throws Exception*/public static byte[] decryptBASE64(String key) throws Exception {return (new BASE64Decoder()).decodeBuffer(key);}/*** BASE64 加密* * @param key* @return* @throws Exception*/public static String encryptBASE64(byte[] key) throws Exception {return (new BASE64Encoder()).encodeBuffer(key);}/*** MD5加密* * @param data* @return* @throws Exception*/public static byte[] encryptMD5(byte[] data) throws Exception {MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);md5.update(data);return md5.digest();}/*** SHA加密* * @param data* @return* @throws Exception*/public static byte[] encryptSHA(byte[] data) throws Exception {MessageDigest sha = MessageDigest.getInstance(KEY_SHA);sha.update(data);return sha.digest();}/*** 初始化HMAC密钥* * @return* @throws Exception*/public static String initMacKey() throws Exception {KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC);SecretKey secretKey = keyGenerator.generateKey();return encryptBASE64(secretKey.getEncoded());}/*** HMAC 加密* * @param data* @param key* @return* @throws Exception*/public static byte[] encryptHMAC(byte[] data, String key) throws Exception {SecretKey secretKey = new SecretKeySpec(decryptBASE64(key), KEY_MAC);Mac mac = Mac.getInstance(secretKey.getAlgorithm());mac.init(secretKey);return mac.doFinal(data);}/*** DES 算法 <br>* 可替换为以下任意一种算法，同时key值的size相应改变。* * <pre>* DES key size must be equal to 56 * DESede(TripleDES) key size must be equal to 112 or 168 * AES key size must be equal to 128, 192 or 256,but 192 and 256 bits may not be available * Blowfish key size must be multiple of 8, and can only range from 32 to 448 (inclusive) * RC2 key size must be between 40 and 1024 bits * RC4(ARCFOUR) key size must be between 40 and 1024 bits * </pre>*/public static final String ALGORITHM = "DES";/*** DES 算法转换密钥<br>* * @param key* @return* @throws Exception*/private static Key toKey(byte[] key) throws Exception {SecretKey secretKey = null;if (ALGORITHM.equals("DES") || ALGORITHM.equals("DESede")) {DESKeySpec dks = new DESKeySpec(key);SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);secretKey = keyFactory.generateSecret(dks);} else {// 当使用其他对称加密算法时，如AES、Blowfish等算法时，用下述代码替换上述三行代码secretKey = new SecretKeySpec(key, ALGORITHM);}return secretKey;}/*** DES 算法解密* * @param data* @param key* @return* @throws Exception*/public static byte[] decrypt(byte[] data, String key) throws Exception {Key k = toKey(decryptBASE64(key));Cipher cipher = Cipher.getInstance(ALGORITHM);cipher.init(Cipher.DECRYPT_MODE, k);return cipher.doFinal(data);}/*** DES 算法加密* * @param data* @param key* @return* @throws Exception*/public static byte[] encrypt(byte[] data, String key) throws Exception {Key k = toKey(decryptBASE64(key));Cipher cipher = Cipher.getInstance(ALGORITHM);cipher.init(Cipher.ENCRYPT_MODE, k);return cipher.doFinal(data);}/*** DES 算法生成密钥* * @return* @throws Exception*/public static String initKey() throws Exception {return initKey(null);}/*** DES 算法生成密钥* * @param seed* @return* @throws Exception*/public static String initKey(String seed) throws Exception {SecureRandom secureRandom = null;if (seed != null) {secureRandom = new SecureRandom(decryptBASE64(seed));} else {secureRandom = new SecureRandom();}KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM);kg.init(secureRandom);SecretKey secretKey = kg.generateKey();return encryptBASE64(secretKey.getEncoded());}public static void main(String[] args) {try {String s = "阿伯才的覆盖";String b = CryptUtil.encryptBASE64(s.getBytes("UTF-8"));System.out.println("BASE64加密后:" + b);byte[] c = CryptUtil.decryptBASE64(b);System.out.println("BASE64解密后:" + new String(c, "UTF-8"));c = encryptMD5(s.getBytes());System.out.println("MD5 加密后:" + new BigInteger(c).toString(16));c = encryptSHA(s.getBytes());System.out.println("SHA 加密后:" + new BigInteger(c).toString(16));String key = initMacKey();System.out.println("HMAC密匙:" + key);c = encryptHMAC(s.getBytes(), key);System.out.println("HMAC 加密后:" + new BigInteger(c).toString(16));key = initKey();System.out.println(ALGORITHM + "密钥:\t" + key);c = encrypt(s.getBytes("UTF-8"), key);System.out.println(ALGORITHM + " 加密后:" + new BigInteger(c).toString(16));c = decrypt(c, key);System.out.println(ALGORITHM + " 解密后:" + new String(c, "UTF-8"));} catch (UnsupportedEncodingException e) {// TODO Auto-generated catch blocke.printStackTrace();} catch (Exception e) {// TODO Auto-generated catch blocke.printStackTrace();}}}