11月18

解决Java AES 加密在Windows和linux不一致的问题

| |
09:13编程杂谈  From: 本站原创
原因:
1. SecureRandom 类中 setSeed()底层调用的是 native 方法.所以造成了不同环境之间随机数出现了差别。导致解密不一致问题。
2. 由于linux和window的内核不同造成的!

解决:对加密程序 添加如下两行 代码控制 随机数即可解决问题。然后初始化,就能解决这个问题!
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
secureRandom.setSeed(PASSWORD.getBytes());

示例如下:
package com.heckjj.utils;


import java.security.SecureRandom;


import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;


import org.apache.axis.encoding.Base64;
import org.apache.commons.lang.StringUtils;


import lombok.extern.slf4j.Slf4j;


@Slf4j
public class AESUtils {


    /**
     * 加密
     *
     * @param content 需要加密的内容
     * @param secureKey 加密秘钥
     * @return
     */
    public static String encrypt(String content, String secureKey) {
        try {
            if (StringUtils.isEmpty(content)
                        || StringUtils.isEmpty(secureKey)) {
                return null;
            }


            KeyGenerator kgen = KeyGenerator.getInstance("AES");
            /*
             * 问题我已自己解决,这个是由于linux和window的内核不同造成的!
             * SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
             * secureRandom.setSeed(PASSWORD.getBytes());
             * 然后初始化,就能解决这个问题!
             */
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            secureRandom.setSeed(secureKey.getBytes());
            kgen.init(128, secureRandom);
            SecretKey secretKey = kgen.generateKey();
            byte[] enCodeFormat = secretKey.getEncoded();
            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
            Cipher cipher = Cipher.getInstance("AES");// 创建密码器
            byte[] byteContent = content.getBytes("utf-8");
            cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化
            byte[] result = cipher.doFinal(byteContent);
            return encodeBASE64(result); // 加密
        } catch (Exception e) {
            log.error("加密错误.", e);
        }
        return null;
    }


    /**
     * 解密
     *
     * @param content 待解密内容
     * @param password secureKey
     * @return
     */
    public static String decrypt(String content, String secureKey) {
        try {
            if (StringUtils.isEmpty(content) || StringUtils.isEmpty(secureKey)) {
                return null;
            }

            KeyGenerator kgen = KeyGenerator.getInstance("AES");
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            secureRandom.setSeed(secureKey.getBytes());
            kgen.init(128, secureRandom);
            SecretKey secretKey = kgen.generateKey();
            byte[] enCodeFormat = secretKey.getEncoded();
            SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
            Cipher cipher = Cipher.getInstance("AES");// 创建密码器
            cipher.init(Cipher.DECRYPT_MODE, key);// 初始化
            byte[] base64Dec = Base64.decode(content);
            byte[] result = cipher.doFinal(base64Dec);
            return new String(result);
        } catch (Exception e) {
            log.warn("解密错误,错误信息是:{}", e);
        }
        return null;
    }

    public static String encodeBASE64(byte[] content) throws Exception {
        if (content == null || content.length == 0)
            return null;
        try {
            return Base64.encode(content);
        } catch (Exception e) {
            log.error("Base64 encode error.", e);
            return null;
        }
    }

}

来源:Heck's Blog
地址:https://www.heckjj.com/post/524/
转载时须以链接形式注明作者和原始出处及本声明,否则将追究法律责任,谢谢配合!
阅读(67) | 评论(0) | 引用(0)