java - 加密解密我自己的 key 未生成java

Question

我是密码学的新手，所以我有一个问题:

我如何创建自己的 key (比如说字符串“1234”)。因为我需要用一个 key (由我定义)来加密一个字符串，所以将加密后的字符串保存在数据库中，当我想使用它时，从数据库中取出它并用我知道的 key 对其进行解密。

我有这段代码:

   import java.security.InvalidKeyException;
   import java.security.*;
   import javax.crypto.BadPaddingException;
   import javax.crypto.Cipher;
   import javax.crypto.IllegalBlockSizeException;
   import javax.crypto.SecretKey;
   import javax.crypto.SecretKeyFactory;
   import javax.crypto.spec.DESedeKeySpec;

      public class LocalEncrypter {

    private static String algorithm = "PBEWithMD5AndDES";
   //private static Key key = null;
    private static Cipher cipher = null;
    private static SecretKey key;

    private static void setUp() throws Exception {
        ///key = KeyGenerator.getInstance(algorithm).generateKey();
        SecretKeyFactory factory = SecretKeyFactory.getInstance(algorithm);
        String pass1 = "thisIsTheSecretKeyProvidedByMe";
        byte[] pass = pass1.getBytes(); 
        SecretKey key = factory.generateSecret(new DESedeKeySpec(pass));
        cipher = Cipher.getInstance(algorithm);
    }

    public static void main(String[] args) 
       throws Exception {
        setUp();

        byte[] encryptionBytes = null;
        String input = "1234";
        System.out.println("Entered: " + input);
        encryptionBytes = encrypt(input);
        System.out.println(
          "Recovered: " + decrypt(encryptionBytes));
    }

    private static byte[] encrypt(String input)
        throws InvalidKeyException, 
               BadPaddingException,
               IllegalBlockSizeException {
        cipher.init(Cipher.ENCRYPT_MODE, key);
        byte[] inputBytes = input.getBytes();
        return cipher.doFinal(inputBytes);
    }

    private static String decrypt(byte[] encryptionBytes)
        throws InvalidKeyException, 
               BadPaddingException,
               IllegalBlockSizeException {
        cipher.init(Cipher.DECRYPT_MODE, key);
        byte[] recoveredBytes = 
          cipher.doFinal(encryptionBytes);
        String recovered = 
          new String(recoveredBytes);
        return recovered;
      }

   Exception in thread "main" java.security.spec.InvalidKeySpecException: Invalid key spec
at com.sun.crypto.provider.PBEKeyFactory.engineGenerateSecret(PBEKeyFactory.java:114)
at javax.crypto.SecretKeyFactory.generateSecret(SecretKeyFactory.java:335)
at LocalEncrypter.setUp(LocalEncrypter.java:22)
at LocalEncrypter.main(LocalEncrypter.java:28)

Answer 1

KeyGenerator 生成随 secret 钥。因为您知道 key ，所以您需要的是 SecretKeyFactory 。为您的算法 (DESede) 获取一个实例，然后使用 DESedeKeySpec 实例作为参数调用其 generateSecret 方法:

SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
SecretKey key = factory.generateSecret(new DESedeKeySpec(someByteArrayContainingAtLeast24Bytes));

这是一个完整的有效示例。正如我所说，DESedeKeySpec 必须与 DESede 算法一起使用。将 DESede key 与 PBEWithMD5AndDES 一起使用是没有意义的。

public class EncryptionTest {
    public static void main(String[] args) throws Exception {
        byte[] keyBytes = "1234567890azertyuiopqsdf".getBytes("ASCII");
        DESedeKeySpec keySpec = new DESedeKeySpec(keyBytes);
        SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
        SecretKey key = factory.generateSecret(keySpec);
        byte[] text = "Hello world".getBytes("ASCII");

        Cipher cipher = Cipher.getInstance("DESede");
        cipher.init(Cipher.ENCRYPT_MODE, key);
        byte[] encrypted = cipher.doFinal(text);

        cipher = Cipher.getInstance("DESede");
        cipher.init(Cipher.DECRYPT_MODE, key);
        byte[] decrypted = cipher.doFinal(encrypted);
        System.out.println(new String(decrypted, "ASCII"));
    }
}