什么是高级加密标准或AES?
AES加密标准又称为高级加密标准Rijndael加密法,是美国国家标准技术研究所NIST旨在取代DES的21世纪的加密标准。
AES加密如何工作?
AES是一种对称的加密算法,可基于相同的密钥进行加密和解密。AES包含三个分组密码:AES-128,AES-192和AES-256。每个密码分别使用128 位,192位和256位的加密密钥对128 位块中的数据进行加密和解密。代码:
object AESCrypt {
private const val AES_MODE = "AES/CBC/PKCS7Padding" //"算法/模式/补码方式"
private const val CHARSET = "UTF-8"
private const val CIPHER = "AES"
private const val HASH_ALGORITHM = "SHA-256"
private val IV_BYTES = byteArrayOf(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00)
/**
* Generates SHA256 hash of the password which is used as key
*
* @param password used to generated key
* @return SHA256 of the password
*/
@Throws(NoSuchAlgorithmException::class, UnsupportedEncodingException::class)
private fun generateKey(password: String): SecretKeySpec {
val digest = MessageDigest.getInstance(HASH_ALGORITHM)
val bytes = password.toByteArray(charset(CHARSET))
digest.update(bytes, 0, bytes.size)
val key = digest.digest()
return SecretKeySpec(key, CIPHER)
}
/**
* Encrypt and encode message using 256-bit AES with key generated from password.
*
* @param password used to generated key
* @param message the thing you want to encrypt assumed String UTF-8
* @return Base64 encoded CipherText
* @throws GeneralSecurityException if problems occur during encryption
*/
@Throws(GeneralSecurityException::class)
fun encrypt(password: String, message: String): String {
try {
val key = generateKey(password)
val cipherText = encrypt(key, IV_BYTES, message.toByteArray(charset(CHARSET)))
//NO_WRAP is important as was getting \n at the end
return Base64.encodeToString(cipherText, Base64.NO_WRAP)
} catch (e: UnsupportedEncodingException) {
throw GeneralSecurityException(e)
}
}
/**
* More flexible AES encrypt that doesn't encode
*
* @param key AES key typically 128, 192 or 256 bit
* @param iv Initiation Vector
* @param message in bytes (assumed it's already been decoded)
* @return Encrypted cipher text (not encoded)
* @throws GeneralSecurityException if something goes wrong during encryption
*/
@Throws(GeneralSecurityException::class)
fun encrypt(key: SecretKeySpec, iv: ByteArray, message: ByteArray): ByteArray {
val cipher = Cipher.getInstance(AES_MODE)
val ivSpec = IvParameterSpec(iv)
cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec)
return cipher.doFinal(message)
}
/**
* Decrypt and decode ciphertext using 256-bit AES with key generated from password
*
* @param password used to generated key
* @param base64EncodedCipherText the encrpyted message encoded with base64
* @return message in Plain text (String UTF-8)
* @throws GeneralSecurityException if there's an issue decrypting
*/
@Throws(GeneralSecurityException::class)
fun decrypt(password: String, base64EncodedCipherText: String): String {
try {
val key = generateKey(password)
val decodedCipherText = Base64.decode(base64EncodedCipherText, Base64.NO_WRAP)
val decryptedBytes = decrypt(key, IV_BYTES, decodedCipherText)
return String(decryptedBytes, charset(CHARSET))
} catch (e: UnsupportedEncodingException) {
throw GeneralSecurityException(e)
}
}
/**
* More flexible AES decrypt that doesn't encode
*
* @param key AES key typically 128, 192 or 256 bit
* @param iv Initiation Vector
* @param decodedCipherText in bytes (assumed it's already been decoded)
* @return Decrypted message cipher text (not encoded)
* @throws GeneralSecurityException if something goes wrong during encryption
*/
@Throws(GeneralSecurityException::class)
fun decrypt(key: SecretKeySpec, iv: ByteArray, decodedCipherText: ByteArray): ByteArray {
val cipher = Cipher.getInstance(AES_MODE)
val ivSpec = IvParameterSpec(iv)
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec)
return cipher.doFinal(decodedCipherText)
}
}
添加扩展方法,方便调用
private const val key: String = "Your AES Key"
fun encrypt(input: String): String {
return AESCrypt.encrypt(key, input)
}
fun decrypt(input: String): String {
return AESCrypt.decrypt(key, input)
}
fun String.aesEncrypt(): String = encrypt(this)
fun String.aesDecrypt(): String = decrypt(this)
使用方法
"明文".aesEncrypt()
"密文".aesDecrypt()
评论