|
PBE算法在加密过程中并不是直接使用口令来加密,而是加密的密钥由口令生成,这个功能由PBE算法中的KDF函数完成。KDF函数的实现过程为:将用户输入的口令首先通过“盐”(salt)的扰乱产生准密钥,再将准密钥经过散列函数多次迭代后生成最终加密密钥,密钥生成后,PBE算法再选用对称加密算法对数据进行加密,可以选择DES、3DES、RC5等对称加密算法。
具体实现如下:
Java代码实现:
- import java.security.Key;
- import java.security.SecureRandom;
- import javax.crypto.Cipher;
- import javax.crypto.SecretKeyFactory;
- import javax.crypto.spec.PBEKeySpec;
- import javax.crypto.spec.PBEParameterSpec;
- import org.apache.commons.codec.binary.Hex;
-
- public class PBE {
-
- public static final String src = "pbe test";
-
- public static void main(String[] args) {
- jdkPBE();
- }
-
- // 用jdk实现:
- public static void jdkPBE() {
- try {
- // 初始化盐
- SecureRandom random = new SecureRandom();
- byte[] salt = random.generateSeed(8);
-
- // 口令与密钥
- String password = "timliu";
- PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
- SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5andDES");
- Key key = factory.generateSecret(pbeKeySpec);
-
- // 加密
- PBEParameterSpec pbeParameterSpac = new PBEParameterSpec(salt, 100);
- Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");
- cipher.init(Cipher.ENCRYPT_MODE, key, pbeParameterSpac);
- byte[] result = cipher.doFinal(src.getBytes());
- System.out.println("jdk pbe encrypt:" + Hex.encodeHexString(result));
-
- // 解密
- cipher.init(Cipher.DECRYPT_MODE, key, pbeParameterSpac);
- result = cipher.doFinal(result);
- System.out.println("jdk pbe decrypt:" + new String(result));
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- }
(编辑:91站长网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
