Java includes AES out of the box. Rijndael is AES. You don't need any external libraries. You just need something like this:

Java 包括开箱即用的 AES。Rijndael 是 AES。您不需要任何外部库。你只需要这样的东西：

byte[] sessionKey = null; //Where you get this from is beyond the scope of this post
byte[] iv = null ; //Ditto
byte[] plaintext = null; //Whatever you want to encrypt/decrypt
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
//You can use ENCRYPT_MODE or DECRYPT_MODE
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(sessionKey, "AES"), new IvParameterSpec(iv));
byte[] ciphertext = cipher.doFinal(plaintext);

And that's it, for encryption/decryption. If you are processing large amounts of data then you're better off reading chunks that are multiples of 16 bytes and calling update instead of doFinal (you just call doFinal on the last block).

就是这样，用于加密/解密。如果您正在处理大量数据，那么最好读取 16 字节倍数的块并调用 update 而不是 doFinal（您只需在最后一个块上调用 doFinal）。

javax.crypto has AES support: http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html

javax.crypto 有 AES 支持：http: //java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html

As for secure key storage, the usual method is to derive an encryption key from user input (a passphrase) using a cryptographic hash function, and use the derived key to encrypt the keychain. Or, if you only need one key, you can use the derived key itself.

对于安全密钥存储，通常的方法是使用加密散列函数从用户输入（密码短语）中导出加密密钥，并使用导出的密钥来加密钥匙串。或者，如果您只需要一个密钥，则可以使用派生密钥本身。

Always keep in mind that the security of the system is directly related to the strength of the hash function used. Use a cryptographically secure hash function, along with a salt if possible, and hash more than once (hundreds of times, for example).

请始终牢记，系统的安全性与所使用的散列函数的强度直接相关。使用加密安全的散列函数，如果可能的话，加上盐，并且散列不止一次（例如数百次）。

That being said, the question is very vague.

话虽如此，这个问题非常模糊。

For a great free library, I highly recommend BouncyCastle.It is actively maintained, high quality, and has a nice array of code examples. For reference documentation, you'll have to rely more on the general JCE docs.

对于一个很棒的免费图书馆，我强烈推荐BouncyCastle。它被积极维护，质量高，并有大量的代码示例。对于参考文档，您将不得不更多地依赖通用JCE 文档。

I can't say what library we use to meet FIPS certification requirements. But there are alternatives to CryptoJ that are much, much cheaper.

我不能说我们使用什么库来满足 FIPS 认证要求。但是 CryptoJ 的替代品要便宜得多。

In general, I'd recommend generating a new key for each message you encrypt with a symmetric cipher like Rijndael, and then encrypting that key with an asymmetric algorithm like RSA. These private keys can be stored in a password-protected, software-based key store like PKCS #12 or Java's "JKS", or, for better security, on "smart card" hardware token or other crypto hardware module.

通常，我建议为您使用 Rijndael 等对称密码加密的每条消息生成一个新密钥，然后使用 RSA 等非对称算法加密该密钥。这些私钥可以存储在受密码保护的基于软件的密钥存储中，如 PKCS #12 或 Java 的“JKS”，或者为了更好的安全性，存储在“智能卡”硬件令牌或其他加密硬件模块中。

As my company recently found out, AES is not quite Rijndael. AES has the restriction that keys MUST be 128, 192, or 256 bit - however, Rijndael allows for keys that are 160 and 224 as well.

正如我的公司最近发现的那样，AES 并不完全是 Rijndael。AES 限制密钥必须是 128、192 或 256 位 - 但是，Rijndael 也允许使用 160 和 224 位的密钥。

As indicated by erickson above, BouncyCastle provides a Rijndael object that DOES support the additional key lengths: 128/160/192/224/256 bits. Specifically, take a look at the lightweight API.

正如上面的 erickson 所指出的，BouncyCastle 提供了一个 Rijndael 对象，它确实支持额外的密钥长度：128/160/192/224/256 位。具体看一下轻量级API。

Gnu-crypto is another open source library - however, it also does NOT provide support for 160 and 224 bit keys.

Gnu-crypto 是另一个开源库 - 但是，它也不提供对 160 和 224 位密钥的支持。

So, if you are specifically looking for full Rijndael support, then BouncyCastle is the only one I've found so far.

因此，如果您特别需要对 Rijndael 的全面支持，那么 BouncyCastle 是我目前找到的唯一一个。