使用 AES-256 Java 加密
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18362137/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Encryption with AES-256 Java
提问by Gerardo agustin Riera
I have this simple code, that i found on the internet.. im learning this stuff of encryption/decryption.. this code seems to work fine, but i don't understand something... why after the "c.doFinal()" (which is for encrypt/decrypt with AES-256) this guy encode/decode that encrypted value, with BASE64? its not enough only by using AES?
我有这个简单的代码,我在互联网上找到的..我正在学习加密/解密的这些东西..这段代码似乎工作正常,但我不明白什么......为什么在“c.doFinal() “(用于使用 AES-256 加密/解密)这家伙使用 BASE64 编码/解码该加密值?仅使用 AES 还不够吗?
`private static final String ALGO = "AES";
private static final byte[] keyValue =
new byte[] { 'T', 'h', 'e', 'B', 'e', 's', 't', 'S', 'e', 'c', 'r','e', 't', 'K', 'e', 'y' };
public static String encrypt(String Data) throws Exception {
Key key = generateKey();
Cipher c = Cipher.getInstance("AES");
c.init(Cipher.ENCRYPT_MODE, key);
byte[] encVal = c.doFinal(Data.getBytes());
String encryptedValue = new BASE64Encoder().encode(encVal);
return encryptedValue;
}
public static String decrypt(String encryptedData) throws Exception {
Key key = generateKey();
Cipher c = Cipher.getInstance(ALGO);
c.init(Cipher.DECRYPT_MODE, key);
byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedData);
byte[] decValue = c.doFinal(decordedValue);
String decryptedValue = new String(decValue);
return decryptedValue;
}
private static Key generateKey() throws Exception {
Key key = new SecretKeySpec(keyValue, ALGO);
return key;
}
public static void main(String[] args) throws Exception {
String data = "SOME TEXT";
String dataEnc = AES.encrypt(data);
String dataDec = AES.decrypt(dataEnc);
System.out.println("Plain Text : " + data);
System.out.println("Encrypted Text : " + dataEnc);
System.out.println("Decrypted Text : " + dataDec);
}`
Thanks!!
谢谢!!
采纳答案by Syon
The encrypted data returned by doFinalis binary, and so it cannot be printed (it'll appear as a bunch of gibberish.) The Base64 encoding converts the binary to a set of ASCII characters, this makes it easily readable and also makes it possible to use the encrypted data in situations where only plaintext data can be used.
返回的加密数据doFinal是二进制的,因此无法打印(会显示为一堆乱码。) Base64 编码将二进制转换为一组 ASCII 字符,这使得它易于阅读,也使得它成为可能在只能使用明文数据的情况下使用加密数据。
The Base64 encoding doesn't add any extra encryption or security, it simply makes the encrypted data usable in situations where you can't use binary.
Base64 编码不会增加任何额外的加密或安全性,它只是使加密数据在您不能使用二进制的情况下可用。
回答by Cristian Meneses
The resulting AES-256 encrypted value can contain some unusual characters that, when printed, or sent over internet, can be modified or misunderstood, truncated or replaced during transmission or visual representation.
生成的 AES-256 加密值可能包含一些不寻常的字符,这些字符在打印或通过 Internet 发送时可能会在传输或视觉表示过程中被修改或误解、截断或替换。
Base64 provides a mechanism to encode/decode values, so they can "travel" without the content being modified. The user who wrote this code you found, probably would need to store or transport this value.
Base64 提供了一种编码/解码值的机制,因此它们可以在不修改内容的情况下“旅行”。您找到的编写此代码的用户可能需要存储或传输此值。
You can try it yourself, and check the resulting string before being encoded to Base64.
您可以自己尝试一下,并在编码为 Base64 之前检查结果字符串。
回答by Niranjan Subramanian
Because doFinal() returns a byte array and bytes are generally difficult to comprehend. Leaving aside this program does a AES-128 not AES-256.
因为 doFinal() 返回一个字节数组,而字节通常难以理解。撇开这个程序不谈 AES-128 而不是 AES-256。
