Java 对称加密算法

Question

认证加密 防篡改 AEAD (对敏感数据进行加密，库中的数据或者表中的数据)

常见的 AEAD 算法如下：

AES-128-GCM
AES-192-GCM
AES-256-GCM
ChaCha20-IETF-Poly1305
XChaCha20-IETF-Poly1305

对称加密算法的性能、空间比较

名称    密钥长度        运算速度   安全性   资源消耗
DES     56位            较快      低       中
3DES   112位或 168位      慢       中       高
AES    128、192、256位   快       高       低

使用 google tink 实现 AES 算法

将密钥写入文件

AeadConfig.register();

//Generate the key material...
KeysetHandle keysetHandle = KeysetHandle.generateNew(
    AeadKeyTemplates.AES128_GCM
);

// and write it to a file.
String keysetFilename = "my_keyset.json";
CleartextKeysetHandle.write(keysetHandle, JsonKeysetWriter.withFile(
    new File(keysetFilename)
)
);

读取密钥加密

String plaintext = "napier";
String aad = "qwerty123";

String keysetFilename = "my_keyset.json";
KeysetHandle keysetHandle = CleartextKeysetHandle.read(
    JsonKeysetReader.withFile(new File(keysetFilename)));

Aead aead = keysetHandle.getPrimitive(Aead.class);

byte[] ciphertext = aead.encrypt(plaintext.getBytes(), aad.getBytes());
byte[] encoded = Base64.getEncoder().encode(ciphertext);

System.out.println("\nCipher:\t" + new String(encoded));

读取密钥解谜

try {

    String plaintext = "napier";
    String aad = "qwerty123";

    String keysetFilename = "my_keyset.json";
    KeysetHandle keysetHandle = CleartextKeysetHandle.read(
        JsonKeysetReader.withFile(new File(keysetFilename)));

    Aead aead = keysetHandle.getPrimitive(Aead.class);

//            byte[] ciphertext = aead.encrypt(plaintext.getBytes(), aad.getBytes());
//            byte[] encoded = Base64.getEncoder().encode(ciphertext);
//
//            System.out.println("\nCipher:\t" + new String(encoded));

    byte[] decode = Base64.getDecoder().decode("ASThGz8bDgORDUWhqlRyIYLXAbNzq+Hq8u+iqHefoVzzBBTCg2nP");

    byte[] decrypted = aead.decrypt(decode, aad.getBytes());
    String s = new String(decrypted);
    System.out.println("\nDecrypted:\t" + s);
    System.out.println("\nPrinting out key:");
    ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
    CleartextKeysetHandle.write(keysetHandle, JsonKeysetWriter.withOutputStream(outputStream));
    System.out.println("\n" + new String(outputStream.toByteArray()));
} catch (GeneralSecurityException e) {
    System.out.println(e);
    System.exit(1);
}

网络传输敏感信息加密解密 AES+RSA