SM4是一种分组密码算法,其分组长度为128位(即16字节,4字),密钥长度也为128位(即16字节,4字)。其加解密过程采用了32轮迭代机制(与DES、AES类似),每一轮需要一个轮密钥(与DES、AES类似)。
1.引入密码算法相关包
<dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk15on</artifactId> <version>1.59</version> </dependency>
2.工具类
import java.nio.charset.StandardCharsets;import java.security.Key;import java.security.NoSuchAlgorithmException;import java.security.NoSuchProviderException;import java.security.SecureRandom;import java.security.Security;import java.util.Arrays;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.spec.SecretKeySpec;import org.apache.tomcat.util.codec.binary.Base64;import org.bouncycastle.jce.provider.BouncyCastleProvider;public class SM4Util {static {Security.addProvider(new BouncyCastleProvider());}private static final String ENCODING = "UTF-8";public static final String ALGORITHM_NAME = "SM4";// 加密算法/分组加密模式/分组填充方式// PKCS5Padding-以8个字节为一组进行分组加密// 定义分组加密模式使用:PKCS5Paddingpublic static final String ALGORITHM_NAME_ECB_PADDING = "SM4/ECB/PKCS5Padding";// 128-32位16进制;256-64位16进制public static final int DEFAULT_KEY_SIZE = 128;private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();// 自定义密钥或使用generateKey生成密钥public static String secret_key = "fjeWEhu41223Tycd";/*** 自动生成密钥* @explain* @return* @throws NoSuchAlgorithmException* @throws NoSuchProviderException*/public static byte[] generateKey() throws Exception {return generateKey(DEFAULT_KEY_SIZE);}/*** @explain* @param keySize* @return* @throws Exception*/public static byte[] generateKey(int keySize) throws Exception {KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM_NAME, BouncyCastleProvider.PROVIDER_NAME);kg.init(keySize, new SecureRandom());return kg.generateKey().getEncoded();}/*** 加密** @param content 加密的字符串* @param encryptKey key值*/public static String encrypt(String content) throws Exception {//设置Cipher对象Cipher cipher = Cipher.getInstance(ALGORITHM_NAME_ECB_PADDING, PROVIDER);cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(secret_key.getBytes(), ALGORITHM_NAME));//调用doFinalbyte[] b = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));// 转base64return Base64.encodeBase64String(b);}/*** 解密** @param encryptStr 解密的字符串* @param decryptKey 解密的key值*/public static String decrypt(String encryptStr) throws Exception{//base64格式的key字符串转bytebyte[] decodeBase64 = Base64.decodeBase64(encryptStr);//设置Cipher对象Cipher cipher = Cipher.getInstance(ALGORITHM_NAME_ECB_PADDING, PROVIDER);cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(secret_key.getBytes(), ALGORITHM_NAME));//调用doFinal解密byte[] decryptBytes = cipher.doFinal(decodeBase64);return new String(decryptBytes);}public static void main(String[] args) {try {System.out.println(encrypt("123qwe++"));System.out.println(encrypt("rwertw"));} catch (Exception e) {e.printStackTrace();}}}
3.出现的问题
maven打包部署没有出现问题,
但是可运维的jar包,打包后执行报错JCE cannot authenticate the provider BC,查询了问题,发现还需要配置jdk
进入jdk安装目录下jre/lib/security,编辑文件java.security
添加配置:11是序号,前面对应递增就行,如果你最后是9,这里需要改成10.
security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider
然后从项目maven库里拷贝使用到的bcprov-jdk15on-1.59.jar,复制到jre/lib/ext/目录下
之后重启项目(一定不能忘记这一步)
如果觉得《【工具】国密SM4算法加解密》对你有帮助,请点赞、收藏,并留下你的观点哦!
