Encryption 在AES加密算法实现中使用我自己的密钥

我有以下代码：

import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

public class AESHelper {

    public static String encrypt(String seed, String cleartext) throws Exception {

        byte[] rawKey = getRawKey(seed.getBytes());
        byte[] result = encrypt(rawKey, cleartext.getBytes());
        return toHex(result);
    }

    public static String decrypt(String seed, String encrypted) throws Exception {
        byte[] rawKey = getRawKey(seed.getBytes());
        byte[] enc = toByte(encrypted);
        byte[] result = decrypt(rawKey, enc);
        return new String(result);
    }

    private static byte[] getRawKey(byte[] seed) throws Exception {
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
        sr.setSeed(seed);
        kgen.init(128, sr); // 192 and 256 bits may not be available
        SecretKey skey = kgen.generateKey();
        byte[] raw = skey.getEncoded();
        return raw;
    }

    private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
        byte[] encrypted = cipher.doFinal(clear);
        return encrypted;
    }

    private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, skeySpec);
        byte[] decrypted = cipher.doFinal(encrypted);
        return decrypted;
    }

    public static String toHex(String txt) {
        return toHex(txt.getBytes());
    }
    public static String fromHex(String hex) {
        return new String(toByte(hex));
    }

    public static byte[] toByte(String hexString) {
        int len = hexString.length()/2;
        byte[] result = new byte[len];
        for (int i = 0; i < len; i++)
            result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue();
        return result;
    }

    public static String toHex(byte[] buf) {
        if (buf == null)
            return "";
        StringBuffer result = new StringBuffer(2*buf.length);
        for (int i = 0; i < buf.length; i++) {
            appendHex(result, buf[i]);
        }
        return result.toString();
    }
    private final static String HEX = "0123456789ABCDEF";
    private static void appendHex(StringBuffer sb, byte b) {
        sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f));
    }
}

我如何使用自己的钥匙？

---

rawKey有什么用？

这是我在StackOverflow上奋斗了很久的

getRawKey

函数。要使用密码，请使用PBKDF2，它内置到Java中。要创建随机密钥，请使用随机数生成器

new SecureRandom（）

和

SecretKeySpec

---

如果您的随机数生成器执行任何意外操作，例如，生成随机数而不是充当确定性PRNG，则您的密钥将不同，并且您可能永远不会再次解密密文。这实际上是在安卓系统更新后发生的，在安卓系统中，默认提供程序被替换，RNG与之前的有所不同。

我认为您遇到了编程问题：“我如何让代码运行？”。这可能更适合StackOverflow，因为我们不是编程专家（也不是所有人），而是数学、安全实现和密码使用方面的专家，而不是编程这类东西。但是你让100%判断是否应该迁移变得相当棘手，因为你还询问了rawkey的使用（尽管这可能也是一个编程问题）。顺便说一句：我认为rawkey是输入加密函数的AES密钥。对不起，我实际上对我是否应该在这里发布它有疑问。上一次我问起加密的实现，他们让我在这里问。关于你的答案，我不确定它是否有效。我试过这样做：

SecretKeySpec skeySpec=newsecretkeyspec（raw，“AES”）

while raw实际上是我自己的密钥的字节[]。基本上我跳过了getRawKey函数。现在，当我尝试加密/解密时，什么也没有发生。如果我将seedValue更改为我的密钥，该怎么办？种子能起到钥匙的作用吗？或者我误解了整件事？我认为rawkey实际上是AES使用的密钥（128/192/256位密钥），SecretKeySpec指定了密钥的一些其他属性。实际上，AES的密钥（=rawKey）是使用“SHA1PRNG”从SeedValue派生的。所以你可以用种子控制键。奇怪的是，当我用rawkey作为键时，什么都没有发生。我按下加密按钮，没有任何输出。如果我完全跳过getRawKey函数，只传递byte[]raw-我自己的某个密钥，会怎么样。例如，静态私有字符串key=“key”？秘密密钥的概念是，攻击者无法区分密钥中的所有位。因此，您可以使用安全的随机数生成器生成自己的密钥。然后您需要以某种方式存储此密钥，例如，存储在

密钥库中。如果要将此键存储为文本，则应将其转换为十六进制或基数64。如果你想想出你自己的字符串，你基本上是使用密码或短语。在这种情况下，需要PBKDF2将其转换为密钥。
    package com.example.encryption;

    import javax.crypto.Cipher;
    import javax.crypto.SecretKey;
    import javax.crypto.spec.SecretKeySpec;
    import java.util.Base64;

    public class AESOwnKey {
        private Cipher ecipher;
        private Cipher dcipher;

        AESOwnKey(SecretKey key) {
            try {
                ecipher = Cipher.getInstance("AES");
                dcipher = Cipher.getInstance("AES");
                ecipher.init(Cipher.ENCRYPT_MODE, key);
                dcipher.init(Cipher.DECRYPT_MODE, key);
            } catch (Exception e) {
                System.out.println("Failed in initialization");
            }
        }

        public byte[] encrypt(String str) {
            try {
                byte[] utf8 = str.getBytes("UTF-8");
                byte[] enc = ecipher.doFinal(utf8);

                return Base64.getEncoder().encode(enc);
            } catch (Exception e) {
                System.out.println("Failed in Encryption");
            }
            return null;
        }

        public String decrypt(byte[] bytes) {
            try {
                byte[] dec = Base64.getDecoder().decode(bytes);

                byte[] utf8 = dcipher.doFinal(dec);

                return new String(utf8, "UTF-8");
            } catch (Exception e) {
                System.out.println("Failed in Decryption");
            }
            return null;
        }

        public static void main(String[] args) {
            try {
                String mykey = "1234567891234567";
                SecretKey key = new SecretKeySpec(mykey.getBytes(), "AES");
                AESOwnKey encrypter = new AESOwnKey(key);
                String original = "Testing encryption";
                System.out.println("Before Encryption   : " + original);
                byte[] encrypted = encrypter.encrypt(original);
                System.out.println("After Encryption   : " + encrypted);
                String decrypted = encrypter.decrypt(encrypted);
                System.out.println("After Decryption   : " + decrypted);

            } catch (Exception e) {
            }

        }
    }

    package com.example.encryption;

    import javax.crypto.Cipher;
    import javax.crypto.SecretKey;
    import javax.crypto.spec.SecretKeySpec;
    import java.util.Base64;

    public class AESOwnKey {
        private Cipher ecipher;
        private Cipher dcipher;

        AESOwnKey(SecretKey key) {
            try {
                ecipher = Cipher.getInstance("AES");
                dcipher = Cipher.getInstance("AES");
                ecipher.init(Cipher.ENCRYPT_MODE, key);
                dcipher.init(Cipher.DECRYPT_MODE, key);
            } catch (Exception e) {
                System.out.println("Failed in initialization");
            }
        }

        public byte[] encrypt(String str) {
            try {
                byte[] utf8 = str.getBytes("UTF-8");
                byte[] enc = ecipher.doFinal(utf8);

                return Base64.getEncoder().encode(enc);
            } catch (Exception e) {
                System.out.println("Failed in Encryption");
            }
            return null;
        }

        public String decrypt(byte[] bytes) {
            try {
                byte[] dec = Base64.getDecoder().decode(bytes);

                byte[] utf8 = dcipher.doFinal(dec);

                return new String(utf8, "UTF-8");
            } catch (Exception e) {
                System.out.println("Failed in Decryption");
            }
            return null;
        }

        public static void main(String[] args) {
            try {
                String mykey = "1234567891234567";
                SecretKey key = new SecretKeySpec(mykey.getBytes(), "AES");
                AESOwnKey encrypter = new AESOwnKey(key);
                String original = "Testing encryption";
                System.out.println("Before Encryption   : " + original);
                byte[] encrypted = encrypter.encrypt(original);
                System.out.println("After Encryption   : " + encrypted);
                String decrypted = encrypter.decrypt(encrypted);
                System.out.println("After Decryption   : " + decrypted);

            } catch (Exception e) {
            }

        }
    }