2.2 3DES3DES（即Triple DES）是DES向AES过渡的加密算法，它使用3条56位的密钥对数据进行三次加密 。是DES的一个更安全的变形 。它以DES为基本模块，通过组合分组方法设计出分组加密算法 。比起最初的DES，3DES更为安全 。密钥长度默认为168位，还可以选择128位 。
public static String encryptThreeDESECB(String src, String key) {try{DESedeKeySpec dks = new DESedeKeySpec(key.getBytes("UTF-8"));SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");SecretKey securekey = keyFactory.generateSecret(dks);Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");cipher.init(Cipher.ENCRYPT_MODE, securekey);byte[] b = cipher.doFinal(src.getBytes("UTF-8"));String ss = new String(Base64.encodeBase64(b));ss = ss.replaceAll("\+", "-");ss = ss.replaceAll("/", "_");return ss;} catch(Exception ex){ex.printStackTrace();return src;}}public static String decryptThreeDESECB(String src, String key) {try{src = https://www.isolves.com/it/cxkf/sf/2020-08-02/src.replaceAll("-", "+");src = src.replaceAll("_", "/");byte[] bytesrc = Base64.decodeBase64(src.getBytes("UTF-8"));// --解密的keyDESedeKeySpec dks = new DESedeKeySpec(key.getBytes("UTF-8"));SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");SecretKey securekey = keyFactory.generateSecret(dks);// --Chipher对象解密Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");cipher.init(Cipher.DECRYPT_MODE, securekey);byte[] retByte = cipher.doFinal(bytesrc);return new String(retByte, "UTF-8");} catch(Exception ex){ex.printStackTrace();return src;}}2.3 AESAES 高级数据加密标准，能够有效抵御已知的针对DES算法的所有攻击，默认密钥长度为128位，还可以供选择192位，256位 。这里顺便提一句这个位置的是bit 。
private static final String defaultCharset = "UTF-8";private static final String KEY_AES = "AES";private static final String KEY_MD5 = "MD5";private static MessageDigest md5Digest;static {try {md5Digest = MessageDigest.getInstance(KEY_MD5);} catch (NoSuchAlgorithmException e) {}}/*** 加密*/public static String encrypt(String data, String key) {return doAES(data, key, Cipher.ENCRYPT_MODE);}/*** 解密*/public static String decrypt(String data, String key) {return doAES(data, key, Cipher.DECRYPT_MODE);}/*** 加解密*/private static String doAES(String data, String key, int mode) {try {boolean encrypt = mode == Cipher.ENCRYPT_MODE;byte[] content;if (encrypt) {content = data.getBytes(defaultCharset);} else {content = Base64.decodeBase64(data.getBytes());}SecretKeySpec keySpec = new SecretKeySpec(md5Digest.digest(key.getBytes(defaultCharset)), KEY_AES);Cipher cipher = Cipher.getInstance(KEY_AES);// 创建密码器cipher.init(mode, keySpec);// 初始化byte[] result = cipher.doFinal(content);if (encrypt) {return new String(Base64.encodeBase64(result));} else {return new String(result, defaultCharset);}} catch (Exception e) {}return null;}推荐使用对称加密算法有：AES128、AES192、AES256 。
三、非对称加密算法非对称加密算法有两个密钥，这两个密钥完全不同但又完全匹配 。只有使用匹配的一对公钥和私钥，才能完成对明文的加密和解密过程 。常见的非对称加密有RSA、SM2等 。
3.1 RSARSA密钥至少为500位长，一般推荐使用1024位 。
//非对称密钥算法public static final String KEY_ALGORITHM = "RSA";/*** 密钥长度，DH算法的默认密钥长度是1024* 密钥长度必须是64的倍数，在512到65536位之间*/private static final int KEY_SIZE = 1024;//公钥private static final String PUBLIC_KEY = "RSAPublicKey";//私钥private static final String PRIVATE_KEY = "RSAPrivateKey";/*** 初始化密钥对** @return Map 甲方密钥的Map*/public static Map<String, Object> initKey() throws Exception {//实例化密钥生成器KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM);//初始化密钥生成器keyPairGenerator.initialize(KEY_SIZE);//生成密钥对KeyPair keyPair = keyPairGenerator.generateKeyPair();//甲方公钥RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();//甲方私钥RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();//将密钥存储在map中Map<String, Object> keyMap = new HashMap<String, Object>();keyMap.put(PUBLIC_KEY, publicKey);keyMap.put(PRIVATE_KEY, privateKey);return keyMap;}/*** 私钥加密** @param data 待加密数据* @param key密钥* @return byte[] 加密数据*/public static byte[] encryptByPrivateKey(byte[] data, byte[] key) throws Exception {//取得私钥PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);//生成私钥PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);//数据加密Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());cipher.init(Cipher.ENCRYPT_MODE, privateKey);return cipher.doFinal(data);}/*** 公钥加密** @param data 待加密数据* @param key密钥* @return byte[] 加密数据*/public static byte[] encryptByPublicKey(byte[] data, byte[] key) throws Exception {//实例化密钥工厂KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);//初始化公钥//密钥材料转换X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);//产生公钥PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);//数据加密Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());cipher.init(Cipher.ENCRYPT_MODE, pubKey);return cipher.doFinal(data);}/*** 私钥解密** @param data 待解密数据* @param key密钥* @return byte[] 解密数据*/public static byte[] decryptByPrivateKey(byte[] data, byte[] key) throws Exception {//取得私钥PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);//生成私钥PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);//数据解密Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());cipher.init(Cipher.DECRYPT_MODE, privateKey);return cipher.doFinal(data);}/*** 公钥解密** @param data 待解密数据* @param key密钥* @return byte[] 解密数据*/public static byte[] decryptByPublicKey(byte[] data, byte[] key) throws Exception {//实例化密钥工厂KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);//初始化公钥//密钥材料转换X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);//产生公钥PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);//数据解密Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());cipher.init(Cipher.DECRYPT_MODE, pubKey);return cipher.doFinal(data);}/*** 取得私钥** @param keyMap 密钥map* @return byte[] 私钥*/public static byte[] getPrivateKey(Map<String, Object> keyMap) {Key key = (Key) keyMap.get(PRIVATE_KEY);return key.getEncoded();}/*** 取得公钥** @param keyMap 密钥map* @return byte[] 公钥*/public static byte[] getPublicKey(Map<String, Object> keyMap) throws Exception {Key key = (Key) keyMap.get(PUBLIC_KEY);return key.getEncoded();}