使用BouncyCastle轻量级API进行AES-256加密

时间:2021-07-12 13:08:41

I have written some (functional) AES encryption code using Java's built in encryption libraries, as follows, but I'd like to use a 256-bit key. However, I'd like to do this without the user having to install to Unlimited Strength Cryptography Policy files.

我使用Java的内置加密库编写了一些(功能)AES加密代码,如下所示,但我想使用256位密钥。但是,我想在没有用户安装到Unlimited Strength Cryptography Policy文件的情况下执行此操作。

Now, I've heard that using the BouncyCastle Lightweight API can allow me to do this, but unfortunately I'm having a great deal of trouble getting my head around it, and am struggling to fit any documentation that helps me.

现在,我听说使用BouncyCastle轻量级API可以让我这样做,但不幸的是我遇到了很多麻烦,我很难适应任何有助于我的文档。

Here is a my current code, in which 'content' is the byte array to be encrypted:

这是我当前的代码,其中'content'是要加密的字节数组:

KeyGenerator kgen = KeyGenerator.getInstance("AES");
int keySize = 128;
kgen.init(keySize);
SecretKey key = kgen.generateKey();
byte[] aesKey = key.getEncoded();
SecretKeySpec aesKeySpec = new SecretKeySpec(aesKey, "AES");
Cipher aesCipher = Cipher.getInstance("AES");
aesCipher.init(Cipher.ENCRYPT_MODE, aesKeySpec);
byte[] encryptedContent = aesCipher.doFinal(content);

How would I go about re-implementing this with the BouncyCastle Lightweight API? Can anyone help me out and/or point me in the direction of some simple example code?

我将如何使用BouncyCastle轻量级API重新实现此功能?任何人都可以帮助我和/或指向一些简单的示例代码的方向吗?

I'm also interesting in any other solutions that allow 256-bit key AES encryption without the need for the user to install the unlimited strength policy files.

我也对其他任何允许256位密钥AES加密的解决方案感兴趣,而无需用户安装无限强度策略文件。

Many thanks!

非常感谢!

1 个解决方案

#1


6  

This question and answer is a useful starting point.

这个问题和答案是一个有用的起点。

256bit AES/CBC/PKCS5Padding with Bouncy Castle

带有Bouncy Castle的256位AES / CBC / PKCS5Padding

The next best place to look is the test code for the LW APIs and then the JCE Provider code. The JCE Provider code is a wrapper around the LW libraries - so if you want to know how to do it, that's the best place to see it.

下一个要查看的最佳位置是LW API的测试代码,然后是JCE提供程序代码。 JCE提供程序代码是LW库的包装器 - 因此,如果您想知道如何执行它,那么这是查看它的最佳位置。

By the JCE Provider code, I mean the BC implementation.

通过JCE提供程序代码,我的意思是BC实现。

#1


6  

This question and answer is a useful starting point.

这个问题和答案是一个有用的起点。

256bit AES/CBC/PKCS5Padding with Bouncy Castle

带有Bouncy Castle的256位AES / CBC / PKCS5Padding

The next best place to look is the test code for the LW APIs and then the JCE Provider code. The JCE Provider code is a wrapper around the LW libraries - so if you want to know how to do it, that's the best place to see it.

下一个要查看的最佳位置是LW API的测试代码,然后是JCE提供程序代码。 JCE提供程序代码是LW库的包装器 - 因此,如果您想知道如何执行它,那么这是查看它的最佳位置。

By the JCE Provider code, I mean the BC implementation.

通过JCE提供程序代码,我的意思是BC实现。