详解DES加密算法及在Java程序中的使用示例

时间:2021-09-22 10:57:54

DES加密算法
DES全称为Data Encryption Standard,即数据加密标准,是一种使用密钥加密的块算法,1976年被美国联邦*的国家标准局确定为联邦资料处理标准(FIPS),随后在国际上广泛流传开来。
DES算法的入口参数有三个:Key、Data、Mode。其中Key为7个字节共56位,是DES算法的工作密钥;Data为8个字节64位,是要被加密或被解密的数据;Mode为DES的工作方式,有两种:加密或解密。
DES算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是56位,其算法主要分为两步:
1)初始置换
其功能是把输入的64位数据块按位重新组合,并把输出分为L0、R0两部分,每部分各长32位,其置换规则为将输入的第58位换到第一位,第50位换到第2位……依此类推,最后一位是原来的第7位。L0、R0则是换位输出后的两部分,L0是输出的左32位,R0是右32位,例:设置换前的输入值为D1D2D3……D64,则经过初始置换后的结果为:L0=D58D50……D8;R0=D57D49……D7。
其置换规则见下表:

?
1
2
3
4
58,50,42,34,26,18,10,2,60,52,44,36,28,20,12,4,
62,54,46,38,30,22,14,6,64,56,48,40,32,24,16,8,
57,49,41,33,25,17,9,1,59,51,43,35,27,19,11,3,
61,53,45,37,29,21,13,5,63,55,47,39,31,23,15,7,

2)逆置换
经过16次迭代运算后,得到L16、R16,将此作为输入,进行逆置换,逆置换正好是初始置换的逆运算,由此即得到密文输出。
此算法是对称加密算法体系中的代表,在计算机网络系统中广泛使用.

Java基本实现

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
package com.stone.security;
 
import java.security.Key;
import java.security.SecureRandom;
 
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
 
/**
 * DES 算法    1972美国IBM研制,对称加密算法
 */
public class DES { 
  // 算法名称
  public static final String KEY_ALGORITHM = "DES";
  // 算法名称/加密模式/填充方式
  public static final String CIPHER_ALGORITHM_ECB = "DES/ECB/PKCS5Padding";
  public static final String CIPHER_ALGORITHM_CBC = "DES/CBC/PKCS5Padding";
   
  public static void main(String[] args) throws Exception {
    /*
     * 使用 ECB mode
     * 密钥生成器 生成密钥
     * ECB mode cannot use IV
     */
    byte[] key = generateKey(); 
    byte[] encrypt = encrypt("胃炎F#*(x)".getBytes(), key);
    System.out.println(new String(decrypt(encrypt, key)));
     
     
    /*
     * 使用CBC mode
     * 使用密钥工厂生成密钥,加密 解密
     * iv: DES in CBC mode and RSA ciphers with OAEP encoding operation.
     */
    DESKeySpec dks = new DESKeySpec(generateKey());
    SecretKeyFactory factory = SecretKeyFactory.getInstance(KEY_ALGORITHM);
    SecretKey secretKey = factory.generateSecret(dks);
    Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM_CBC);
    cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(getIV()));
    byte[] enc = cipher.doFinal("胃炎A%F#*(x)".getBytes()); //加密
     
    cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(getIV()));
    byte[] dec = cipher.doFinal(enc); // 解密
    System.out.println(new String(dec));
  }
   
  static byte[] getIV() {
    String iv = "asdfivh7"; //IV length: must be 8 bytes long
    return iv.getBytes();
  }
 
  /**
   * 生成密钥
   *
   * @return
   * @throws Exception
   */
  private static byte[] generateKey() throws Exception {
    KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_ALGORITHM);
    keyGenerator.init(56); //des 必须是56, 此初始方法不必须调用
    SecretKey secretKey = keyGenerator.generateKey();
    return secretKey.getEncoded();
  }
 
  /**
   * 还原密钥
   *
   * @param key
   * @return
   * @throws Exception
   */
  private static Key toKey(byte[] key) throws Exception {
    DESKeySpec des = new DESKeySpec(key);
    SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(KEY_ALGORITHM);
    SecretKey secretKey = keyFactory.generateSecret(des);
    return secretKey;
  }
   
  /**
   * 加密
   * @param data 原文
   * @param key
   * @return 密文
   * @throws Exception
   */
  public static byte[] encrypt(byte[] data, byte[] key) throws Exception {
    Key k = toKey(key);
    Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM_ECB);
    cipher.init(Cipher.ENCRYPT_MODE, k, new SecureRandom());
    return cipher.doFinal(data);
  }
  /**
   * 解密
   * @param data 密文
   * @param key
   * @return 明文、原文
   * @throws Exception
   */
  public static byte[] decrypt(byte[] data, byte[] key) throws Exception {
    Key k = toKey(key);
    Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM_ECB);
    cipher.init(Cipher.DECRYPT_MODE, k, new SecureRandom());
    return cipher.doFinal(data);
  }
}

Java三重DES实现:

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
package com.stone.security;
 
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
 
/**
 * 三重加密 3DES也作 Triple DES,
 */
public class TripleDES {
  // 算法名称
  public static final String KEY_ALGORITHM = "DESede";
  // 算法名称/加密模式/填充方式
  public static final String CIPHER_ALGORITHM_ECB = "DESede/ECB/PKCS5Padding";
  public static final String CIPHER_ALGORITHM_CBC = "DESede/CBC/PKCS5Padding";
   
  private KeyGenerator keyGen;
  private SecretKey secretKey;
  private SecretKey secretKey2;
  private Cipher cipher;
  private static byte[] encryptData;
   
  public static void main(String[] args) throws Exception {
    TripleDES tripleDES = new TripleDES("ECB");
    tripleDES.encrypt("sau8jzxlcvm,'123`98(*^&%^^JCB ZX>>A<S<}}{");
    System.out.println("加密后:" + new String(encryptData));
    System.out.println("解密后:"+ new String(tripleDES.decrypt(encryptData)));
     
    tripleDES = new TripleDES("CBC");
    tripleDES.encrypt2("sau8jzxlc DQV#><«|vm,'123`98(*^&%^^JCB ZX>>A<S<}}{");
    System.out.println("加密后:" + new String(encryptData));
    System.out.println("解密后:"+ new String(tripleDES.decrypt2(encryptData)));
  }
   
  public TripleDES(String mode) throws Exception {
    if ("ECB".equals(mode)) {
//     cipher = Cipher.getInstance(KEY_ALGORITHM);
      cipher = Cipher.getInstance(CIPHER_ALGORITHM_ECB);
      keyGen = KeyGenerator.getInstance(KEY_ALGORITHM);
      secretKey = keyGen.generateKey();
    } else if("CBC".equals(mode)) {
      cipher = Cipher.getInstance(CIPHER_ALGORITHM_CBC);
      keyGen = KeyGenerator.getInstance(KEY_ALGORITHM);
      DESedeKeySpec spec = new DESedeKeySpec(keyGen.generateKey().getEncoded());
      secretKey2 = SecretKeyFactory.getInstance(KEY_ALGORITHM).generateSecret(spec);
    }
  }
  /**
   * 加密
   * @param str
   * @return
   * @throws Exception
   */
  public byte[] encrypt(String str) throws Exception {
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    return encryptData = cipher.doFinal(str.getBytes());
  }
  /**
   * 解密
   * @param encrypt
   * @return
   * @throws Exception
   */
  public byte[] decrypt(byte[] encrypt) throws Exception {
    cipher.init(Cipher.DECRYPT_MODE, secretKey);
    return encryptData = cipher.doFinal(encrypt);
  }
  byte[] getIV() {
    return "administ".getBytes();
  }
  /**
   * 加密
   * @param str
   * @return
   * @throws Exception
   */
  public byte[] encrypt2(String str) throws Exception {
    cipher.init(Cipher.ENCRYPT_MODE, secretKey2, new IvParameterSpec(getIV()));
    return encryptData = cipher.doFinal(str.getBytes());
  }
  /**
   * 解密
   * @param encrypt
   * @return
   * @throws Exception
   */
  public byte[] decrypt2(byte[] encrypt) throws Exception {
    cipher.init(Cipher.DECRYPT_MODE, secretKey2, new IvParameterSpec(getIV()));
    return encryptData = cipher.doFinal(encrypt);
  }
}
标签:

相关文章