详解DES加密算法及在Java程序中的使用示例
程序员文章站
2024-03-09 12:31:11
des加密算法
des全称为data encryption standard,即数据加密标准,是一种使用密钥加密的块算法,1976年被美国联邦*的国家标准局确定为联邦资...
des加密算法
des全称为data encryption standard,即数据加密标准,是一种使用密钥加密的块算法,1976年被美国联邦*的国家标准局确定为联邦资料处理标准(fips),随后在国际上广泛流传开来。
des算法的入口参数有三个:key、data、mode。其中key为7个字节共56位,是des算法的工作密钥;data为8个字节64位,是要被加密或被解密的数据;mode为des的工作方式,有两种:加密或解密。
des算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是56位,其算法主要分为两步:
1)初始置换
其功能是把输入的64位数据块按位重新组合,并把输出分为l0、r0两部分,每部分各长32位,其置换规则为将输入的第58位换到第一位,第50位换到第2位……依此类推,最后一位是原来的第7位。l0、r0则是换位输出后的两部分,l0是输出的左32位,r0是右32位,例:设置换前的输入值为d1d2d3……d64,则经过初始置换后的结果为:l0=d58d50……d8;r0=d57d49……d7。
其置换规则见下表:
58,50,42,34,26,18,10,2,60,52,44,36,28,20,12,4, 62,54,46,38,30,22,14,6,64,56,48,40,32,24,16,8, 57,49,41,33,25,17,9,1,59,51,43,35,27,19,11,3, 61,53,45,37,29,21,13,5,63,55,47,39,31,23,15,7,
2)逆置换
经过16次迭代运算后,得到l16、r16,将此作为输入,进行逆置换,逆置换正好是初始置换的逆运算,由此即得到密文输出。
此算法是对称加密算法体系中的代表,在计算机网络系统中广泛使用.
java基本实现
package com.stone.security; import java.security.key; import java.security.securerandom; import javax.crypto.cipher; import javax.crypto.keygenerator; import javax.crypto.secretkey; import javax.crypto.secretkeyfactory; import javax.crypto.spec.deskeyspec; import javax.crypto.spec.ivparameterspec; /** * des 算法 1972美国ibm研制,对称加密算法 */ public class des { // 算法名称 public static final string key_algorithm = "des"; // 算法名称/加密模式/填充方式 public static final string cipher_algorithm_ecb = "des/ecb/pkcs5padding"; public static final string cipher_algorithm_cbc = "des/cbc/pkcs5padding"; public static void main(string[] args) throws exception { /* * 使用 ecb mode * 密钥生成器 生成密钥 * ecb mode cannot use iv */ byte[] key = generatekey(); byte[] encrypt = encrypt("胃炎f#*(x)".getbytes(), key); system.out.println(new string(decrypt(encrypt, key))); /* * 使用cbc mode * 使用密钥工厂生成密钥,加密 解密 * iv: des in cbc mode and rsa ciphers with oaep encoding operation. */ deskeyspec dks = new deskeyspec(generatekey()); secretkeyfactory factory = secretkeyfactory.getinstance(key_algorithm); secretkey secretkey = factory.generatesecret(dks); cipher cipher = cipher.getinstance(cipher_algorithm_cbc); cipher.init(cipher.encrypt_mode, secretkey, new ivparameterspec(getiv())); byte[] enc = cipher.dofinal("胃炎a%f#*(x)".getbytes()); //加密 cipher.init(cipher.decrypt_mode, secretkey, new ivparameterspec(getiv())); byte[] dec = cipher.dofinal(enc); // 解密 system.out.println(new string(dec)); } static byte[] getiv() { string iv = "asdfivh7"; //iv length: must be 8 bytes long return iv.getbytes(); } /** * 生成密钥 * * @return * @throws exception */ private static byte[] generatekey() throws exception { keygenerator keygenerator = keygenerator.getinstance(key_algorithm); keygenerator.init(56); //des 必须是56, 此初始方法不必须调用 secretkey secretkey = keygenerator.generatekey(); return secretkey.getencoded(); } /** * 还原密钥 * * @param key * @return * @throws exception */ private static key tokey(byte[] key) throws exception { deskeyspec des = new deskeyspec(key); secretkeyfactory keyfactory = secretkeyfactory.getinstance(key_algorithm); secretkey secretkey = keyfactory.generatesecret(des); return secretkey; } /** * 加密 * @param data 原文 * @param key * @return 密文 * @throws exception */ public static byte[] encrypt(byte[] data, byte[] key) throws exception { key k = tokey(key); cipher cipher = cipher.getinstance(cipher_algorithm_ecb); cipher.init(cipher.encrypt_mode, k, new securerandom()); return cipher.dofinal(data); } /** * 解密 * @param data 密文 * @param key * @return 明文、原文 * @throws exception */ public static byte[] decrypt(byte[] data, byte[] key) throws exception { key k = tokey(key); cipher cipher = cipher.getinstance(cipher_algorithm_ecb); cipher.init(cipher.decrypt_mode, k, new securerandom()); return cipher.dofinal(data); } }
java三重des实现:
package com.stone.security; import javax.crypto.cipher; import javax.crypto.keygenerator; import javax.crypto.secretkey; import javax.crypto.secretkeyfactory; import javax.crypto.spec.desedekeyspec; import javax.crypto.spec.ivparameterspec; /** * 三重加密 3des也作 triple des, */ public class tripledes { // 算法名称 public static final string key_algorithm = "desede"; // 算法名称/加密模式/填充方式 public static final string cipher_algorithm_ecb = "desede/ecb/pkcs5padding"; public static final string cipher_algorithm_cbc = "desede/cbc/pkcs5padding"; private keygenerator keygen; private secretkey secretkey; private secretkey secretkey2; private cipher cipher; private static byte[] encryptdata; public static void main(string[] args) throws exception { tripledes tripledes = new tripledes("ecb"); tripledes.encrypt("sau8jzxlcvm,'123`98(*^&%^^jcb zx>>a<s<}}{"); system.out.println("加密后:" + new string(encryptdata)); system.out.println("解密后:"+ new string(tripledes.decrypt(encryptdata))); tripledes = new tripledes("cbc"); tripledes.encrypt2("sau8jzxlc dqv#><«|vm,'123`98(*^&%^^jcb zx>>a<s<}}{"); system.out.println("加密后:" + new string(encryptdata)); system.out.println("解密后:"+ new string(tripledes.decrypt2(encryptdata))); } public tripledes(string mode) throws exception { if ("ecb".equals(mode)) { // cipher = cipher.getinstance(key_algorithm); cipher = cipher.getinstance(cipher_algorithm_ecb); keygen = keygenerator.getinstance(key_algorithm); secretkey = keygen.generatekey(); } else if("cbc".equals(mode)) { cipher = cipher.getinstance(cipher_algorithm_cbc); keygen = keygenerator.getinstance(key_algorithm); desedekeyspec spec = new desedekeyspec(keygen.generatekey().getencoded()); secretkey2 = secretkeyfactory.getinstance(key_algorithm).generatesecret(spec); } } /** * 加密 * @param str * @return * @throws exception */ public byte[] encrypt(string str) throws exception { cipher.init(cipher.encrypt_mode, secretkey); return encryptdata = cipher.dofinal(str.getbytes()); } /** * 解密 * @param encrypt * @return * @throws exception */ public byte[] decrypt(byte[] encrypt) throws exception { cipher.init(cipher.decrypt_mode, secretkey); return encryptdata = cipher.dofinal(encrypt); } byte[] getiv() { return "administ".getbytes(); } /** * 加密 * @param str * @return * @throws exception */ public byte[] encrypt2(string str) throws exception { cipher.init(cipher.encrypt_mode, secretkey2, new ivparameterspec(getiv())); return encryptdata = cipher.dofinal(str.getbytes()); } /** * 解密 * @param encrypt * @return * @throws exception */ public byte[] decrypt2(byte[] encrypt) throws exception { cipher.init(cipher.decrypt_mode, secretkey2, new ivparameterspec(getiv())); return encryptdata = cipher.dofinal(encrypt); } }