欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

详解DES加密算法及在Java程序中的使用示例

程序员文章站 2024-03-09 12:31:11
des加密算法 des全称为data encryption standard,即数据加密标准,是一种使用密钥加密的块算法,1976年被美国联邦*的国家标准局确定为联邦资...

des加密算法
des全称为data encryption standard,即数据加密标准,是一种使用密钥加密的块算法,1976年被美国联邦*的国家标准局确定为联邦资料处理标准(fips),随后在国际上广泛流传开来。
des算法的入口参数有三个:key、data、mode。其中key为7个字节共56位,是des算法的工作密钥;data为8个字节64位,是要被加密或被解密的数据;mode为des的工作方式,有两种:加密或解密。
des算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是56位,其算法主要分为两步:
1)初始置换
其功能是把输入的64位数据块按位重新组合,并把输出分为l0、r0两部分,每部分各长32位,其置换规则为将输入的第58位换到第一位,第50位换到第2位……依此类推,最后一位是原来的第7位。l0、r0则是换位输出后的两部分,l0是输出的左32位,r0是右32位,例:设置换前的输入值为d1d2d3……d64,则经过初始置换后的结果为:l0=d58d50……d8;r0=d57d49……d7。
其置换规则见下表:

58,50,42,34,26,18,10,2,60,52,44,36,28,20,12,4,
62,54,46,38,30,22,14,6,64,56,48,40,32,24,16,8,
57,49,41,33,25,17,9,1,59,51,43,35,27,19,11,3,
61,53,45,37,29,21,13,5,63,55,47,39,31,23,15,7,

2)逆置换
经过16次迭代运算后,得到l16、r16,将此作为输入,进行逆置换,逆置换正好是初始置换的逆运算,由此即得到密文输出。
此算法是对称加密算法体系中的代表,在计算机网络系统中广泛使用.

java基本实现

package com.stone.security; 
 
import java.security.key; 
import java.security.securerandom; 
 
import javax.crypto.cipher; 
import javax.crypto.keygenerator; 
import javax.crypto.secretkey; 
import javax.crypto.secretkeyfactory; 
import javax.crypto.spec.deskeyspec; 
import javax.crypto.spec.ivparameterspec; 
 
/** 
 * des 算法    1972美国ibm研制,对称加密算法 
 */ 
public class des {  
  // 算法名称 
  public static final string key_algorithm = "des"; 
  // 算法名称/加密模式/填充方式 
  public static final string cipher_algorithm_ecb = "des/ecb/pkcs5padding"; 
  public static final string cipher_algorithm_cbc = "des/cbc/pkcs5padding"; 
   
  public static void main(string[] args) throws exception { 
    /* 
     * 使用 ecb mode 
     * 密钥生成器 生成密钥 
     * ecb mode cannot use iv 
     */ 
    byte[] key = generatekey();  
    byte[] encrypt = encrypt("胃炎f#*(x)".getbytes(), key); 
    system.out.println(new string(decrypt(encrypt, key))); 
     
     
    /* 
     * 使用cbc mode 
     * 使用密钥工厂生成密钥,加密 解密 
     * iv: des in cbc mode and rsa ciphers with oaep encoding operation. 
     */ 
    deskeyspec dks = new deskeyspec(generatekey()); 
    secretkeyfactory factory = secretkeyfactory.getinstance(key_algorithm); 
    secretkey secretkey = factory.generatesecret(dks); 
    cipher cipher = cipher.getinstance(cipher_algorithm_cbc); 
    cipher.init(cipher.encrypt_mode, secretkey, new ivparameterspec(getiv())); 
    byte[] enc = cipher.dofinal("胃炎a%f#*(x)".getbytes()); //加密 
     
    cipher.init(cipher.decrypt_mode, secretkey, new ivparameterspec(getiv())); 
    byte[] dec = cipher.dofinal(enc); // 解密 
    system.out.println(new string(dec)); 
  } 
   
  static byte[] getiv() { 
    string iv = "asdfivh7"; //iv length: must be 8 bytes long 
    return iv.getbytes(); 
  } 
 
  /** 
   * 生成密钥 
   * 
   * @return 
   * @throws exception 
   */ 
  private static byte[] generatekey() throws exception { 
    keygenerator keygenerator = keygenerator.getinstance(key_algorithm); 
    keygenerator.init(56); //des 必须是56, 此初始方法不必须调用 
    secretkey secretkey = keygenerator.generatekey(); 
    return secretkey.getencoded(); 
  } 
 
  /** 
   * 还原密钥 
   * 
   * @param key 
   * @return 
   * @throws exception 
   */ 
  private static key tokey(byte[] key) throws exception { 
    deskeyspec des = new deskeyspec(key); 
    secretkeyfactory keyfactory = secretkeyfactory.getinstance(key_algorithm); 
    secretkey secretkey = keyfactory.generatesecret(des); 
    return secretkey; 
  } 
   
  /** 
   * 加密 
   * @param data 原文 
   * @param key 
   * @return 密文 
   * @throws exception 
   */ 
  public static byte[] encrypt(byte[] data, byte[] key) throws exception { 
    key k = tokey(key); 
    cipher cipher = cipher.getinstance(cipher_algorithm_ecb); 
    cipher.init(cipher.encrypt_mode, k, new securerandom()); 
    return cipher.dofinal(data); 
  } 
  /** 
   * 解密 
   * @param data 密文 
   * @param key 
   * @return 明文、原文 
   * @throws exception 
   */ 
  public static byte[] decrypt(byte[] data, byte[] key) throws exception { 
    key k = tokey(key); 
    cipher cipher = cipher.getinstance(cipher_algorithm_ecb); 
    cipher.init(cipher.decrypt_mode, k, new securerandom()); 
    return cipher.dofinal(data); 
  } 
} 

java三重des实现:

package com.stone.security; 
 
import javax.crypto.cipher; 
import javax.crypto.keygenerator; 
import javax.crypto.secretkey; 
import javax.crypto.secretkeyfactory; 
import javax.crypto.spec.desedekeyspec; 
import javax.crypto.spec.ivparameterspec; 
 
/** 
 * 三重加密 3des也作 triple des, 
 */ 
public class tripledes { 
  // 算法名称 
  public static final string key_algorithm = "desede"; 
  // 算法名称/加密模式/填充方式 
  public static final string cipher_algorithm_ecb = "desede/ecb/pkcs5padding"; 
  public static final string cipher_algorithm_cbc = "desede/cbc/pkcs5padding"; 
   
  private keygenerator keygen; 
  private secretkey secretkey; 
  private secretkey secretkey2; 
  private cipher cipher; 
  private static byte[] encryptdata; 
   
  public static void main(string[] args) throws exception { 
    tripledes tripledes = new tripledes("ecb"); 
    tripledes.encrypt("sau8jzxlcvm,'123`98(*^&%^^jcb zx>>a<s<}}{"); 
    system.out.println("加密后:" + new string(encryptdata)); 
    system.out.println("解密后:"+ new string(tripledes.decrypt(encryptdata))); 
     
    tripledes = new tripledes("cbc"); 
    tripledes.encrypt2("sau8jzxlc dqv#><«|vm,'123`98(*^&%^^jcb zx>>a<s<}}{"); 
    system.out.println("加密后:" + new string(encryptdata)); 
    system.out.println("解密后:"+ new string(tripledes.decrypt2(encryptdata))); 
  } 
   
  public tripledes(string mode) throws exception { 
    if ("ecb".equals(mode)) { 
//     cipher = cipher.getinstance(key_algorithm); 
      cipher = cipher.getinstance(cipher_algorithm_ecb); 
      keygen = keygenerator.getinstance(key_algorithm); 
      secretkey = keygen.generatekey(); 
    } else if("cbc".equals(mode)) { 
      cipher = cipher.getinstance(cipher_algorithm_cbc); 
      keygen = keygenerator.getinstance(key_algorithm); 
      desedekeyspec spec = new desedekeyspec(keygen.generatekey().getencoded()); 
      secretkey2 = secretkeyfactory.getinstance(key_algorithm).generatesecret(spec); 
    } 
  } 
  /** 
   * 加密 
   * @param str 
   * @return 
   * @throws exception 
   */ 
  public byte[] encrypt(string str) throws exception { 
    cipher.init(cipher.encrypt_mode, secretkey); 
    return encryptdata = cipher.dofinal(str.getbytes()); 
  } 
  /** 
   * 解密 
   * @param encrypt 
   * @return 
   * @throws exception 
   */ 
  public byte[] decrypt(byte[] encrypt) throws exception { 
    cipher.init(cipher.decrypt_mode, secretkey); 
    return encryptdata = cipher.dofinal(encrypt); 
  } 
  byte[] getiv() { 
    return "administ".getbytes(); 
  } 
  /** 
   * 加密 
   * @param str 
   * @return 
   * @throws exception 
   */ 
  public byte[] encrypt2(string str) throws exception { 
    cipher.init(cipher.encrypt_mode, secretkey2, new ivparameterspec(getiv())); 
    return encryptdata = cipher.dofinal(str.getbytes()); 
  } 
  /** 
   * 解密 
   * @param encrypt 
   * @return 
   * @throws exception 
   */ 
  public byte[] decrypt2(byte[] encrypt) throws exception { 
    cipher.init(cipher.decrypt_mode, secretkey2, new ivparameterspec(getiv())); 
    return encryptdata = cipher.dofinal(encrypt); 
  } 
}