您的位置 首页 java

对称加密算法之 Java DES算法应用 附可用工具类

   DES算法简介

DES 算法

  DES算法为密码体制中的对称密码体制,又被称为美国数据加密标准,是1972年美国IBM公司研制的对称密码体制加密算法。明文按64位进行分组,密钥长64位,密钥事实上是56位参与DES运算(第8、16、24、32、40、48、56、64位是校验位,使得每个密钥都有奇数个1)分组后的明文组和56位的密钥按位替代或交换的方法形成密文组的加密方法。

  DES算法具有极高安全性,除了用穷举搜索法对DES算法进行攻击外,还没有发现更有效的办法。而56位长的密钥的穷举空间为2^56,这意味着如果一台计算机的速度是每一秒钟检测一百万个密钥,则它搜索完全部密钥就需要将近2285年的时间,可见,这是难以实现的。然而,这并不等于说DES是不可破解的。而实际上,随着硬件技术和Internet的发展,其破解的可能性越来越大,而且,所需要的时间越来越少。使用经过特殊设计的硬件并行处理要几个小时。

  为了克服DES密钥空间小的缺陷,人们又提出了三重DES的变形方式。

   Maven 依赖

  工具类对于加密后使用Base64进行编码,所以需要依赖Apache Commons Codec。

 <dependency>
    <groupId>commons-codec</groupId>
    <artifactId>commons-codec</artifactId>
    <version>1.9</version>
</dependency>
<dependency>
    <groupId>log4j</groupId>
    <artifactId>log4j</artifactId>
    <version>1.2.17</version>
</dependency>  

   工具类实现

  DESUtil提供了针对文本内容、字节数组内容的加解密实现,DESUtil工具类可以直接复制使用,代码如下:

 package com.arhorchin.securitit.enordecryption.des;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
/**
 * @author Securitit.
 * @note DES加密算法实现.
 */
public class DESUtil {
    /**
     * logger.
     */
    private static Logger logger = Logger.getLogger(DESUtil.class);
    /**
     * 数据编码.
     */
    private static final String CHARSET_UTF8 = "UTF-8";
    /**
     * 算法编号.
     */
    public static final String DES_NAME = "DES";
    /**
     * CBC模式串.
     */
    public static final String DES_NAME_ECB = "DES/CBC/PKCS5Padding";
    /**
     * 初始向量.
     */
    public static final  byte [] DES_KEY_IV = { 1, 2, 3, 4, 5, 6, 7, 8 };
    /**
     * 根据密码生成Key.要求:密码长度是8的倍数.
     * @param desKeyPwd 密码字符串.
     * @return DES密钥.
     * @throws Exception 可能异常.
     */
    public static String generateDesKey(String desKeyPwd) throws Exception {
        DESKeySpec desKeySpec = null;
        SecretKeyFactory keyFactory = null;
        byte[] keyBytes = null;
        desKeySpec = new DESKeySpec(desKeyPwd.getBytes(CHARSET_UTF8));
        keyFactory = SecretKeyFactory. getInstance (DES_NAME);
        keyBytes = keyFactory.generateSecret(desKeySpec).getEncoded();
        return Base64.encodeBase64String(keyBytes);
    }
    /**
     * 对文本内容进行加密.
     * @param plainText 待加密明文内容.
     * @param desKey DES密钥.
     * @return 加密的密文.
     */
    public static String encodeText(String plainText, String desKey) throws Exception {
        byte[] desKeyBytes = null;
        byte[] plainBytes = null;
        byte[] cipherBytes = null;
        try {
            desKeyBytes = Base64.decodeBase64(desKey);
            plainBytes = plainText.getBytes(CHARSET_UTF8);
            cipherBytes = encodeByCbc(plainBytes, desKeyBytes, DES_KEY_IV);
            return Base64.encodeBase64String(cipherBytes);
        } catch (Exception ex) {
            logger.error("DESUtil.encodeText.", ex);
            return "";
        }
    }
    /**
     * 对文本密文进行解密.
     * @param cipherText 待解密密文.
     * @param desKey DES密钥.
     * @return 解密的明文.
     */
    public static String decodeText(String cipherText, String desKey) throws Exception {
        byte[] desKeyBytes = null;
        byte[] cipherBytes = null;
        byte[] plainBytes = null;
        try {
            desKeyBytes = Base64.decodeBase64(desKey);
            cipherBytes = Base64.decodeBase64(cipherText);
            plainBytes = decodeByCbc(cipherBytes, desKeyBytes, DES_KEY_IV);
            return new String(plainBytes, CHARSET_UTF8);
        } catch (Exception ex) {
            logger.error("DESUtil.decodeText.", ex);
            return "";
        }
    }
    /**
     * 对字节数组内容进行加密.
     * @param plainText 待加密明文内容.
     * @param dseKey DES密钥.
     * @return 加密的密文.
     */
    public static byte[] encodeBytes(byte[] plainBytes, String desKey) throws Exception {
        byte[] desKeyBytes = null;
        byte[] cipherBytes = null;
        try {
            desKeyBytes = Base64.decodeBase64(desKey);
            cipherBytes = encodeByCbc(plainBytes, desKeyBytes, DES_KEY_IV);
            return cipherBytes;
        } catch (Exception ex) {
            logger.error("DESUtil.encodeBytes.", ex);
            return new byte[0];
        }
    }
    /**
     * 对字节数组密文进行解密.
     * @param cipherText 待解密密文.
     * @param desKey DES密钥.
     * @return 解密的明文.
     */
    public static byte[] decodeBytes(byte[] cipherBytes, String desKey) throws Exception {
        byte[] desKeyBytes = null;
        byte[] plainBytes = null;
        try {
            desKeyBytes = Base64.decodeBase64(desKey);
            plainBytes = decodeByCbc(cipherBytes, desKeyBytes, DES_KEY_IV);
            return plainBytes;
        } catch (Exception ex) {
            logger.error("DESUtil.decodeBytes.", ex);
            return new byte[0];
        }
    }
    /**
     * DES算法使用CBC模式进行加密.
     * @param plainBytes 原文内容.
     * @param desKey DES密钥.
     * @param keyIv DES初始向量.
     * @return 加密后的内容.
     * @throws Exception .
     */
    public static byte[] encodeByCbc(byte[] plainBytes, byte[] desKey, byte[] keyIv) throws Exception {
        Key deskey = null;
        DESKeySpec desSpec = null;
        SecretKeyFactory keyFactory = null;
        Cipher cipher = null;
        IvParameterSpec ivSpec = null;
        byte[] cipherOut = null;
        desSpec = new DESKeySpec(desKey);
        keyFactory = SecretKeyFactory.getInstance(DES_NAME);
        deskey = keyFactory.generateSecret(desSpec);
        cipher = Cipher.getInstance(DES_NAME_ECB);
        ivSpec = new IvParameterSpec(keyIv);
        cipher.init(Cipher.ENCRYPT_MODE, deskey, ivSpec);
        cipherOut = cipher.doFinal(plainBytes);
        return cipherOut;
    }
    /**
     * DES算法使用CBC模式进行解密.
     * @param plainBytes 密文内容.
     * @param desKey DES密钥.
     * @param keyIv DES初始向量.
     * @return 解密后的内容.
     * @throws Exception .
     */
    public static byte[] decodeByCbc(byte[] plainBytes, byte[] desKey, byte[] keyIv) throws Exception {
        Key deskey = null;
        DESKeySpec desSpec = null;
        SecretKeyFactory keyFactory = null;
        Cipher cipher = null;
        IvParameterSpec ivSpec = null;
        byte[] cipherOut = null;
        desSpec = new DESKeySpec(desKey);
        keyFactory = SecretKeyFactory.getInstance(DES_NAME);
        deskey = keyFactory.generateSecret(desSpec);
        cipher = Cipher.getInstance(DES_NAME_ECB);
        ivSpec = new IvParameterSpec(keyIv);
        cipher.init(Cipher.DECRYPT_MODE, deskey, ivSpec);
        cipherOut = cipher.doFinal(plainBytes);
        return cipherOut;
    }
}  

   工具类测试

 package com.arhorchin.securitit.enordecryption.des;
import java.util.Arrays;
/**
 * @author Securitit.
 * @note DESUtil测试类.
 */
public class DESUtilTester {
    public static void main(String[] args) throws Exception {
        String desKeyPwd = "1234567887654321";
        String desKey = null;
        String plainText = "This is 一段明文内容!";
        String cipherText = null;
        System.out.println("----------------------- 获取DES秘钥 -------------------------");
        desKey = DESUtil.generateDesKey(desKeyPwd);
        System.out.println("秘钥:" + desKey);
        System.out.println();
        // 文本加解密测试.
        System.out.println("----------------------- 文本加解密测试 -------------------------");
        System.out.println("明文:" + plainText);
        cipherText = DESUtil.encodeText(plainText, desKey);
        System.out.println("密文:" + cipherText);
        plainText = DESUtil.decodeText(cipherText, desKey);
        System.out.println("解密明文:" + plainText);
        System.out.println();
        System.out.println("----------------------- 字节数组加解密测试 -------------------------");
        byte[] plainBytes = plainText.getBytes("UTF-8");
        byte[] cipherBytes = null;
        System.out.println("明文:" + Arrays.toString(plainBytes));
        cipherBytes = DESUtil.encodeBytes(plainBytes, desKey);
        System.out.println("密文:" + Arrays.toString(cipherBytes));
        plainBytes = DESUtil.decodeBytes(cipherBytes, desKey);
        System.out.println("解密明文:" + Arrays.toString(plainBytes));
        System.out.println();
    }
}  

   控制台输出

  查看Console中的控制台内容,明文和解密后明文对比,可以确认DESUtil可以正常工作,控制台如下图:

 ----------------------- 获取DES秘钥 -------------------------
秘钥:MTIyNDQ3Nzg=
----------------------- 文本加解密测试 -------------------------
明文:This is 一段明文内容!
密文:2guHzIWpad0klMjyRZERLW83acN0AM0F19NZ18NF214=
解密明文:This is 一段明文内容!
----------------------- 字节数组加解密测试 -------------------------
明文:[84, 104, 105, 115, 32, 105, 115, 32, -28, -72, -128, -26, -82, -75, -26, -104, -114, -26, -106, -121, -27, -122, -123, -27, -82, -71, -17, -68, -127]
密文:[-38, 11, -121, -52, -123, -87, 105, -35, 36, -108, -56, -14, 69, -111, 17, 45, 111, 55, 105, -61, 116, 0, -51, 5, -41, -45, 89, -41, -61, 69, -37, 94]
解密明文:[84, 104, 105, 115, 32, 105, 115, 32, -28, -72, -128, -26, -82, -75, -26, -104, -114, -26, -106, -121, -27, -122, -123, -27, -82, -71, -17, -68, -127]  

   总结

  现代密码学应用中,DES的身影已越来越少见,随着硬件和互联网的发展,DES在安全性方面的劣势变得尤为明显。在DES之后,逐渐出现了用于过渡的3DES以及新一代密码算法AES,3DES是为了使得DES更加难以破解,使用三次DES加解密叠加得到的密码算法。而AES是作为下一代对称密码学算法,使用完全不同的算法进行了实现。在实际应用中,可以根据个人所需,选择合适的算法进行应用。

  若文中存在错误和不足,欢迎指正!

文章来源:智云一二三科技

文章标题:对称加密算法之 Java DES算法应用 附可用工具类

文章地址:https://www.zhihuclub.com/189224.shtml

关于作者: 智云科技

热门文章

网站地图