对称加密算法就是能将数据加解密。加密的时候用密钥对数据进行加密,解密的时候使用同样的密钥对数据进行解密。
DES是美国国家标准研究所提出的算法。因为加解密的数据安全性和密钥长度成正比。des的56位的密钥已经形成安全隐患,在1998年之后就很少被采用。但是一些老旧的系统还在使用。因为这个des算法并没有被美国标准委员会公布全部算法,大家一致怀疑被留了后门。所以慢慢就被淘汰掉了。
后来针对des算法进行了改进,有了三重des算法(DESede)。针对des算法的密钥长度较短以及迭代次数偏少问题做了相应改进,提高了安全强度。不过desede算法处理速度较慢,密钥计算时间较长,加密效率不高问题使得对称加密算法的发展不容乐观。
DES算法提供CBC, OFB, CFB, ECB四种模式,MAC是基于ECB实现的。
【Java使用3DES加密解密的流程】
①传入共同约定的密钥(keyBytes)以及算法(Algorithm),来构建SecretKey密钥对象
SecretKey deskey = new SecretKeySpec(keyBytes, Algorithm);
②根据算法实例化Cipher对象。它负责加密/解密
Cipher c1 = Cipher.getInstance(Algorithm);
③传入加密/解密模式以及SecretKey密钥对象,实例化Cipher对象
c1.init(Cipher.ENCRYPT_MODE, deskey);
④传入字节数组,调用Cipher.doFinal()方法,实现加密/解密,并返回一个byte字节数组
c1.doFinal(src);
DES类型加密解密:
package com.tianxin.itfin.core.helper;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.security.SecureRandom;
/**
* 3DES加密工具类
*/
public class EncryptUtils {
// 密钥(DES加密和解密过程中,密钥长度都必须是8的倍数)
private final static String secretKey = "ucserver";
// 加解密统一使用的编码方式
private final static String encoding = "utf-8";
/**
* 3DES加密
*
* @param plainText 普通文本
* @return
* @throws Exception
*/
public static String encode(String plainText) throws Exception {
// DES算法要求有一个可信任的随机数源
SecureRandom sr = new SecureRandom();
// 从原始密钥数据创建DESKeySpec对象
DESKeySpec dks = new DESKeySpec(secretKey.getBytes());
// 创建一个密匙工厂,然后用它把DESKeySpec转换成
// 一个SecretKey对象
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");//DES加密和解密过程中,密钥长度都必须是8的倍数
SecretKey secretKey = keyFactory.generateSecret(dks);
// using DES in ECB mode
Cipher cipher = Cipher.getInstance("DES/ECB/pkcs5padding");
// 用密匙初始化Cipher对象
cipher.init(Cipher.ENCRYPT_MODE, secretKey, sr);
// 执行加密操作
byte[] encryptData = cipher.doFinal(plainText.getBytes(encoding));
return Base64.encode(encryptData);
}
/**
* 3DES解密
*
* @param encryptText 加密文本
* @return
* @throws Exception
*/
public static String decode(String encryptText) throws Exception {
// DES算法要求有一个可信任的随机数源
SecureRandom sr = new SecureRandom();
// 从原始密匙数据创建一个DESKeySpec对象
DESKeySpec dks = new DESKeySpec(secretKey.getBytes());
// 创建一个密匙工厂,然后用它把DESKeySpec对象转换成
// 一个SecretKey对象
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey secretKey = keyFactory.generateSecret(dks);
// using DES in ECB mode
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
// 用密匙初始化Cipher对象
cipher.init(Cipher.DECRYPT_MODE, secretKey, sr);
// 正式执行解密操作
byte[] decryptData = cipher.doFinal(Base64.decode(encryptText));
return new String(decryptData, encoding);
}
public static String padding(String str) {
byte[] oldByteArray;
try {
oldByteArray = str.getBytes("UTF8");
int numberToPad = 8 - oldByteArray.length % 8;
byte[] newByteArray = new byte[oldByteArray.length + numberToPad];
System.arraycopy(oldByteArray, 0, newByteArray, 0,
oldByteArray.length);
for (int i = oldByteArray.length; i < newByteArray.length; ++i) {
newByteArray[i] = 0;
}
return new String(newByteArray, "UTF8");
} catch (UnsupportedEncodingException e) {
System.out.println("Crypter.padding UnsupportedEncodingException");
}
return null;
}
/**
* Base64编码工具类
*/
public static class Base64 {
private static final char[] legalChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_".toCharArray();
public static String encode(byte[] data) {
int start = 0;
int len = data.length;
StringBuffer buf = new StringBuffer(data.length * 3 / 2);
int end = len - 3;
int i = start;
int n = 0;
while (i <= end) {
int d = ((((int) data[i]) & 0x0ff) << 16) | ((((int) data[i + 1]) & 0x0ff) << 8) | (((int) data[i + 2]) & 0x0ff);
buf.append(legalChars[(d >> 18) & 63]);
buf.append(legalChars[(d >> 12) & 63]);
buf.append(legalChars[(d >> 6) & 63]);
buf.append(legalChars[d & 63]);
i += 3;
if (n++ >= 14) {
n = 0;
buf.append(" ");
}
}
if (i == start + len - 2) {
int d = ((((int) data[i]) & 0x0ff) << 16) | ((((int) data[i + 1]) & 255) << 8);
buf.append(legalChars[(d >> 18) & 63]);
buf.append(legalChars[(d >> 12) & 63]);
buf.append(legalChars[(d >> 6) & 63]);
buf.append("=");
} else if (i == start + len - 1) {
int d = (((int) data[i]) & 0x0ff) << 16;
buf.append(legalChars[(d >> 18) & 63]);
buf.append(legalChars[(d >> 12) & 63]);
buf.append("==");
}
return buf.toString();
}
private static int decode(char c) {
if (c >= 'A' && c <= 'Z')
return ((int) c) - 65;
else if (c >= 'a' && c <= 'z')
return ((int) c) - 97 + 26;
else if (c >= '0' && c <= '9')
return ((int) c) - 48 + 26 + 26;
else
switch (c) {
case '-':
return 62;
case '_':
return 63;
case '=':
return 0;
default:
throw new RuntimeException("unexpected code: " + c);
}
}
/**
* Decodes the given Base64 encoded String to a new byte array. The byte array holding the decoded data is returned.
*/
public static byte[] decode(String s) {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
try {
decode(s, bos);
} catch (IOException e) {
throw new RuntimeException();
}
byte[] decodedBytes = bos.toByteArray();
try {
bos.close();
bos = null;
} catch (IOException ex) {
System.err.println("Error while decoding BASE64: " + ex.toString());
}
return decodedBytes;
}
private static void decode(String s, OutputStream os) throws IOException {
int i = 0;
int len = s.length();
while (true) {
while (i < len && s.charAt(i) <= ' ')
i++;
if (i == len)
break;
int tri = (decode(s.charAt(i)) << 18) + (decode(s.charAt(i + 1)) << 12) + (decode(s.charAt(i + 2)) << 6) + (decode(s.charAt(i + 3)));
os.write((tri >> 16) & 255);
if (s.charAt(i + 2) == '=')
break;
os.write((tri >> 8) & 255);
if (s.charAt(i + 3) == '=')
break;
os.write(tri & 255);
i += 4;
}
}
}
public static void main(String[] args) throws Exception {
String plainText = "[{\"user\":\"402892ee59b6e6930159b6e849740000\",\"mobile\":\"18205189527\"}]";
String encryptText = EncryptUtils.encode(plainText).replace(" ", "");
System.out.println(encryptText);
System.out.println(EncryptUtils.decode(encryptText));
}
}
运行结果:
PJfT-1k_8t9aiBlrLJWO1Iiy3P55yGMorPdxdb4JEv2fxQwzvuMxFyj4mfyX BbtSdWDpTQ2tTavYR3q5CSBIteC94ZFGC8Mn
[{"user":"402892ee59b6e6930159b6e849740000","mobile":"18205189527"}]
desede类型加密解密只需要修改encode/decode方法即可:
public class EncryptUtils2 {
// 密钥
private final static String secretKey = "thismy3desdemotestsecretKey";
// 向量
private final static String iv = "01234567";
// 加解密统一使用的编码方式
private final static String encoding = "utf-8";
/**
* 3DES加密
*
* @param plainText 普通文本
* @return
* @throws Exception
*/
public static String encode(String plainText) throws Exception {
Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(secretKey.getBytes());
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec);
Cipher cipher = Cipher.getInstance("desede/CBC/PKCS5Padding");
IvParameterSpec ips = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.ENCRYPT_MODE, deskey, ips);
byte[] encryptData = cipher.doFinal(plainText.getBytes(encoding));
return Base64.encode(encryptData);
}
/**
* 3DES解密
*
* @param encryptText 加密文本
* @return
* @throws Exception
*/
public static String decode(String encryptText) throws Exception {
Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(secretKey.getBytes());
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec);
Cipher cipher = Cipher.getInstance("desede/CBC/PKCS5Padding");
IvParameterSpec ips = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.DECRYPT_MODE, deskey, ips);
byte[] decryptData = cipher.doFinal(Base64.decode(encryptText));
return new String(decryptData, encoding);
}
}
参考:
3DES加密—java/OC
在JAVA中使用DES算法
在线3DES加密解密、3DES在线加密解密