DES java源代码如下:
import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.spec.InvalidKeySpecException; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESKeySpec; public class DESEncryptTest { private static final String DES_ALGORITHM = "DES"; /** * DES加密 * @param plainData * @param secretKey * @return * @throws Exception */ public String encryption(String plainData, String secretKey) throws Exception{ Cipher cipher = null; try { cipher = Cipher.getInstance(DES_ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, generateKey(secretKey)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); }catch(InvalidKeyException e){ } try { // 为了防止解密时报javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher异常, // 不能把加密后的字节数组直接转换成字符串 byte[] buf = cipher.doFinal(plainData.getBytes()); return Base64Utils.encode(buf); } catch (IllegalBlockSizeException e) { e.printStackTrace(); throw new Exception("IllegalBlockSizeException", e); } catch (BadPaddingException e) { e.printStackTrace(); throw new Exception("BadPaddingException", e); } } /** * DES解密 * @param secretData * @param secretKey * @return * @throws Exception */ public String decryption(String secretData, String secretKey) throws Exception{ Cipher cipher = null; try { cipher = Cipher.getInstance(DES_ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, generateKey(secretKey)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); throw new Exception("NoSuchAlgorithmException", e); } catch (NoSuchPaddingException e) { e.printStackTrace(); throw new Exception("NoSuchPaddingException", e); }catch(InvalidKeyException e){ e.printStackTrace(); throw new Exception("InvalidKeyException", e); } try { byte[] buf = cipher.doFinal(Base64Utils.decode(secretData.toCharArray())); return new String(buf); } catch (IllegalBlockSizeException e) { e.printStackTrace(); throw new Exception("IllegalBlockSizeException", e); } catch (BadPaddingException e) { e.printStackTrace(); throw new Exception("BadPaddingException", e); } } /** * 获得秘密密钥 * * @param secretKey * @return * @throws NoSuchAlgorithmException */ private SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException{ SecureRandom secureRandom = new SecureRandom(secretKey.getBytes()); // 为我们选择的DES算法生成一个KeyGenerator对象 KeyGenerator kg = null; try { kg = KeyGenerator.getInstance(DES_ALGORITHM); } catch (NoSuchAlgorithmException e) { } kg.init(secureRandom); //kg.init(56, secureRandom); // 生成密钥 return kg.generateKey(); } public static void main(String[] a) throws Exception{ String input = "cy11Xlbrmzyh:604:301:1353064296"; String key = "37d5aed075525d4fa0fe635231cba447"; DESEncryptTest des = new DESEncryptTest(); String result = des.encryption(input, key); System.out.println(result); System.out.println(des.decryption(result, key)); } static class Base64Utils { static private char[] alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=".toCharArray(); static private byte[] codes = new byte[256]; static { for (int i = 0; i < 256; i++) codes[i] = -1; for (int i = 'A'; i <= 'Z'; i++) codes[i] = (byte) (i - 'A'); for (int i = 'a'; i <= 'z'; i++) codes[i] = (byte) (26 + i - 'a'); for (int i = '0'; i <= '9'; i++) codes[i] = (byte) (52 + i - '0'); codes['+'] = 62; codes['/'] = 63; } /** * 将原始数据编码为base64编码 */ static public String encode(byte[] data) { char[] out = new char[((data.length + 2) / 3) * 4]; for (int i = 0, index = 0; i < data.length; i += 3, index += 4) { boolean quad = false; boolean trip = false; int val = (0xFF & (int) data[i]); val <<= 8; if ((i + 1) < data.length) { val |= (0xFF & (int) data[i + 1]); trip = true; } val <<= 8; if ((i + 2) < data.length) { val |= (0xFF & (int) data[i + 2]); quad = true; } out[index + 3] = alphabet[(quad ? (val & 0x3F) : 64)]; val >>= 6; out[index + 2] = alphabet[(trip ? (val & 0x3F) : 64)]; val >>= 6; out[index + 1] = alphabet[val & 0x3F]; val >>= 6; out[index + 0] = alphabet[val & 0x3F]; } return new String(out); } /** * 将base64编码的数据解码成原始数据 */ static public byte[] decode(char[] data) { int len = ((data.length + 3) / 4) * 3; if (data.length > 0 && data[data.length - 1] == '=') --len; if (data.length > 1 && data[data.length - 2] == '=') --len; byte[] out = new byte[len]; int shift = 0; int accum = 0; int index = 0; for (int ix = 0; ix < data.length; ix++) { int value = codes[data[ix] & 0xFF]; if (value >= 0) { accum <<= 6; shift += 6; accum |= value; if (shift >= 8) { shift -= 8; out[index++] = (byte) ((accum >> shift) & 0xff); } } } if (index != out.length) throw new Error("miscalculated data length!"); return out; } } }
此代码在windows下运行正常,对加密后的密文可以正常解密。运行结果如下:
xl1nEww4mm09EvMy3tETBNg8HSfTFeBoilhNT7uBKBg=
cy11Xlbrmzyh:604:301:1353064296
但是放到linux上运行,则报错,错误信息如下图:
通过图片可以看到,对相同的明文(cy11Xlbrmzyh:604:301:1353064296)进行加密,在linux上加密后的结果和在windows上是不同的;而且在linux上不能对加密之后的密文进行解密,并抛出异常。
原因:
经过检查之后,定位在生成KEY的方法上,即如下红色代码:
/** * 获得秘密密钥 * * @param secretKey * @return * @throws NoSuchAlgorithmException */ private SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException{ <span style="color:#ff0000;">SecureRandom secureRandom = new SecureRandom(secretKey.getBytes()); //主要是此处代码 </span> // 为我们选择的DES算法生成一个KeyGenerator对象 KeyGenerator kg = null; try { kg = KeyGenerator.getInstance(DES_ALGORITHM); } catch (NoSuchAlgorithmException e) { } kg.init(secureRandom); //kg.init(56, secureRandom); // 生成密钥 return kg.generateKey(); }
SecureRandom 实现完全随操作系统本身的內部状态,除非调用方在调用 getInstance 方法,然后调用 setSeed 方法;该实现在 windows 上每次生成的 key 都相同,但是在 solaris 或部分 linux 系统上则不同。关于SecureRandom类的详细介绍,见 http://yangzb.iteye.com/blog/325264
解决办法
方法1:把原来的generateKey方法中红色如下的红色部分:
/** * 获得秘密密钥 * * @param secretKey * @return * @throws NoSuchAlgorithmException */ private SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException{ <span style="color:#ff0000;"><span><code class="comments">//防止linux下 随机生成key</code></span> SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG"); secureRandom.setSeed(secretKey.getBytes()); </span> // 为我们选择的DES算法生成一个KeyGenerator对象 KeyGenerator kg = null; try { kg = KeyGenerator.getInstance(DES_ALGORITHM); } catch (NoSuchAlgorithmException e) { } kg.init(secureRandom); //kg.init(56, secureRandom); // 生成密钥 return kg.generateKey(); }
方法2:不使用SecureRandom生成SecretKey,而是使用SecretKeyFactory;重新实现方法generateKey,代码如下
/** * 获得密钥 * * @param secretKey * @return * @throws NoSuchAlgorithmException * @throws InvalidKeyException * @throws InvalidKeySpecException */ private SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException,InvalidKeyException,InvalidKeySpecException{ SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(DES_ALGORITHM); DESKeySpec keySpec = new DESKeySpec(secretKey.getBytes()); keyFactory.generateSecret(keySpec); return keyFactory.generateSecret(keySpec); }
本人遇到的情况第一种方法好使,第二种不好使!
原文:http://my.oschina.net/zhk/blog/115378