DES、3DES、AES、PBE对称加密算法实现及应用

2019 年 10 月 3 日
笔记

1.????????

???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

????????????????????????????????????????????????????????????

????????????????????????????????

???????????????????????????

???????????????????DES?IDEA????DES??????????????????????AES?????????DES?

2.??????-DES

DES??????????????????????????????1972???IBM????????????????

???64?????????64????????56???DES????8?16?24?32?40?48?56?64?????? ???????????1?????????56?????????????????????????

????	??	????	????	???
56	56	ECB?CBC?PCBC?CTR?CTS?CFB?CFB8?128?OFB?OFB8?128	NoPadding?PKCS5Padding?ISO10126Padding	JDK
64	56	??	PKCS7Padding?ISO10126d2Padding?X932Padding?ISO7816d4Padding?ZeroBytePadding	BC

??Bouncy Castle???

<dependency>     <groupId>org.bouncycastle</groupId>     <artifactId>bcprov-jdk15</artifactId>     <version>1.46</version>  </dependency>

??Commons Codec???

<dependency>     <groupId>commons-codec</groupId>     <artifactId>commons-codec</artifactId>     <version>1.10</version>  </dependency>

Java?????

import java.security.Key;  import java.security.Security;  import javax.crypto.Cipher;  import javax.crypto.KeyGenerator;  import javax.crypto.SecretKey;  import javax.crypto.SecretKeyFactory;  import javax.crypto.spec.DESKeySpec;  import org.apache.commons.codec.binary.Hex;  import org.bouncycastle.jce.provider.BouncyCastleProvider;    public class DES {      public static final String src = "des test";      public static void main(String[] args) {      jdkDES();      bcDES();    }      // ?jdk??:    public static void jdkDES() {      try {        // ??KEY        KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");        keyGenerator.init(56);        // ????        SecretKey secretKey = keyGenerator.generateKey();        // ????        byte[] bytesKey = secretKey.getEncoded();          // KEY??        DESKeySpec desKeySpec = new DESKeySpec(bytesKey);        SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");        Key convertSecretKey = factory.generateSecret(desKeySpec);          // ??        Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");        cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);        byte[] result = cipher.doFinal(src.getBytes());        System.out.println("jdk des encrypt:" + Hex.encodeHexString(result));          // ??        cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);        result = cipher.doFinal(result);        System.out.println("jdk des decrypt:" + new String(result));      } catch (Exception e) {        e.printStackTrace();      }    }      // ?bouncy castle??:    public static void bcDES() {      try {        Security.addProvider(new BouncyCastleProvider());          // ??KEY        KeyGenerator keyGenerator = KeyGenerator.getInstance("DES", "BC");        keyGenerator.getProvider();        keyGenerator.init(56);        // ????        SecretKey secretKey = keyGenerator.generateKey();        // ????        byte[] bytesKey = secretKey.getEncoded();          // KEY??        DESKeySpec desKeySpec = new DESKeySpec(bytesKey);        SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");        Key convertSecretKey = factory.generateSecret(desKeySpec);          // ??        Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");        cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);        byte[] result = cipher.doFinal(src.getBytes());        System.out.println("bc des encrypt:" + Hex.encodeHexString(result));          // ??        cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);        result = cipher.doFinal(result);        System.out.println("bc des decrypt:" + new String(result));      } catch (Exception e) {        e.printStackTrace();      }    }  }

?????

3.??????-3DES

?????????????????Triple Data Encryption Algorithm????TDEA?Triple DEA????3DES?Triple DES????????????????????????????????????DES???????????????????DES?????????????????3DES???????????????????????DES??????????????????????????????

Java?????

import java.security.Key;  import java.security.SecureRandom;  import java.security.Security;  import javax.crypto.Cipher;  import javax.crypto.KeyGenerator;  import javax.crypto.SecretKey;  import javax.crypto.SecretKeyFactory;  import javax.crypto.spec.DESedeKeySpec;  import org.apache.commons.codec.binary.Hex;  import org.bouncycastle.jce.provider.BouncyCastleProvider;    public class DES3 {      public static final String src = "3des test";      public static void main(String[] args) {      jdk3DES();      bc3DES();    }      // ?jdk??:    public static void jdk3DES() {      try {        // ??KEY        KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");        // ??????112?168  //          keyGenerator.init(168);        keyGenerator.init(new SecureRandom());        // ????        SecretKey secretKey = keyGenerator.generateKey();        // ????        byte[] bytesKey = secretKey.getEncoded();          // KEY??        DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey);        SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");        Key convertSecretKey = factory.generateSecret(desKeySpec);          // ??        Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");        cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);        byte[] result = cipher.doFinal(src.getBytes());        System.out.println("jdk 3des encrypt:" + Hex.encodeHexString(result));          // ??        cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);        result = cipher.doFinal(result);        System.out.println("jdk 3des decrypt:" + new String(result));        } catch (Exception e) {        e.printStackTrace();      }    }      // ?bouncy castle??:    public static void bc3DES() {      try {        Security.addProvider(new BouncyCastleProvider());          // ??KEY        KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede", "BC");        keyGenerator.getProvider();        keyGenerator.init(168);        // ????        SecretKey secretKey = keyGenerator.generateKey();        // ????        byte[] bytesKey = secretKey.getEncoded();          // KEY??        DESedeKeySpec desKeySpec = new DESedeKeySpec(bytesKey);        SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");        Key convertSecretKey = factory.generateSecret(desKeySpec);          // ??        Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");        cipher.init(Cipher.ENCRYPT_MODE, convertSecretKey);        byte[] result = cipher.doFinal(src.getBytes());        System.out.println("bc 3des encrypt:" + Hex.encodeHexString(result));          // ??        cipher.init(Cipher.DECRYPT_MODE, convertSecretKey);        result = cipher.doFinal(result);        System.out.println("bc 3des decrypt:" + new String(result));        } catch (Exception e) {        e.printStackTrace();      }    }  }

4.??????-AES

??????????Advanced Encryption Standard????AES?????????Rijndael??????????????????????????????????DES????????????????????????????????????????????????NIST??2001?11?26????FIPS PUB 197???2002?5?26?????????2006????????????????????????????

???????????Joan Daemen?Vincent Rijmen???????????????Rijndael?????????????????Rijndael?????"Rhine doll"?

????	??	????	????	???
128?192?256	128	ECB?CBC?PCBC?CTR?CTS?CFB?CFB8?128?OFB?OFB8?128	NoPadding?PKCS5Padding?ISO10126Padding	JDK?256?????????????????
??	??	??	PKCS7Padding?ZeroBytePadding	BC

Java?????

import java.security.Key;  import java.security.Security;  import javax.crypto.Cipher;  import javax.crypto.KeyGenerator;  import javax.crypto.SecretKey;  import javax.crypto.spec.SecretKeySpec;  import org.apache.commons.codec.binary.Hex;  import org.bouncycastle.jce.provider.BouncyCastleProvider;    public class AES {      public static final String src = "aes test";      public static void main(String[] args) {      jdkAES();      bcAES();    }      // ?jdk??:    public static void jdkAES() {      try {        // ??KEY        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");        keyGenerator.init(128);        // ????        SecretKey secretKey = keyGenerator.generateKey();        // ????        byte[] keyBytes = secretKey.getEncoded();          // KEY??        Key key = new SecretKeySpec(keyBytes, "AES");          // ??        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");        cipher.init(Cipher.ENCRYPT_MODE, key);        byte[] result = cipher.doFinal(src.getBytes());        System.out.println("jdk aes encrypt:" + Hex.encodeHexString(result));          // ??        cipher.init(Cipher.DECRYPT_MODE, key);        result = cipher.doFinal(result);        System.out.println("jdk aes decrypt:" + new String(result));      } catch (Exception e) {        e.printStackTrace();      }    }      // ?bouncy castle??:    public static void bcAES() {      try {        Security.addProvider(new BouncyCastleProvider());          // ??KEY        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "BC");        keyGenerator.getProvider();        keyGenerator.init(128);        // ????        SecretKey secretKey = keyGenerator.generateKey();        // ????        byte[] keyBytes = secretKey.getEncoded();          // KEY??        Key key = new SecretKeySpec(keyBytes, "AES");          // ??        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");        cipher.init(Cipher.ENCRYPT_MODE, key);        byte[] result = cipher.doFinal(src.getBytes());        System.out.println("bc aes encrypt:" + Hex.encodeHexString(result));          // ??        cipher.init(Cipher.DECRYPT_MODE, key);        result = cipher.doFinal(result);        System.out.println("bc aes decrypt:" + new String(result));      } catch (Exception e) {        e.printStackTrace();      }    }  }

5.??????-PBE

PBE???Password Based Encryption?????????????????????????????????????????????????????????????????????

PBE???????????????????????????????????????PBE????KDF?????KDF?????????????????????“?”?salt?????????????????????????????????????????PBE???????????????????????DES?3DES?RC5????????

???????

??	????	??	????	????	??
PBEWithMD5AndDES	64	64	CBC????	PKCS5Padding?PKCS7Padding?ISO10126Padding?ZeroBytePadding?????	BC????
PBEWithMD5AndRC2	112	128
PBEWithSHA1AndDES	64	64
PBEWithSHA1AndRC2	128	128
PBEWithSHAAndIDEA-CBC	128	128
PBEWithSHAAnd2-KeyTripleDES-CBC	128	128
PBEWithSHAAnd3-KeyTripleDES-CBC	192	192
PBEWithSHAAnd128BitRC2-CBC	128	128
PBEWithSHAAnd40BitRC2-CBC	40	40
PBEWithSHAAnd128BitRC4	128	128
PBEWithSHAAnd40BitRC4	40	40
PBEWithSHAAndTwofish-CBC	256	256

Java?????

import java.security.Key;  import java.security.SecureRandom;  import javax.crypto.Cipher;  import javax.crypto.SecretKeyFactory;  import javax.crypto.spec.PBEKeySpec;  import javax.crypto.spec.PBEParameterSpec;  import org.apache.commons.codec.binary.Hex;    public class PBE {      public static final String src = "pbe test";      public static void main(String[] args) {      jdkPBE();    }      // ?jdk??:    public static void jdkPBE() {      try {        // ????        SecureRandom random = new SecureRandom();        byte[] salt = random.generateSeed(8);          // ?????        String password = "timliu";        PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5andDES");        Key key = factory.generateSecret(pbeKeySpec);          // ??        PBEParameterSpec pbeParameterSpac = new PBEParameterSpec(salt, 100);        Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");        cipher.init(Cipher.ENCRYPT_MODE, key, pbeParameterSpac);        byte[] result = cipher.doFinal(src.getBytes());        System.out.println("jdk pbe encrypt:" + Hex.encodeHexString(result));          // ??        cipher.init(Cipher.DECRYPT_MODE, key, pbeParameterSpac);        result = cipher.doFinal(result);        System.out.println("jdk pbe decrypt:" + new String(result));      } catch (Exception e) {        e.printStackTrace();      }    }  }

?????