对称加密的基本原理 —— 从DESede/CBC/PKCS5Padding说起

DESede/CBC/PKCS5Padding加密算法包含三个部分,对称加密方式为DESede,分组加密模式为CBC,填充算法是PKCS5Padding。本文从对称加密的基本原理来了解这个算法。

基本原理

混淆与扩散

混淆(confusion)与扩散(diffusion)是设计密码学算法的两种主要方法。最早出现在克劳德·香农1945年的论文《密码学的数学理论》当中。

  • 混淆(confusion)

混淆主要是用来使 密文 和对称式加密方法中 密钥 的关系变得尽可能的复杂;此属性使得很难从密文中找到密钥,并且如果更改了密钥中的单个位,将影响密文中大多数或所有位的值的计算。做到这一点最容易的方法是"代替",如DES中的S-替换。

  • 扩散(diffusion)

扩散的思想是隐藏密文和明文之间的关系,明文每一位影响密文多的位,明文中任何一点小更动都会使得密文有很大的差异,让明文和密文之间的尽量没有统计关系,从而使明文的统计特征在密文中消失,相当于明文的统计结构被扩散。产生扩散最简单的方法是"换位(置换)",如DES中的通过16轮的P-置换实现扩散

混淆与扩散的实现

通常通过可重复的一系列替换(Substitution)和置换(Permutation)来实现混淆和扩散。替换是指按照某些规则用其他组件替换某些组件(通常是位)。置换是指根据某种算法对位的顺序进行操作。

加密算法

DES(Data Encryption Standard)

DES最初出现在1970年代早期,美国政府用DES加密政府内非机密敏感信息。DES现在已经不是一种安全的加密方法,为了提供实用所需的安全性,可以使用DES的派生算法3DES来进行加密,虽然3DES也存在理论上的攻击方法,DES标准和3DES标准已逐渐被高级加密标准(AES)所取代。

特点:

  • 明文和密文为64位分组长度
  • 加密和解密除秘钥编排不同外,使用同一算法
  • 密钥长度:56位。但看起来64位,每个第8位为奇偶校验
  • 采用替代和置换的组合,共16轮
  • 只是用算术和逻辑运算,易于实现

子密钥的生成

子秘钥的生成

加密过程:

加密过程

Ln 和 Rn 公式

Ln = Rn-1  
Rn= Ln XOR F(Rn-1, Kn-1)  
  • 初始置换IP

初始置换和逆初始置换并没有增加DES的安全性

  • 第一轮加密 <一 key1


  • 第十六轮加密 <一key16

  • 逆初始置换IP-1

迭代过程F:

  • 密钥置换
    密钥:置换选择1 一> 循环左移 一> 置换选择2

  • 扩展置换
    数据:从32位扩展到48位

  • S-盒代替
    压缩替代S,扩展后48位数据和密钥进行异或运算,进行S盒代替,输出32位数据。S-盒是DES的核心,是该算法中唯一非线性元素,实现了局部混淆。

  • P-盒置换
    使S-盒输出对下一轮多个S盒产生影响,引起雪崩效应。

3DES(DESede)

3DES包含3个DES密钥,K1,K2和K3,均为56位(除去奇偶校验位)。

加密算法为:

密文 = EK3(DK2(EK1(明文)))

解密则为其反过程:

明文 = DK1(EK2(DK3(密文)))

即以K3解密,以K2加密,最后以K1解密。每次加密操作都只处理64位数据,称为一块。

分组加密模式

分组加密(Block cipher),又称分块加密或块密码,是一种对称密钥算法。它将明文分成多个等长的模块(block),使用确定的算法和对称密钥对每组分别加密解密。典型的如AES和3DES作为美国政府核定的标准加密算法,应用领域从电子邮件加密到银行交易转帐,非常广泛。

现代分组加密创建在迭代的思想上产生密文。其思想由克劳德·香农在他1949年的重要论文《保密系统的通信理论》中提出,作为一种通过简单操作如替代和排列等以有效改善保密性的方法。

迭代产生的密文在每一轮加密中使用不同的子密钥,而子密钥生成自原始密钥。

CBC

  • CBC加密模式
    CBC加密模式

  • CBC解密模式
    CBC解密模式

  • CBC加密过程

CBC模式加密过程

  • CBC解密过程

解密过程

CBC是最为常用的工作模式。它的主要缺点在于加密过程是串行的,无法被并行化,而且消息必须被填充到块大小的整数倍。

填充算法

分组加密算法中,最后一个块的长度是不固定的,未必刚好等于块的大小,所以要标识最后一块的大小,以及填充了多少字符。

  • ZeroPadding

数据长度不对齐时使用0填充,否则不填充。使用0填充有个缺点,当元数据尾部也存在0时,在unpadding时可能会存在问题。

  • PKCS5Padding

假设每个区块大小为blockSize

a. 已对齐,填充一个长度为blockSize且每个字节均为blockSize的数据。

b. 未对齐,需要补充的字节个数为n,则填充一个长度为n且每个字节均为n的数据。

  • PKCS7Padding

和pkcs5不同的是,要求块的大小为8.

由于使用PKCS7Padding/PKCS5Padding填充时,最后一个字节肯定为填充数据的长度,所以在解密后可以准确删除填充的数据,而使用ZeroPadding填充时,没办法区分真实数据与填充数据,所以只适合以\0结尾的字符串加解密。

go实现DESede/CBC/PKCS5Padding

package main

import (
	"bytes"
	"crypto/cipher"
	"crypto/des"
	"encoding/base64"
	"errors"
	"fmt"
)

var (
	PKCS5 = &pkcs5{}
)

type pkcs5 struct{}

func (p *pkcs5) Padding(src []byte, blockSize int) []byte {
	srcLen := len(src)
	padLen := blockSize - (srcLen % blockSize)
	padText := bytes.Repeat([]byte{byte(padLen)}, padLen)
	return append(src, padText...)
}

func (p *pkcs5) Unpadding(src []byte, blockSize int) ([]byte, error) {
	srcLen := len(src)
	paddingLen := int(src[srcLen-1])
	if paddingLen >= srcLen || paddingLen > blockSize {
		return nil, errors.New("padding size error")
	}
	return src[:srcLen-paddingLen], nil
}

func Encrypt(encryptor cipher.BlockMode, msg []byte) (cipherText []byte, err error) {
	if msg != nil {
		msg = PKCS5.Padding(msg, encryptor.BlockSize())
		if len(msg) < encryptor.BlockSize() || len(msg)%encryptor.BlockSize() != 0 {
			return nil, errors.New("msg length error")
		}
		cipherText = msg
		encryptor.CryptBlocks(cipherText, msg)
	}
	return
}

func Decrypt(decryptor cipher.BlockMode, cipherText []byte) (msg []byte, err error) {
	if decryptor != nil {
		if len(cipherText) < decryptor.BlockSize() || len(cipherText)%decryptor.BlockSize() != 0 {
			return nil, errors.New("cipherText length error")
		}
		msg = cipherText
		decryptor.CryptBlocks(msg, cipherText)
		msg, err = PKCS5.Unpadding(msg, decryptor.BlockSize())
	}
	return
}

func DESedeCBCPKCS5Decrypt(cipherText string, secret string) (string, error) {
	if len(secret) != 24 {
		return "", errors.New("secret length != 24 ")
	}

	var block cipher.Block
	var err error
	var dbm cipher.BlockMode

	key := []byte(secret)

	if block, err = des.NewTripleDESCipher(key); err != nil {
		return "", err
	}

	//CBC分组加密模式的初始化向量组,这里取key的前8位
	iv := key[0:8]
	dbm = cipher.NewCBCDecrypter(block, iv)

	base64Decoded, err := base64.StdEncoding.DecodeString(cipherText)
	if err != nil {
		return "", err
	}

	decryptedData, err := Decrypt(dbm, base64Decoded)
	if err != nil {
		return "", err
	}

	return string(decryptedData), nil
}

func DESedeCBCPKCS5Encrypt(msg string, secret string) (string, error) {
	if len(secret) != 24 {
		return "", errors.New("secret length != 24 ")
	}

	var block cipher.Block
	var encryptedData []byte
	var err error
	var ebm cipher.BlockMode

	key := []byte(secret)
	if block, err = des.NewTripleDESCipher(key); err != nil {
		return "", err
	}

	iv := key[0:8]
	ebm = cipher.NewCBCEncrypter(block, iv)

	if encryptedData, err = Encrypt(ebm, []byte(msg)); err != nil {
		return "", err
	}

	return base64.StdEncoding.EncodeToString(encryptedData), nil
}

func main() {
	secret := "123456781234567812345678"
	cipherText := `N8J1r5Eh4VbqiuCt+XtTzw==`
	rawMsg := "helloworld"

	decryText, err := DESedeCBCPKCS5Decrypt(cipherText, secret[0:24])
	fmt.Println(decryText, err)

	encryptText, err := DESedeCBCPKCS5Encrypt(rawMsg, secret[0:24])
	fmt.Println(encryptText, err)
}


参考

最近做一个接口,与JAVA的关于DES/CBC/PKCS5Padding 互相解密。在网上找了很多资料,摸索了3天才摸索出来。同样的明文,用JAVA加密的密文死活都跟用DELPHI加密的不相等,有时候少于8个字符的就正常,多了8个字符的就有问题,原来是有个7把7改成8就可以了。害人啊,, function EncryDes(const str:string;const keystr:string;const ivstr:string):string ; var key:tkey64; Context:TDESContext; Block,iv:TDESBlock; i,j,len,posnum:smallint; poschar,xx:char; xuhuan:integer; begin for i:=0 to 7 do begin if i > (length(keystr)-1) then key[i] :=0 else key[i] := byte(keystr[i+1]); end; for i:=0 to 7 do begin if i > (length(ivstr)-1) then iv[i]:=0 else iv[i] := byte(ivstr[i+1]); end; InitEncryptDES(Key, Context, true); len := length(AnsiString(str)); xx:= char( 8- (len mod 8)); if len<=8 then xuhuan:=0 else xuhuan:=round(len/8); for i:=0 to xuhuan do begin for j:=0 to 7 do begin if ((i*8+j+1)<=len) then //关键这一步,网上好多参考资料都是((i*7+j+1)<=len),而不是((i*8+j+1)<=len) 害人啊,害得我摸索了3天,,哎 begin poschar:=str[i*8+j+1]; block[j]:=byte(poschar); end else block[j]:=byte(xx); end; EncryptDESCBC(Context, IV, Block); for j:= 0 to 7 do begin posnum:=block[j]; result := result + inttohex(posnum,2); end; iv:=block; end; end; //完整代码如下 unit dmdes; {*********************************************************} {* DELPHI、PHP、C#通用DES编码解码单元 *} {* 由TurboPower LockBox部分代码改写 *} {* 滕州市东鸣软件工作室制作 ZWF 2011-12-27 *} {*********************************************************} {EncryDes为编码函数,DecryDes为解码函数,keystr为密码,ivstr为偏移量, 一般设置keystr,ivstr相同,内容为八位字节长度的字符串,编码结果为十六进制字串} interface uses Windows,SysUtils; type PKey64 = ^TKey64; TKey64 = array [0..7] of Byte; type TDESBlock = array[0..7] of Byte; TDESContext = packed record TransformedKey : array [0..31] of LongInt; Encrypt : Boolean; end; function EncryDes(const str:string;const keystr:string;const ivstr:string):string ; function DecryDes(const str:string;const keystr:string;const ivstr:string):string ; function DecryDessec(const str:string;const keystr:string;const ivstr:string):string ; implementation procedure XorMemPrim(var Mem1; const Mem2; Count : Cardinal); register; asm push esi push edi mov esi, eax //esi = Mem1 mov edi, edx //edi = Mem2 push ecx //save byte count shr ecx, 2 //convert to dwords jz @Continue cld @Loop1: //xor dwords at a time mov eax, [edi] xor [esi], eax add esi, 4 add edi, 4 dec ecx jnz @Loop1 @Continue: //handle remaining bytes (3 or less) pop ecx and ecx, 3 jz @Done @Loop2: //xor remaining bytes mov al, [edi] xor [esi], al inc esi inc edi dec ecx jnz @Loop2 @Done: pop edi pop esi end; { -------------------------------------------------------------------------- } procedure XorMem(var Mem1; const Mem2; Count : Cardinal); begin XorMemPrim(Mem1, Mem2, Count); end; { -------------------------------------------------------------------------- } procedure EncryptDES(const Context : TDESContext; var Block : TDESBlock); const SPBox : array [0..7, 0..63] of DWord = (($01010400, $00000000, $00010000, $01010404, $01010004, $00010404, $00000004, $00010000, $00000400, $01010400, $01010404, $00000400, $01000404, $01010004, $01000000, $00000004, $00000404, $01000400, $01000400, $00010400, $00010400, $01010000, $01010000, $01000404, $00010004, $01000004, $01000004, $00010004, $00000000, $00000404, $00010404, $01000000, $00010000, $01010404, $00000004, $01010000, $01010400, $01000000, $01000000, $00000400, $01010004, $00010000, $00010400, $01000004, $00000400, $00000004, $01000404, $00010404, $01010404, $00010004, $01010000, $01000404, $01000004, $00000404, $00010404, $01010400, $00000404, $01000400, $01000400, $00000000, $00010004, $00010400, $00000000, $01010004), ($80108020, $80008000, $00008000, $00108020, $00100000, $00000020, $80100020, $80008020, $80000020, $80108020, $80108000, $80000000, $80008000, $00100000, $00000020, $80100020, $00108000, $00100020, $80008020, $00000000, $80000000, $00008000, $00108020, $80100000, $00100020, $80000020, $00000000, $00108000, $00008020, $80108000, $80100000, $00008020, $00000000, $00108020, $80100020, $00100000, $80008020, $80100000, $80108000, $00008000, $80100000, $80008000, $00000020, $80108020, $00108020, $00000020, $00008000, $80000000, $00008020, $80108000, $00100000, $80000020, $00100020, $80008020, $80000020, $00100020, $00108000, $00000000, $80008000, $00008020, $80000000, $80100020, $80108020, $00108000), ($00000208, $08020200, $00000000, $08020008, $08000200, $00000000, $00020208, $08000200, $00020008, $08000008, $08000008, $00020000, $08020208, $00020008, $08020000, $00000208, $08000000, $00000008, $08020200, $00000200, $00020200, $08020000, $08020008, $00020208, $08000208, $00020200, $00020000, $08000208, $00000008, $08020208, $00000200, $08000000, $08020200, $08000000, $00020008, $00000208, $00020000, $08020200, $08000200, $00000000, $00000200, $00020008, $08020208, $08000200, $08000008, $00000200, $00000000, $08020008, $08000208, $00020000, $08000000, $08020208, $00000008, $00020208, $00020200, $08000008, $08020000, $08000208, $00000208, $08020000, $00020208, $00000008, $08020008, $00020200), ($00802001, $00002081, $00002081, $00000080, $00802080, $00800081, $00800001, $00002001, $00000000, $00802000, $00802000, $00802081, $00000081, $00000000, $00800080, $00800001, $00000001, $00002000, $00800000, $00802001, $00000080, $00800000, $00002001, $00002080, $00800081, $00000001, $00002080, $00800080, $00002000, $00802080, $00802081, $00000081, $00800080, $00800001, $00802000, $00802081, $00000081, $00000000, $00000000, $00802000, $00002080, $00800080, $00800081, $00000001, $00802001, $00002081, $00002081, $00000080, $00802081, $00000081, $00000001, $00002000, $00800001, $00002001, $00802080, $00800081, $00002001, $00002080, $00800000, $00802001, $00000080, $00800000, $00002000, $00802080), ($00000100, $02080100, $02080000, $42000100, $00080000, $00000100, $40000000, $02080000, $40080100, $00080000, $02000100, $40080100, $42000100, $42080000, $00080100, $40000000, $02000000, $40080000, $40080000, $00000000, $40000100, $42080100, $42080100, $02000100, $42080000, $40000100, $00000000, $42000000, $02080100, $02000000, $42000000, $00080100, $00080000, $42000100, $00000100, $02000000, $40000000, $02080000, $42000100, $40080100, $02000100, $40000000, $42080000, $02080100, $40080100, $00000100, $02000000, $42080000, $42080100, $00080100, $42000000, $42080100, $02080000, $00000000, $40080000, $42000000, $00080100, $02000100, $40000100, $00080000, $00000000, $40080000, $02080100, $40000100), ($20000010, $20400000, $00004000, $20404010, $20400000, $00000010, $20404010, $00400000, $20004000, $00404010, $00400000, $20000010, $00400010, $20004000, $20000000, $00004010, $00000000, $00400010, $20004010, $00004000, $00404000, $20004010, $00000010, $20400010, $20400010, $00000000, $00404010, $20404000, $00004010, $00404000, $20404000, $20000000, $20004000, $00000010, $20400010, $00404000, $20404010, $00400000, $00004010, $20000010, $00400000, $20004000, $20000000, $00004010, $20000010, $20404010, $00404000, $20400000, $00404010, $20404000, $00000000, $20400010, $00000010, $00004000, $20400000, $00404010, $00004000, $00400010, $20004010, $00000000, $20404000, $20000000, $00400010, $20004010), ($00200000, $04200002, $04000802, $00000000, $00000800, $04000802, $00200802, $04200800, $04200802, $00200000, $00000000, $04000002, $00000002, $04000000, $04200002, $00000802, $04000800, $00200802, $00200002, $04000800, $04000002, $04200000, $04200800, $00200002, $04200000, $00000800, $00000802, $04200802, $00200800, $00000002, $04000000, $00200800, $04000000, $00200800, $00200000, $04000802, $04000802, $04200002, $04200002, $00000002, $00200002, $04000000, $04000800, $00200000, $04200800, $00000802, $00200802, $04200800, $00000802, $04000002, $04200802, $04200000, $00200800, $00000000, $00000002, $04200802, $00000000, $00200802, $04200000, $00000800, $04000002, $04000800, $00000800, $00200002), ($10001040, $00001000, $00040000, $10041040, $10000000, $10001040, $00000040, $10000000, $00040040, $10040000, $10041040, $00041000, $10041000, $00041040, $00001000, $00000040, $10040000, $10000040, $10001000, $00001040, $00041000, $00040040, $10040040, $10041000, $00001040, $00000000, $00000000, $10040040, $10000040, $10001000, $00041040, $00040000, $00041040, $00040000, $10041000, $00001000, $00000040, $10040040, $00001000, $00041040, $10001000, $00000040, $10000040, $10040000, $10040040, $10000000, $00040000, $10001040, $00000000, $10041040, $00040040, $10000040, $10040000, $10001000, $10001040, $00000000, $10041040, $00041000, $00041000, $00001040, $00001040, $00040040, $10000000, $10041000)); var I, L, R, Work : DWord; CPtr : PDWord; procedure SplitBlock(const Block : TDESBlock; var L, R : DWord); register; asm push ebx push eax mov eax, [eax] mov bh, al mov bl, ah rol ebx, 16 shr eax, 16 mov bh, al mov bl, ah mov [edx], ebx pop eax mov eax, [eax+4] mov bh, al mov bl, ah rol ebx, 16 shr eax, 16 mov bh, al mov bl, ah mov [ecx], ebx pop ebx end; procedure JoinBlock(const L, R : LongInt; var Block : TDESBlock); register; asm push ebx mov bh, al mov bl, ah rol ebx, 16 shr eax, 16 mov bh, al mov bl, ah mov [ecx+4], ebx mov bh, dl mov bl, dh rol ebx, 16 shr edx, 16 mov bh, dl mov bl, dh mov [ecx], ebx pop ebx end; procedure IPerm(var L, R : DWord); var Work : DWord; begin Work := ((L shr 4) xor R) and $0F0F0F0F; R := R xor Work; L := L xor Work shl 4; Work := ((L shr 16) xor R) and $0000FFFF; R := R xor Work; L := L xor Work shl 16; Work := ((R shr 2) xor L) and $33333333; L := L xor Work; R := R xor Work shl 2; Work := ((R shr 8) xor L) and $00FF00FF; L := L xor Work; R := R xor Work shl 8; R := (R shl 1) or (R shr 31); Work := (L xor R) and $AAAAAAAA; L := L xor Work; R := R xor Work; L := (L shl 1) or (L shr 31); end; procedure FPerm(var L, R : DWord); var Work : DWord; begin L := L; R := (R shl 31) or (R shr 1); Work := (L xor R) and $AAAAAAAA; L := L xor Work; R := R xor Work; L := (L shr 1) or (L shl 31); Work := ((L shr 8) xor R) and $00FF00FF; R := R xor Work; L := L xor Work shl 8; Work := ((L shr 2) xor R) and $33333333; R := R xor Work; L := L xor Work shl 2; Work := ((R shr 16) xor L) and $0000FFFF; L := L xor Work; R := R xor Work shl 16; Work := ((R shr 4) xor L) and $0F0F0F0F; L := L xor Work; R := R xor Work shl 4; end; begin SplitBlock(Block, L, R); IPerm(L, R); CPtr := @Context; for I := 0 to 7 do begin Work := (((R shr 4) or (R shl 28)) xor CPtr^); Inc(CPtr); L := L xor SPBox[6, Work and $3F]; L := L xor SPBox[4, Work shr 8 and $3F]; L := L xor SPBox[2, Work shr 16 and $3F]; L := L xor SPBox[0, Work shr 24 and $3F]; Work := (R xor CPtr^); Inc(CPtr); L := L xor SPBox[7, Work and $3F]; L := L xor SPBox[5, Work shr 8 and $3F]; L := L xor SPBox[3, Work shr 16 and $3F]; L := L xor SPBox[1, Work shr 24 and $3F]; Work := (((L shr 4) or (L shl 28)) xor CPtr^); Inc(CPtr); R := R xor SPBox[6, Work and $3F]; R := R xor SPBox[4, Work shr 8 and $3F]; R := R xor SPBox[2, Work shr 16 and $3F]; R := R xor SPBox[0, Work shr 24 and $3F]; Work := (L xor CPtr^); Inc(CPtr); R := R xor SPBox[7, Work and $3F]; R := R xor SPBox[5, Work shr 8 and $3F]; R := R xor SPBox[3, Work shr 16 and $3F]; R := R xor SPBox[1, Work shr 24 and $3F]; end; FPerm(L, R); JoinBlock(L, R, Block); end; procedure InitEncryptDES(const Key : TKey64; var Context : TDESContext; Encrypt : Boolean); const PC1 : array [0..55] of Byte = (56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3); PC2 : array [0..47] of Byte = (13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20, 9, 22, 18, 11, 3, 25, 7, 15, 6, 26, 19, 12, 1, 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47, 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31); CTotRot : array [0..15] of Byte = (1, 2, 4, 6, 8, 10, 12, 14, 15, 17, 19, 21, 23, 25, 27, 28); CBitMask : array [0..7] of Byte = (128, 64, 32, 16, 8, 4, 2, 1); var PC1M : array [0..55] of Byte; PC1R : array [0..55] of Byte; KS : array [0..7] of Byte; I, J, L, M : LongInt; begin {convert PC1 to bits of key} for J := 0 to 55 do begin L := PC1[J]; M := L mod 8; PC1M[J] := Ord((Key[L div 8] and CBitMask[M]) 0); end; {key chunk for each iteration} for I := 0 to 15 do begin {rotate PC1 the right amount} for J := 0 to 27 do begin L := J + CTotRot[I]; if (L (length(keystr)-1) then key[i] :=0 else key[i] := byte(keystr[i+1]); end; for i:=0 to 7 do begin if i > (length(ivstr)-1) then iv[i]:=0 else iv[i] := byte(ivstr[i+1]); end; InitEncryptDES(Key, Context, true); len := length(AnsiString(str)); xx:= char( 8- (len mod 8)); if len<=8 then xuhuan:=0 else xuhuan:=round(len/8); for i:=0 to xuhuan do begin for j:=0 to 7 do begin if ((i*8+j+1) (length(temp)-1) then key[i] :=0 else key[i] := byte(temp[i+1]); end; temp := ivstr; for i:=0 to 7 do begin if i > (length(temp)-1) then iv[i] := 0 else iv[i] := byte(temp[i+1]); end; InitEncryptDES(Key, Context, False); temp := str; posnum := 0; for i:=0 to length(temp)-1 do begin Block[posnum] := byte(temp[i+1]); posnum := posnum+1; if posnum = 8 then begin bak := block; EncryptDESCBC(Context, IV, Block); for j:= 0 to 7 do begin // temp := temp+inttostr(byte(block[i]))+' '; res := res + char(block[j]); end; iv := bak; posnum := 0; end; end; if posnum 0 then begin // end else begin temp:=''; for i:= 1 to length(res) do begin temp := temp+char(res[i]); end; Result:= trim(temp); end; end; function DecryDes(const str:string;const keystr:string;const ivstr:string):string ; var key:tkey64; Context:TDESContext; bak,Block,iv:TDESBlock; i,j,len,posnum:smallint; poschar,xx:char; res,lss:string; begin for i:=0 to 7 do begin if i > (length(keystr)-1) then key[i] :=0 else key[i] := byte(keystr[i+1]); end; for i:=0 to 15 do begin if i > (length(ivstr)-1) then iv[i]:=0 else iv[i] := byte(ivstr[i+1]); end; InitEncryptDES(Key, Context, false); res:=''; for j:= 0 to (length(str) div 2)-1 do begin lss:=copy(str,j*2+1,2); res:=res+ char(StrToInt('$'+lss)) ; end; len := length(AnsiString(res)); for i:=0 to round(len/8)-1 do begin for j:=0 to 7 do begin if ((i*7+j+1)<=len) then begin poschar:=res[i*8+j+1]; block[j]:=byte(poschar); end else begin block[j]:=byte(xx); end; end; bak:=block; EncryptDESCBC(Context, IV, Block); for j:= 0 to 7 do begin result := result + char(block[j]); end; iv:=bak; end; end; end.
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值