DES java源代码如下:
- import java.security.InvalidKeyException;
- import java.security.NoSuchAlgorithmException;
- import java.security.SecureRandom;
- import java.security.spec.InvalidKeySpecException;
- import javax.crypto.BadPaddingException;
- import javax.crypto.Cipher;
- import javax.crypto.IllegalBlockSizeException;
- import javax.crypto.KeyGenerator;
- import javax.crypto.NoSuchPaddingException;
- import javax.crypto.SecretKey;
- import javax.crypto.SecretKeyFactory;
- import javax.crypto.spec.DESKeySpec;
- public class DESEncryptTest {
- private static final String DES_ALGORITHM = "DES";
- /**
- * DES加密
- * @param plainData
- * @param secretKey
- * @return
- * @throws Exception
- */
- public String encryption(String plainData, String secretKey) throws Exception{
- Cipher cipher = null;
- try {
- cipher = Cipher.getInstance(DES_ALGORITHM);
- cipher.init(Cipher.ENCRYPT_MODE, generateKey(secretKey));
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- } catch (NoSuchPaddingException e) {
- e.printStackTrace();
- }catch(InvalidKeyException e){
- }
- try {
- // 为了防止解密时报javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher异常,
- // 不能把加密后的字节数组直接转换成字符串
- byte[] buf = cipher.doFinal(plainData.getBytes());
- return Base64Utils.encode(buf);
- } catch (IllegalBlockSizeException e) {
- e.printStackTrace();
- throw new Exception("IllegalBlockSizeException", e);
- } catch (BadPaddingException e) {
- e.printStackTrace();
- throw new Exception("BadPaddingException", e);
- }
- }
- /**
- * DES解密
- * @param secretData
- * @param secretKey
- * @return
- * @throws Exception
- */
- public String decryption(String secretData, String secretKey) throws Exception{
- Cipher cipher = null;
- try {
- cipher = Cipher.getInstance(DES_ALGORITHM);
- cipher.init(Cipher.DECRYPT_MODE, generateKey(secretKey));
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- throw new Exception("NoSuchAlgorithmException", e);
- } catch (NoSuchPaddingException e) {
- e.printStackTrace();
- throw new Exception("NoSuchPaddingException", e);
- }catch(InvalidKeyException e){
- e.printStackTrace();
- throw new Exception("InvalidKeyException", e);
- }
- try {
- byte[] buf = cipher.doFinal(Base64Utils.decode(secretData.toCharArray()));
- return new String(buf);
- } catch (IllegalBlockSizeException e) {
- e.printStackTrace();
- throw new Exception("IllegalBlockSizeException", e);
- } catch (BadPaddingException e) {
- e.printStackTrace();
- throw new Exception("BadPaddingException", e);
- }
- }
- /**
- * 获得秘密密钥
- *
- * @param secretKey
- * @return
- * @throws NoSuchAlgorithmException
- */
- private SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException{
- SecureRandom secureRandom = new SecureRandom(secretKey.getBytes());
- // 为我们选择的DES算法生成一个KeyGenerator对象
- KeyGenerator kg = null;
- try {
- kg = KeyGenerator.getInstance(DES_ALGORITHM);
- } catch (NoSuchAlgorithmException e) {
- }
- kg.init(secureRandom);
- //kg.init(56, secureRandom);
- // 生成密钥
- return kg.generateKey();
- }
- public static void main(String[] a) throws Exception{
- String input = "cy11Xlbrmzyh:604:301:1353064296";
- String key = "37d5aed075525d4fa0fe635231cba447";
- DESEncryptTest des = new DESEncryptTest();
- String result = des.encryption(input, key);
- System.out.println(result);
- System.out.println(des.decryption(result, key));
- }
- static class Base64Utils {
- static private char[] alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=".toCharArray();
- static private byte[] codes = new byte[256];
- static {
- for (int i = 0; i < 256; i++)
- codes[i] = -1;
- for (int i = 'A'; i <= 'Z'; i++)
- codes[i] = (byte) (i - 'A');
- for (int i = 'a'; i <= 'z'; i++)
- codes[i] = (byte) (26 + i - 'a');
- for (int i = '0'; i <= '9'; i++)
- codes[i] = (byte) (52 + i - '0');
- codes['+'] = 62;
- codes['/'] = 63;
- }
- /**
- * 将原始数据编码为base64编码
- */
- static public String encode(byte[] data) {
- char[] out = new char[((data.length + 2) / 3) * 4];
- for (int i = 0, index = 0; i < data.length; i += 3, index += 4) {
- boolean quad = false;
- boolean trip = false;
- int val = (0xFF & (int) data[i]);
- val <<= 8;
- if ((i + 1) < data.length) {
- val |= (0xFF & (int) data[i + 1]);
- trip = true;
- }
- val <<= 8;
- if ((i + 2) < data.length) {
- val |= (0xFF & (int) data[i + 2]);
- quad = true;
- }
- out[index + 3] = alphabet[(quad ? (val & 0x3F) : 64)];
- val >>= 6;
- out[index + 2] = alphabet[(trip ? (val & 0x3F) : 64)];
- val >>= 6;
- out[index + 1] = alphabet[val & 0x3F];
- val >>= 6;
- out[index + 0] = alphabet[val & 0x3F];
- }
- return new String(out);
- }
- /**
- * 将base64编码的数据解码成原始数据
- */
- static public byte[] decode(char[] data) {
- int len = ((data.length + 3) / 4) * 3;
- if (data.length > 0 && data[data.length - 1] == '=')
- --len;
- if (data.length > 1 && data[data.length - 2] == '=')
- --len;
- byte[] out = new byte[len];
- int shift = 0;
- int accum = 0;
- int index = 0;
- for (int ix = 0; ix < data.length; ix++) {
- int value = codes[data[ix] & 0xFF];
- if (value >= 0) {
- accum <<= 6;
- shift += 6;
- accum |= value;
- if (shift >= 8) {
- shift -= 8;
- out[index++] = (byte) ((accum >> shift) & 0xff);
- }
- }
- }
- if (index != out.length)
- throw new Error("miscalculated data length!");
- return out;
- }
- }
- }
此代码在windows下运行正常,对加密后的密文可以正常解密。运行结果如下:
xl1nEww4mm09EvMy3tETBNg8HSfTFeBoilhNT7uBKBg=
cy11Xlbrmzyh:604:301:1353064296
但是放到linux上运行,则报错,错误信息如下图:
通过图片可以看到,对相同的明文(cy11Xlbrmzyh:604:301:1353064296)进行加密,在linux上加密后的结果和在windows上是不同的;而且在linux上不能对加密之后的密文进行解密,并抛出异常。
原因:
经过检查之后,定位在生成KEY的方法上,即如下红色代码:
- /**
- * 获得秘密密钥
- *
- * @param secretKey
- * @return
- * @throws NoSuchAlgorithmException
- */
- private SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException{
- <span style="color:#ff0000;">SecureRandom secureRandom = new SecureRandom(secretKey.getBytes()); //主要是此处代码
- </span>
- // 为我们选择的DES算法生成一个KeyGenerator对象
- KeyGenerator kg = null;
- try {
- kg = KeyGenerator.getInstance(DES_ALGORITHM);
- } catch (NoSuchAlgorithmException e) {
- }
- kg.init(secureRandom);
- //kg.init(56, secureRandom);
- // 生成密钥
- return kg.generateKey();
- }
SecureRandom 实现完全随操作系统本身的內部状态,除非调用方在调用 getInstance 方法,然后调用 setSeed 方法;该实现在 windows 上每次生成的 key 都相同,但是在 solaris 或部分 linux 系统上则不同。关于SecureRandom类的详细介绍,见 http://yangzb.iteye.com/blog/325264
解决办法
方法1:把原来的generateKey方法中红色如下的红色部分:
- /**
- * 获得秘密密钥
- *
- * @param secretKey
- * @return
- * @throws NoSuchAlgorithmException
- */
- private SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException{
- <span style="color:#ff0000;"><span><code class="comments">//防止linux下 随机生成key</code></span>
- SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
- secureRandom.setSeed(secretKey.getBytes());
- /span>
- // 为我们选择的DES算法生成一个KeyGenerator对象
- KeyGenerator kg = null;
- try {
- kg = KeyGenerator.getInstance(DES_ALGORITHM);
- } catch (NoSuchAlgorithmException e) {
- }
- kg.init(secureRandom);
- //kg.init(56, secureRandom);
- // 生成密钥
- return kg.generateKey();
- }
方法2:不使用SecureRandom生成SecretKey,而是使用SecretKeyFactory;重新实现方法generateKey,代码如下
- /**
- * 获得密钥
- *
- * @param secretKey
- * @return
- * @throws NoSuchAlgorithmException
- * @throws InvalidKeyException
- * @throws InvalidKeySpecException
- */
- private SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException,InvalidKeyException,InvalidKeySpecException{
- SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(DES_ALGORITHM);
- DESKeySpec keySpec = new DESKeySpec(secretKey.getBytes());
- keyFactory.generateSecret(keySpec);
- return keyFactory.generateSecret(keySpec);
- }