DES对称加密,是一种对称加密算法。具体原理等随便百度一下就有一大堆。
在实际应用当中,经常会遇到这样的场景:用户管理中用户的登录密码以密文的形式保存在数据库中,用户在前端登录时,系统在前端将用户填写的密码进行DES加密,将密文传递到后台再与数据库中保存的密码进行对比,如果一致则允许登录,如果不一致则不允许登录。在这个场景中,不可避免的会运用到使用js方式和java代码方式对密码进行DES加密和解密的应用。
废话不多说,这里我们前端密码的DES加密使用CryptoJS框架。
CryptoJS 为 JavaScript 提供了各种各样的加密算法。目前已支持的算法包括: DES MD5 SHA-1 SHA-256 AES Rabbit MARC4 HMAC HMAC-MD5 HMAC-SHA等。
如果要使用CryptoJS中的DES加密解密功能,需要在页面中引入两个js文件。
<script type="text/javascript" src="<%=basePath%>/cryptoJS/rollups/tripledes.js" charset="UTF-8"></script>
<script type="text/javascript" src="<%=basePath%>/cryptoJS/components/mode-ecb.js" charset="UTF-8"></script>
前端页面如下(KEY使用“rUqSznmiv78=”):
<%@ page language="java" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path;
request.getSession().setAttribute("ContextPath",basePath);
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'index.jsp' starting page</title>
</head>
<!-- <script type="text/javascript" src="http://localhost:8081/CCUtil/cryptoJS/rollups/tripledes.js" charset="UTF-8"></script>-->
<!-- <script type="text/javascript" src="http://localhost:8081/CCUtil/cryptoJS/components/mode-ecb.js" charset="UTF-8"></script>-->
<script type="text/javascript" src="<%=basePath%>/cryptoJS/rollups/tripledes.js" charset="UTF-8"></script>
<script type="text/javascript" src="<%=basePath%>/cryptoJS/components/mode-ecb.js" charset="UTF-8"></script>
<body>
This is my JSP page.
<button onclick="init()">计算</button>
<br>
</body>
<script type="text/javascript">
function init(){
var keyHex = CryptoJS.enc.Base64.parse('rUqSznmiv78=');
///var keyHex = CryptoJS.enc.Utf8.parse('rUqSznmiv78=');
var encrypted = CryptoJS.DES.encrypt('87654321', keyHex, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
});
alert(encrypted.toString());
///alert(encrypted.ciphertext.toString(CryptoJS.enc.Base64));
// direct decrypt ciphertext
var decrypted = CryptoJS.DES.decrypt({
ciphertext: CryptoJS.enc.Base64.parse(encrypted.toString())
}, keyHex, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
});
alert(decrypted.toString(CryptoJS.enc.Utf8));
}
</script>
</html>
java代码如下(需要引用commons-codec-1.10.jar,key使用“rUqSznmiv78=”):
package cc.com;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import org.apache.commons.codec.binary.Base64;
/**
* DES对称加密算法
* @see
*/
public class DESCoder {
// public static final String KEY_ALGORITHM = "DESede";
// public static final String CIPHER_ALGORITHM = "DESede/ECB/PKCS5Padding";
public static final String KEY_ALGORITHM = "DES";
public static final String CIPHER_ALGORITHM = "DES/ECB/PKCS5Padding";
// /**
// * 生成密钥
// * @see Java6只支持56位密钥
// * @see BouncyCastle支持64位密钥,官网是http://www.bouncycastle.org/
// */
// public static String initkey() throws NoSuchAlgorithmException {
// KeyGenerator kg = KeyGenerator.getInstance(KEY_ALGORITHM);
// kg.init(168);
// SecretKey secretKey = kg.generateKey();
//
// return Base64.encodeBase64String(secretKey.getEncoded());
// }
/**
* 生成密钥
* @param seed 密钥
* @return 字符串
* @throws Exception 异常
*/
public static String initkey() throws Exception {
return initkey(null);
}
/**
* 生成密钥
* @param seed 密钥
* @return 字符串
* @throws Exception 异常
*/
public static String initkey(String seed) throws Exception {
SecureRandom secureRandom = null;
if(seed != null){
secureRandom = new SecureRandom(Base64.decodeBase64(seed));
}else{
secureRandom = new SecureRandom();
}
KeyGenerator kg = KeyGenerator.getInstance(KEY_ALGORITHM);
kg.init(secureRandom);
SecretKey secretKey = kg.generateKey();
return Base64.encodeBase64String(secretKey.getEncoded());
}
// /**
// * 转换密钥
// */
// private static Key toKey(byte[] key) throws Exception {
// DESedeKeySpec dks = new DESedeKeySpec(key);
// SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(KEY_ALGORITHM);
// SecretKey secretKey = keyFactory.generateSecret(dks);
// return secretKey;
// }
/**
* 转换密钥
*/
private static SecretKey toKey(byte[] key) throws Exception {
DESKeySpec keySpec = new DESKeySpec(key);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(KEY_ALGORITHM);
SecretKey secretKey = keyFactory.generateSecret(keySpec);
return secretKey;
}
/**
* 加密数据
* @param data 待加密数据
* @param key 密钥
* @return 加密后的数据
*/
public static String encrypt(String data, String key) throws Exception {
Key k = toKey(Base64.decodeBase64(key));
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, k);
byte[] encryptData = cipher.doFinal(data.getBytes());
return Base64.encodeBase64String(encryptData);
}
/**
* 解密数据
* @param data 待解密数据
* @param key 密钥
* @return 解密后的数据
*/
public static String decrypt(String data, String key) throws Exception {
Key k = toKey(Base64.decodeBase64(key));
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, k);
return new String(cipher.doFinal(Base64.decodeBase64(data)));
}
public static void main(String[] args) throws Exception {
String source = "87654321";
System.out.println("原文: " + source);
String key = "rUqSznmiv78=";
System.out.println("密钥: " + key);
String encryptData = encrypt(source, key);
System.out.println("加密: " + encryptData);
String decryptData = decrypt(encryptData, key);
System.out.println("解密: " + decryptData);
}
}
上面只是记录下js和java两种方式的DES加密解密方式,具体登录逻辑需要自己编码开发。
备注:附带整个测试例子。