一侥猩、前言
對于3DES加密百度上大部分都有很詳細(xì)的解釋這里就不再贅述,本文只針對Java以及JavaScript進(jìn)行使用3DES加密的過程進(jìn)行詳細(xì)的解答灯抛,并對容易采坑以及容易疑惑的地方進(jìn)行詳細(xì)解釋金赦;
注意點(diǎn)
1、3DES加密key 必須為24字節(jié)对嚼,隨便用一個(gè)字符串然后獲取其byte作為key是會(huì)報(bào)錯(cuò)的
2夹抗、3DES有多重加密工作模式ECB、OFB纵竖、CTR漠烧、CFB、CBC靡砌,本文采用CBC模式加密已脓,需要對各個(gè)工作模式進(jìn)行詳細(xì)了解的可查看這篇帖子http://blog.51cto.com/aubdiy/815434
3、實(shí)現(xiàn)3DES是需要IV偏移量的通殃,偏移量長度必須為8字節(jié)
4度液、3DES有多重填充方式厕宗,本文采用PKCS5Padding,需要了解詳細(xì)可自行百度
二堕担、Java實(shí)現(xiàn)
- 一已慢、生成隨機(jī)加解密key秘鑰image.png完整代碼如下image.png
package com.test;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import java.security.Key;
public class Crypto3DesUtil {
private static final String KEY_STRING="isiGuRWo36Gny+Y0yOU+rhYfL4kvUiOD";
private static final byte[] KEY_IV="99999999".getBytes();//加密IV偏移量,必須為8為字節(jié)
private static final String KEY_ALGORITHM = "DESede";//3DES加密算法
private static final String PADDING_PATTERN="DESede/CBC/PKCS5Padding";//填充模式
/**
* 3Des CBC 模式加密
* @param data 明文
* @return Base64編碼字符串密文
* @throws Exception
*/
public static String Encrypt3DesCBC(String data)throws Exception{
Cipher cipher = Cipher.getInstance(PADDING_PATTERN);
IvParameterSpec ips = new IvParameterSpec(KEY_IV);
cipher.init(Cipher.ENCRYPT_MODE, get3DesKey(), ips);
byte[] bOut = cipher.doFinal(data.getBytes());
return new BASE64Encoder().encode(bOut);
}
/**
* 3DES解密
* @param cipherBase64Str Base64編碼字符串密文
* @return 解密后內(nèi)容
* @throws Exception
*/
public static String Decrypt3DesCBC(String cipherBase64Str) throws Exception {
byte[] cipherStrByte= new BASE64Decoder().decodeBuffer(cipherBase64Str);
Cipher cipher = Cipher.getInstance(PADDING_PATTERN);
IvParameterSpec ips = new IvParameterSpec(KEY_IV);
cipher.init(Cipher.DECRYPT_MODE, get3DesKey(), ips);
byte[] bOut = cipher.doFinal(cipherStrByte);
return new String(bOut, "UTF-8");
}
/**
* 獲取3Des秘鑰對象
* @return
* @throws Exception
*/
public static Key get3DesKey()throws Exception{
//將keyString從Base64編碼字符串轉(zhuǎn)為原始正常的byte[]
byte[] key= new BASE64Decoder().decodeBuffer(KEY_STRING);
//實(shí)例化DES密鑰規(guī)則
DESedeKeySpec spec = new DESedeKeySpec(key);
//實(shí)例化3DES(desede)密鑰工廠
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance(KEY_ALGORITHM);
//生成秘鑰
return keyfactory.generateSecret(spec);
}
public static void main(String[] args)throws Exception {
// //生成指定算法的秘密密鑰的生成器
// KeyGenerator kg = KeyGenerator.getInstance(KEY_ALGORITHM);
// //初始化此密鑰生成器霹购,使其具有確定的密鑰大小
// kg.init(168);
// //生成一個(gè)密鑰
// SecretKey secretKey = kg.generateKey();
// //將秘鑰轉(zhuǎn)為Base64編碼字符串
// String keyStr= new BASE64Encoder().encode(secretKey.getEncoded());
// System.out.println(keyStr);
//加密
String cipherStr= Crypto3DesUtil.Encrypt3DesCBC("testtttest");
System.out.println(cipherStr);
//解密
String dataStr= Crypto3DesUtil.Decrypt3DesCBC(cipherStr);
System.out.println(dataStr);
}
}
- 二佑惠、加解密實(shí)現(xiàn)
三、JavaScript實(shí)現(xiàn)
- 1齐疙、JavaScript采用開源的CryptoJS來實(shí)現(xiàn)膜楷,GitHub地址https://github.com/sytelus/CryptoJS,下載下來后找到rollups/tripledes.js并將其引用
var key = CryptoJS.enc.Base64.parse("isiGuRWo36Gny+Y0yOU+rhYfL4kvUiOD"); //將Base64編碼字符串解碼為原始二進(jìn)制byte
var ivs=CryptoJS.enc.Utf8.parse('99999999');//得到偏移量的二進(jìn)制byte字節(jié)
//**加密**
var encrypted = CryptoJS.TripleDES.encrypt("testtttest", key, {
iv: ivs,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
var cipherStr = encrypted.toString();//得到base64編碼字符串密文
console.log(cipherStr);
//**解密**
var decrypted = CryptoJS.TripleDES.decrypt({
ciphertext: CryptoJS.enc.Base64.parse(cipherStr)
}, key, {
iv: ivs,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
var data=decrypted.toString(CryptoJS.enc.Utf8);//轉(zhuǎn)為UTF-8的原始數(shù)據(jù)
console.log(data);
