堆栈内存溢出
  简体   繁体   English

我如何知道我使用的是Triple Des Algorithm实现的正确版本?

[英]How do I know if I'm using the right version of Triple Des Algorithm implementation?

 原文  2012-10-18 14:30:18       java/ encryption/ tripledes

问题描述

I searched over the internet for a Triple Des Algorithm implementation for Java. 我在互联网上搜索了Java的Triple Des Algorithm实现。

I found a lot of solutions and choosed one (The one with better documentation for me). 我找到了很多解决方案,然后选择了一种(对我来说文档更好的解决方案)。 I tested and works Ok. 我测试并正常工作。

Then, I searched for an AES Algorithm implementation for Java. 然后,我搜索了Java的AES算法实现。 And found a good ones. 并找到一个好的。 Really similar to Triple Des Algorithm implementation, but not exactly the same. 确实类似于Triple Des Algorithm的实现,但不完全相同。

So I think, what appends if I use the AES Algorithm implementation but changing the Cipher instance parameter from "AES" to "DESede"? 因此,我认为,如果我使用AES算法实现,但将Cipher实例参数从“ AES”更改为“ DESede”,该怎么办? I made the change, tested the code and worked ok. 我进行了更改,测试了代码并正常工作。 But, the String returned it is different from the String returned on my previous Triple Des Algorithm implementation. 但是,返回的字符串与我先前的Triple Des Algorithm实现中返回的字符串不同。

So, like the title say, how do I know if I'm using the right version of Triple Des Algorithm implementation? 因此,就像标题中所说的那样,我怎么知道我是否使用的是Triple Des Algorithm实现的正确版本?

This is the first implementation: 这是第一个实现: 

public String encrypt(SecretKey key, String stringIn){

    String outString = "";      

    if (stringIn.isEmpty() || stringIn.toUpperCase().equals("NULL")){
        return "";
    }

    try {   

        if (key == null)
            key = this.key;


        InputStream in = new ByteArrayInputStream(stringIn.getBytes("UTF-8"));

        ByteArrayOutputStream out = new ByteArrayOutputStream();

        // Create and initialize the encryption engine
        Cipher cipher = Cipher.getInstance("DESede");
        cipher.init(Cipher.ENCRYPT_MODE, key);

        // Create a special output stream to do the work for us
        CipherOutputStream cos = new CipherOutputStream(out, cipher);

        // Read from the input and write to the encrypting output stream
        byte[] buffer = new byte[2048];

        int bytesRead;

        while ((bytesRead = in.read(buffer)) != -1) {
            cos.write(buffer, 0, bytesRead);
        }

        cos.close();

        // For extra security, don't leave any plaintext hanging around memory.
        java.util.Arrays.fill(buffer, (byte) 0);

        outString = out.toString();

    } catch (UnsupportedEncodingException e) {

        e.printStackTrace();

    } catch (NoSuchAlgorithmException e) {

        e.printStackTrace();

    } catch (NoSuchPaddingException e) {

        e.printStackTrace();

    } catch (InvalidKeyException e) {

        e.printStackTrace();

    } catch (IOException e) {

        e.printStackTrace();

    } finally {

        return outString;
    }

}

This is the second one: 这是第二个: 

public String encrypt(SecretKey key, String stringIn){

    String outString = "";      

    if (stringIn.isEmpty() || stringIn.toUpperCase().equals("NULL")){
        return "";
    }


    try {   

        if (key == null)
            key = this.key;

        Cipher ecipher = Cipher.getInstance("DESede");

        ecipher.init(Cipher.ENCRYPT_MODE, key);

        byte[] bytes = stringIn.getBytes("UTF8");

        byte[] encVal = ecipher.doFinal(bytes);

        outString = new sun.misc.BASE64Encoder().encode(encVal);

    } catch (UnsupportedEncodingException e) {

        e.printStackTrace();

    } catch (NoSuchAlgorithmException e) {

        e.printStackTrace();

    } catch (NoSuchPaddingException e) {

        e.printStackTrace();

    } catch (InvalidKeyException e) {

        e.printStackTrace();

    } catch (IOException e) {

        e.printStackTrace();

    } finally {

        return outString;
    }

}

This is the Test case: 这是测试用例: 

    String In: 6985475896580019
    String Returned when I Encripted with First code: Kœ¼i …€‡ä«‘]<žéù âpU
    String Returned when I Encripted with Second code: w1ujopasjH6ccFKgUtOgansFNBtxbWe8YwDhso2pZN8=

Sorry for my poor english. 对不起,我英语不好。

Thanks for your help 谢谢你的帮助

1 个解决方案

解决方案1
 0  2012-10-23 00:44:43

cipher.init(mode,key) generates a random IV. cipher.init(mode,key)生成随机IV。 This is actually the most secure way of using it; 实际上,这是最安全的使用方式。 you should use .getIV() and return that with the encrypted text (which is also automatic; Java tacks it onto the first few bytes of the cryptostream, which is how they decrypt OK). 您应该使用.getIV()并返回带有加密文本的文本(这也是自动的; Java将其附加到cryptostream的前几个字节上,这是它们解密OK的方式)。 Different IV changes the result just as much as a different key, but it doesn't need to be secret, it's just to make sure identical things don't encrypt identically. 不同的IV更改结果的方式与更改不同的密钥一样多,但是它不必保密,只是确保相同的内容不会被相同地加密。

To force an IV for comparing algorithms, or for decrypting with a known one not included, use cipher.init(mode,key,new IvParameterSpec(iv)) 要强制IV进行算法比较或使用未包含的已知算法进行解密,请使用cipher.init(mode,key,new IvParameterSpec(iv))

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在.NET中使用DES算法? - How do I use the DES Algorithm in .NET? 我怎么知道我正在使用什么 jaxrs 实现? - How do I know what implementation of jaxrs I am using? 我正在为Java中的长数字实现3Des加密算法 - I'm implementing 3Des Encryption Algorithm for Long Numbers in Java 我如何知道我是否在Eclipse中查看Java接口或实现文件 - How do I know if I'm looking at Java interface or implementation file in Eclipse 如何翻译printf(“%c”,M); 我的DES实现从C到Java? - How can I translate printf(“%c”,M); from C to Java for my DES implementation? 如何使用ExoPlayer播放DES加密文件 - How do I play a DES encrypted File using ExoPlayer 如何选择正确的List实现? - How do I select the right List implementation? Java Triple DES算法填充模式 - Java Triple DES algorithm Padding modes 我怎么知道我是否在事件发送线程上? - How do I know if I'm on the event dispatch thread? 如何使用Triple DES实现CFB8模式以使用CryptoJS进行解密 - How to implement CFB8 mode with Triple DES for decryption using CryptoJS
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM