最近做了一个移动项目,是有服务器和客户端类型的项目,客户端是要登录才行的,登录的密码要用DES加密,服务器是用Java开发的,客户端要同时支持多平台(Android、iOS),在处理iOS的DES加密的时候遇到了一些问题,起初怎么调都调不成和Android端生成的密文相同。最终一个忽然的想法让我找到了问题的所在,现在将代码总结一下,以备自己以后查阅。

首先,Java端的DES加密的实现方式,代码如下:




1 public class DES {
 2     private static byte[] iv = { 1, 2, 3, 4, 5, 6, 7, 8 };
 3 
 4     public static String encryptDES(String encryptString, String encryptKey)
 5             throws Exception {
 6         IvParameterSpec zeroIv = new IvParameterSpec(iv);
 7         SecretKeySpec key = new SecretKeySpec(encryptKey.getBytes(), "DES");
 8         Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
 9         cipher.init(Cipher.ENCRYPT_MODE, key, zeroIv);
10         byte[] encryptedData = cipher.doFinal(encryptString.getBytes());
11         return Base64.encode(encryptedData);
12     }
13 }




上述代码用到了一个Base64的编码类,其代码的实现方式如下:




1 public class Base64 {
 2     private static final char[] legalChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
 3             .toCharArray();
 4 
 5     
11     public static String encode(byte[] data) {
12         int start = 0;
13         int len = data.length;
14         StringBuffer buf = new StringBuffer(data.length * 3 / 2);
15 
16         int end = len - 3;
17         int i = start;
18         int n = 0;
19 
20         while (i <= end) {
21             int d = ((((int) data[i]) & 0x0ff) << 16)
22                     | ((((int) data[i + 1]) & 0x0ff) << 8)
23                     | (((int) data[i + 2]) & 0x0ff);
24 
25             buf.append(legalChars[(d >> 18) & 63]);
26             buf.append(legalChars[(d >> 12) & 63]);
27             buf.append(legalChars[(d >> 6) & 63]);
28             buf.append(legalChars[d & 63]);
29 
30             i += 3;
31 
32             if (n++ >= 14) {
33                 n = 0;
34                 buf.append(" ");
35             }
36         }
37 
38         if (i == start + len - 2) {
39             int d = ((((int) data[i]) & 0x0ff) << 16)
40                     | ((((int) data[i + 1]) & 255) << 8);
41 
42             buf.append(legalChars[(d >> 18) & 63]);
43             buf.append(legalChars[(d >> 12) & 63]);
44             buf.append(legalChars[(d >> 6) & 63]);
45             buf.append("=");
46         } else if (i == start + len - 1) {
47             int d = (((int) data[i]) & 0x0ff) << 16;
48 
49             buf.append(legalChars[(d >> 18) & 63]);
50             buf.append(legalChars[(d >> 12) & 63]);
51             buf.append("==");
52         }
53 
54         return buf.toString();
55     }
56 }




以上便是Java端的DES加密方法的全部实现过程。

我还编写了一个将byte的二进制转换成16进制的方法,以便调试的时候使用打印输出加密后的byte数组的内容,这个方法不是加密的部分,只是为调试而使用的:




1       
 5     public static String parseByte2HexStr(byte buf[]) {  
 6             StringBuffer sb = new StringBuffer();  
 7             for (int i = 0; i < buf.length; i++) {  
 8                     String hex = Integer.toHexString(buf[i] & 0xFF);  
 9                     if (hex.length() == 1) {  
10                             hex = '0' + hex;  
11                     }  
12                     sb.append(hex.toUpperCase());  
13             }  
14             return sb.toString();  
15     }





下面是Objective-c在iOS上实现的DES加密算法:




1 static Byte iv[] = {1,2,3,4,5,6,7,8};
 2 +(NSString *) encryptUseDES:(NSString *)plainText key:(NSString *)key
 3 {
 4     NSString *ciphertext = nil;
 5     const char *textBytes = [plainText UTF8String];
 6     NSUInteger dataLength = [plainText length];
 7     unsigned char buffer[1024];
 8     memset(buffer, 0, sizeof(char));
 9     size_t numBytesEncrypted = 0;
10     CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmDES,
11                                           kCCOptionPKCS7Padding,
12                                           [key UTF8String], kCCKeySizeDES,
13                                           iv,
14                                           textBytes, dataLength,
15                                           buffer, 1024,
16                                           &numBytesEncrypted);
17     if (cryptStatus == kCCSuccess) {
18         NSData *data = [NSData dataWithBytes:buffer length:(NSUInteger)numBytesEncrypted];
19         ciphertext = [data base64Encoding];
20     }
21     return ciphertext;
22 }




下面是一个关键的类:NSData的Category实现,关于Category的实现网上很多说明不再讲述。




1 static const char encodingTable[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
 2 - (NSString *)base64Encoding;
 3 {
 4     if (self.length == 0)
 5         return @"";
 6     
 7     char *characters = malloc(self.length*3/2);
 8     
 9     if (characters == NULL)
10         return @"";
11     
12     int end = self.length - 3;
13     int index = 0;
14     int charCount = 0;
15     int n = 0;
16     
17     while (index <= end) {
18         int d = (((int)(((char *)[self bytes])[index]) & 0x0ff) << 16) 
19         | (((int)(((char *)[self bytes])[index + 1]) & 0x0ff) << 8)
20         | ((int)(((char *)[self bytes])[index + 2]) & 0x0ff);
21         
22         characters[charCount++] = encodingTable[(d >> 18) & 63];
23         characters[charCount++] = encodingTable[(d >> 12) & 63];
24         characters[charCount++] = encodingTable[(d >> 6) & 63];
25         characters[charCount++] = encodingTable[d & 63];
26         
27         index += 3;
28         
29         if(n++ >= 14)
30         {
31             n = 0;
32             characters[charCount++] = ' ';
33         }
34     }
35     
36     if(index == self.length - 2)
37     {
38         int d = (((int)(((char *)[self bytes])[index]) & 0x0ff) << 16) 
39         | (((int)(((char *)[self bytes])[index + 1]) & 255) << 8);
40         characters[charCount++] = encodingTable[(d >> 18) & 63];
41         characters[charCount++] = encodingTable[(d >> 12) & 63];
42         characters[charCount++] = encodingTable[(d >> 6) & 63];
43         characters[charCount++] = '=';
44     }
45     else if(index == self.length - 1)
46     {
47         int d = ((int)(((char *)[self bytes])[index]) & 0x0ff) << 16;
48         characters[charCount++] = encodingTable[(d >> 18) & 63];
49         characters[charCount++] = encodingTable[(d >> 12) & 63];
50         characters[charCount++] = '=';
51         characters[charCount++] = '=';
52     }
53     NSString * rtnStr = [[NSString alloc] initWithBytesNoCopy:characters length:charCount encoding:NSUTF8StringEncoding freeWhenDone:YES];
54     return rtnStr;
55 }




这个方法和java端的那个Base64的encode方法基本上是一个算法,只是根据语言的特点不同有少许的改动。

下面也是Objective-c的一个二进制转换为16进制的方法,也是为了测试方便查看写的:




1 +(NSString *) parseByte2HexString:(Byte *) bytes
 2 {
 3     NSMutableString *hexStr = [[NSMutableString alloc]init];
 4     int i = 0;
 5     if(bytes)
 6     {
 7         while (bytes[i] != '\0') 
 8         {
 9             NSString *hexByte = [NSString stringWithFormat:@"%x",bytes[i] & 0xff];///16进制数
10             if([hexByte length]==1)
11                 [hexStr appendFormat:@"0%@", hexByte];
12             else 
13                 [hexStr appendFormat:@"%@", hexByte];
14             
15             i++;
16         }
17     }
18     NSLog(@"bytes 的16进制数为:%@",hexStr);
19     return hexStr;
20 }
21 
22 +(NSString *) parseByteArray2HexString:(Byte[]) bytes
23 {
24     NSMutableString *hexStr = [[NSMutableString alloc]init];
25     int i = 0;
26     if(bytes)
27     {
28         while (bytes[i] != '\0') 
29         {
30             NSString *hexByte = [NSString stringWithFormat:@"%x",bytes[i] & 0xff];///16进制数
31             if([hexByte length]==1)
32                 [hexStr appendFormat:@"0%@", hexByte];
33             else 
34                 [hexStr appendFormat:@"%@", hexByte];
35 
36             i++;
37         }
38     }
39     NSLog(@"bytes 的16进制数为:%@",hexStr);
40     return hexStr;
41 }




以上的加密方法所在的包是CommonCrypto/CommonCryptor.h。

以上便实现了Objective-c和Java下在相同的明文和密钥的情况下生成相同明文的算法。

Base64的算法可以用你们自己写的那个,不一定必须使用我提供的这个。解密的时候还要用Base64进行密文的转换。


我的解密算法如下:




1   private static byte[] iv = { 1, 2, 3, 4, 5, 6, 7, 8 };    
 2   public static String decryptDES(String decryptString, String decryptKey)
 3             throws Exception {
 4         byte[] byteMi = Base64.decode(decryptString);
 5         IvParameterSpec zeroIv = new IvParameterSpec(iv);
 6         SecretKeySpec key = new SecretKeySpec(decryptKey.getBytes(), "DES");
 7         Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
 8         cipher.init(Cipher.DECRYPT_MODE, key, zeroIv);
 9         byte decryptedData[] = cipher.doFinal(byteMi);
10 
11         return new String(decryptedData);
12     }




Base64的decode方法如下:




1   public static byte[] decode(String s) {
 2 
 3         ByteArrayOutputStream bos = new ByteArrayOutputStream();
 4         try {
 5             decode(s, bos);
 6         } catch (IOException e) {
 7             throw new RuntimeException();
 8         }
 9         byte[] decodedBytes = bos.toByteArray();
10         try {
11             bos.close();
12             bos = null;
13         } catch (IOException ex) {
14             System.err.println("Error while decoding BASE64: " + ex.toString());
15         }
16         return decodedBytes;
17     }
18     private static void decode(String s, OutputStream os) throws IOException {
19         int i = 0;
20 
21         int len = s.length();
22 
23         while (true) {
24             while (i < len && s.charAt(i) <= ' ')
25                 i++;
26 
27             if (i == len)
28                 break;
29 
30             int tri = (decode(s.charAt(i)) << 18)
31                     + (decode(s.charAt(i + 1)) << 12)
32                     + (decode(s.charAt(i + 2)) << 6)
33                     + (decode(s.charAt(i + 3)));
34 
35             os.write((tri >> 16) & 255);
36             if (s.charAt(i + 2) == '=')
37                 break;
38             os.write((tri >> 8) & 255);
39             if (s.charAt(i + 3) == '=')
40                 break;
41             os.write(tri & 255);
42 
43             i += 4;
44         }
45     }
46     private static int decode(char c) {
47         if (c >= 'A' && c <= 'Z')
48             return ((int) c) - 65;
49         else if (c >= 'a' && c <= 'z')
50             return ((int) c) - 97 + 26;
51         else if (c >= '0' && c <= '9')
52             return ((int) c) - 48 + 26 + 26;
53         else
54             switch (c) {
55             case '+':
56                 return 62;
57             case '/':
58                 return 63;
59             case '=':
60                 return 0;
61             default:
62                 throw new RuntimeException("unexpected code: " + c);
63             }
64     }




以上便实现了DES加密后的密文的解密。

Java端的测试代码如下:


1     String plaintext = "abcd";
2     String ciphertext = DES.encryptDES(plaintext, "20120401");
3     System.out.println("明文:" + plaintext);
4     System.out.println("密钥:" + "20120401");
5     System.out.println("密文:" + ciphertext);
6     System.out.println("解密后:" + DES.decryptDES(ciphertext, "20120401"));


输出结果:


明文:abcd

密钥:20120401

密文:W7HR43/usys=

解密后:abcd



Objective-c端的测试代码如下:


1     NSString *plaintext = @"abcd";
2     NSString *ciphertext = [EncryptUtil encryptUseDES:plaintext key:@"20120401"];
3     NSLog(@"明文:%@",plaintext);
4     NSLog(@"秘钥:%@",@"20120401");
5     NSLog(@"密文:%@",ciphertext);


输出结果:


1 2012-04-05 12:00:47.348 TestEncrypt[806:f803] 明文:abcd
2 2012-04-05 12:00:47.350 TestEncrypt[806:f803] 秘钥:20120401
3 2012-04-05 12:00:47.350 TestEncrypt[806:f803] 密文:W7HR43/usys=