如何在Android上使用3DES算法？

Question

在服務器端，密碼字段的加密/解密在C＃中完成。

現在，我需要在我的android應用程序中實現相同的功能。所以，我跟着這個教程：http://ttux.net/post/3des-java-encrypter-des-java-encryption/如下：

import java.security.MessageDigest; 
import java.security.spec.KeySpec; 
import java.util.Arrays; 

import javax.crypto.Cipher; 
import javax.crypto.SecretKey; 
import javax.crypto.SecretKeyFactory; 
import javax.crypto.spec.DESedeKeySpec; 
import javax.crypto.spec.IvParameterSpec; 

import org.apache.commons.codec.binary.Base64; 

public class Encrypter { 
    private KeySpec keySpec; 
    private SecretKey key; 
    private IvParameterSpec iv; 

    public Encrypter(String keyString, String ivString) { 
    try { 
     final MessageDigest md = MessageDigest.getInstance("md5"); 
     final byte[] digestOfPassword = md.digest(Base64.decodeBase64(keyString.getBytes("utf-8"))); 
     final byte[] keyBytes = Arrays.copyOf(digestOfPassword, 24); 
     for (int j = 0, k = 16; j < 8;) { 
    keyBytes[k++] = keyBytes[j++]; 
     } 

     keySpec = new DESedeKeySpec(keyBytes); 

     key = SecretKeyFactory.getInstance("DESede").generateSecret(keySpec); 

     iv = new IvParameterSpec(ivString.getBytes()); 
    } catch(Exception e) { 
     e.printStackTrace(); 
    } 
    } 

    public String encrypt(String value) { 
    try { 
     Cipher ecipher = Cipher.getInstance("DESede/CBC/PKCS5Padding","SunJCE"); 
     ecipher.init(Cipher.ENCRYPT_MODE, key, iv); 

     if(value==null) 
    return null; 

     // Encode the string into bytes using utf-8 
     byte[] utf8 = value.getBytes("UTF8"); 

     // Encrypt 
     byte[] enc = ecipher.doFinal(utf8); 

     // Encode bytes to base64 to get a string 
     return new String(Base64.encodeBase64(enc),"UTF-8"); 
    } catch (Exception e) { 
     e.printStackTrace(); 
    } 
    return null; 
    } 

    public String decrypt(String value) { 
    try { 
     Cipher dcipher = Cipher.getInstance("DESede/CBC/PKCS5Padding","SunJCE"); 
     dcipher.init(Cipher.DECRYPT_MODE, key, iv); 

     if(value==null) 
    return null; 

     // Decode base64 to get bytes 
     byte[] dec = Base64.decodeBase64(value.getBytes()); 

     // Decrypt 
     byte[] utf8 = dcipher.doFinal(dec); 

     // Decode using utf-8 
     return new String(utf8, "UTF8"); 
    } catch (Exception e) { 
     e.printStackTrace(); 
    } 
    return null; 
    } 
} 

，但我不知道我需要什麼值上面的代碼提供了鍵值和ivValue。請幫我...

Answer 1

使用此代碼，您的加密字符串

import javax.crypto.Cipher; 
import javax.crypto.spec.IvParameterSpec; 
import javax.crypto.spec.SecretKeySpec; 

import android.util.Base64; 
//string encryption 
public class EncryptionHelper { 



    // Encrypts string and encode in Base64 
    public static String encryptText(String plainText) throws Exception { 
     // ---- Use specified 3DES key and IV from other source -------------- 
     byte[] plaintext = plainText.getBytes();//input 
     byte[] tdesKeyData = Constants.getKey().getBytes();// your encryption key 

     byte[] myIV = Constants.getInitializationVector().getBytes();// initialization vector 

     Cipher c3des = Cipher.getInstance("DESede/CBC/PKCS5Padding"); 
     SecretKeySpec myKey = new SecretKeySpec(tdesKeyData, "DESede"); 
     IvParameterSpec ivspec = new IvParameterSpec(myIV); 

     c3des.init(Cipher.ENCRYPT_MODE, myKey, ivspec); 
     byte[] cipherText = c3des.doFinal(plaintext); 
     String encryptedString = Base64.encodeToString(cipherText, 
       Base64.DEFAULT); 
     // return Base64Coder.encodeString(new String(cipherText)); 
     return encryptedString; 
    } 

} 

這怎麼可以（DES使用單一DES加密加密字符串

String encryptedPassword = EncryptionHelper.encryptText(edtText.getText().toString()); 

Answer 2

三重DES被稱爲"DESede" ，解密，加密加密）在Java和Android運行時。所以它的功能可以通過Cipher類訪問。它還列出了可用的算法。對於三重DES，您可以使用「DESede/CBC/PKCS5Padding」`。不要忘記提供一個8字節的隨機IV。

三重DES應該只用於向後兼容。如果你決定使用它，至少要提供24字節的密鑰材料，否則你的密文有可能被破解。對於更現代的方法，使用AES，最好採用認證模式，如GCM（"AES/GCM/NoPadding"）。請注意，GCM需要12個字節的唯一隨機數。