遠程採集終端說明
一、方案詳細說明
更新內容: 報文添加加密功能
使用終端: RTU
加密方式: DES加密
DES加密模式: ECB模式
填充方式: zeropadding
二、簡單測試案例
1、示例1:
密文(hex): 8bb47a0cf0a9626d2b166ab8314d8fb5
密碼: 12345678
對應明文: 0123456789
2、示例2:
密文(hex): ff0d7d28f151afcb5c9c0bed5868c88b1530b0aec5f424d81f4c3e9dbc520c59e90fbfb9913e3c1b7e6cd019df36016de09a41a1b9b4bf265f6a7d528e394f39d38377496afb736d9555bb58a1e67357188fbd94a9d5ca52bee263f693ac45c72f5cb2e7a220696ed2c134f03a8135b2d9b3d4e0deb60708474aa8116f476cc20c6da503b069dcd418a76ed28d157ade3d7595a98bff809d
密碼: 12345678
明文: EB910048648961079140002C01000001010704050225A5C1B1010000000000000063413AE13A42D8F5C343A40C2943B4D5A2406AE148413051C99E90FF97412C85F200000000CA7B
三、後臺解析程序
約定密碼: 12345678
解密程序: 前期已提供測試,備份在文件夾中。
1、對應的Java實現(ECB模式,zeropadding填充方式)代碼DES.java如下:
package com.ybu.des;
import java.security.SecureRandom;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.SecretKeyFactory;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
/**
* 注意:DES加密和解密過程中,密鑰長度都必須是8的倍數
*/
public class DES {
public DES() {
}
// 測試
public static void main(String args[]) {
// 待加密內容
String str = "0123456789";
// 密碼,長度要是8的倍數
String password = "12345678";
byte[] result = DES.encrypt(str.getBytes(), password);
// System.out.println("加密後:----" + new String(result));
System.out.println("加密後:----" + byteToHex(result));
// 直接將如上內容解密
try {
byte[] decryResult = DES.decrypt(result, password);
System.out.println("解密後:----" + new String(decryResult));
} catch (Exception e1) {
e1.printStackTrace();
}
}
/**
* 加密
*
* @param datasource byte[]
* @param password String
* @return byte[]
*/
public static byte[] encrypt(byte[] datasource, String password) {
try {
SecureRandom random = new SecureRandom();
DESKeySpec desKey = new DESKeySpec(password.getBytes());
// 創建一個密匙工廠,然後用它把DESKeySpec轉換成
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey securekey = keyFactory.generateSecret(desKey);
// Cipher對象實際完成加密操作
Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
// 用密匙初始化Cipher對象
cipher.init(Cipher.ENCRYPT_MODE, securekey, random);
// 現在,獲取數據並加密
// 正式執行加密操作
return cipher.doFinal(addZero(datasource));
} catch (Throwable e) {
e.printStackTrace();
}
return null;
}
/**
* 解密
*
* @param src byte[]
* @param password String
* @return byte[]
* @throws Exception
*/
public static byte[] decrypt(byte[] src, String password) throws Exception {
// DES算法要求有一個可信任的隨機數源
SecureRandom random = new SecureRandom();
// 創建一個DESKeySpec對象
DESKeySpec desKey = new DESKeySpec((password.getBytes()));
// 創建一個密匙工廠
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
// 將DESKeySpec對象轉換成SecretKey對象
SecretKey securekey = keyFactory.generateSecret(desKey);
// Cipher對象實際完成解密操作
Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
// 用密匙初始化Cipher對象
cipher.init(Cipher.DECRYPT_MODE, securekey, random);
// 真正開始解密操作
return cipher.doFinal(src);
}
public static byte[] getKey(byte[] keyRule) {
SecretKeySpec key = null;
byte[] keyByte = keyRule;
System.out.println(keyByte.length);
// 創建一個空的八位數組,默認情況下爲0
byte[] byteTemp = new byte[8];
// 將用戶指定的規則轉換成八位數組
int i = 0;
for (; i < byteTemp.length && i < keyByte.length; i++) {
byteTemp[i] = keyByte[i];
}
key = new SecretKeySpec(byteTemp, "DES");
return key.getEncoded();
}
public static byte[] addZero(byte[] data) {
byte[] dataByte = data;
if (data.length % 8 != 0) {
byte[] temp = new byte[8 - data.length % 8];
dataByte = byteMerger(data, temp);
}
return dataByte;
}
// java 合併兩個byte數組
// System.arraycopy()方法
public static byte[] byteMerger(byte[] bt1, byte[] bt2) {
byte[] bt3 = new byte[bt1.length + bt2.length];
System.arraycopy(bt1, 0, bt3, 0, bt1.length);
System.arraycopy(bt2, 0, bt3, bt1.length, bt2.length);
return bt3;
}
/**
* byte數組轉hex
* @param bytes
* @return
*/
public static String byteToHex(byte[] bytes){
String strHex = "";
StringBuilder sb = new StringBuilder("");
for (int n = 0; n < bytes.length; n++) {
strHex = Integer.toHexString(bytes[n] & 0xFF);
sb.append((strHex.length() == 1) ? "0" + strHex : strHex); // 每個字節由兩個字符表示,位數不夠,高位補0
}
return sb.toString().trim();
}
}
2、使用openssl庫實現DES加密和解密(ECB模式,zeropadding填充方式)
可以參考博客C/C++使用openssl進行摘要和加密解密(md5, sha256, des, rsa)
openssl裏面有很多用於摘要哈希、加密解密的算法,方便集成於工程項目,被廣泛應用於網絡報文中的安全傳輸和認證。下面以des的api簡單使用作爲例子。
算法介紹
des: https://en.wikipedia.org/wiki/Data_Encryption_Standard
工程配置
- 1、windows
編譯openssl庫,得到頭文件include和鏈接庫lib和dll
配置包含頭文件目錄和庫目錄
工程中設置鏈接指定的lib:libssl.lib,libcrypto.lib
將對應的dll拷貝到exe執行目錄:libcrypto-1_1.dll, libssl-1_1.dll
- 2、linux
編譯openssl庫,得到頭文件include和鏈接庫a和so
配置包含頭文件目錄和庫目錄
工程中設置鏈接指定的lib:libcrypto.a 後者libcrypto.so - DES.h頭文件
加密和解密實現如下
#ifndef _DES_ECB_H
#define _DES_ECB_H
#include<string>
typdedef std::string String;
#include "openssl/des.h"
// DES加密 ECB模式
static String encrypt_des_ecb(const String& mingwen, const String& keystr)
{
String strCipherText;
DES_cblock keyEncrypt;
memset(keyEncrypt, 0, 8);
memcpy(keyEncrypt, keystr.c_str(), keystr.size() >= 8 ? 8 : keystr.size());
DES_key_schedule keySchedule; //密鑰表
DES_set_key_unchecked(&keyEncrypt, &keySchedule); //設置密鑰,且不檢測密鑰奇偶性
// 循環加密,每8字節一次
const_DES_cblock inputText;
DES_cblock outputText;
Uint8Array vecCiphertext;
uint8 tmp[8];
Uint8Array vecFull((mingwen.size() + 7) / 8 * 8, 0);
memcpy(vecFull.data(), mingwen.data(), mingwen.size());
for (int i = 0; i < vecFull.size() / 8; i++)
{
memcpy(inputText, vecFull.data() + i * 8, 8);
DES_ecb_encrypt(&inputText, &outputText, &keySchedule, DES_ENCRYPT); //加密
memcpy(tmp, outputText, 8);
std::copy(tmp, tmp + 8, std::back_inserter(vecCiphertext));
}
strCipherText.clear();
strCipherText.assign(vecCiphertext.begin(), vecCiphertext.end());
return strCipherText;
}
// DES解密 ECB模式
static String decrypt_des_ecb(const String& miwen, const String& keystr)
{
String clearText;
DES_cblock keyEncrypt;
memset(keyEncrypt, 0, 8);
memcpy(keyEncrypt, keystr.c_str(), keystr.size() >= 8 ? 8 : keystr.size());
DES_key_schedule keySchedule; //密鑰表
DES_set_key_unchecked(&keyEncrypt, &keySchedule); //設置密鑰,且不檢測密鑰奇偶性
// 循環解密,每8字節一次
const_DES_cblock inputText;
DES_cblock outputText;
Uint8Array vecCleartext;
uint8 tmp[8];
Uint8Array vecFull((miwen.size() + 7) / 8 * 8, 0);
memcpy(vecFull.data(), miwen.data(), miwen.size());
for (int i = 0; i < vecFull.size() / 8; i++)
{
memcpy(inputText, vecFull.data() + i * 8, 8);
DES_ecb_encrypt(&inputText, &outputText, &keySchedule, DES_DECRYPT); //解密
memcpy(tmp, outputText, 8);
std::copy(tmp, tmp + 8, std::back_inserter(vecCleartext));
}
clearText.clear();
clearText.assign(vecCleartext.begin(), vecCleartext.end());
return clearText;
}
#endif
- 測試代碼main.cpp如下:
#include <iostream>
#include "DES.h"
// 轉換hex到字符串顯示
String hex2str(const char* buff, const size_t buffsize, const char* sep = "", bool is_case = false) {
String out;
char ch[4];
const char* fmt = is_case ? "%02x" : "%02X";
for (size_t i = 0; i < buffsize; i++) {
sprintf(ch, fmt, buff[i] & 0xFF);
if (out.empty()) {
out = ch;
}
else {
out += sep;
out += ch;
}
}
return out;
}
int main(int argc, char* argv[])
{
// 原始明文
// 待加密內容
String mingwenText = "0123456789";
std::cout << "原始字符串爲:" << mingwenText << std::endl;
// des
std::cout << "=== des ecb加解密 ===" << std::endl;
// 密碼,長度要是8的倍數
std::string desKey = "12345678";
String miwen = DES::encrypt_des_ecb(mingwenText, desKey);
String miwenStr = hex2str(miwen.data(), miwen.size());
std::cout << "加密後的字符串: " << miwenStr << std::endl;
String mingwen = DES::decrypt_des_ecb(miwen, desKey);
int lastPos = mingwen.find_first_of('\0');
mingwen = mingwen.substr(0, lastPos);
std::cout << "解密後的字符串: " << mingwen << std::endl;
system("pause");
return 0;
}