DES篇

分组加密涉及S盒P盒等数据，本篇仅作梳理，未能手搓

des密钥格式为固定8字节64位，长度限死

代码

加解密大致流程

flowchart TD
    A[64位明文输入] --> B(初始置换IP)
    B --> C{将64位分为L0左32位 R0右32位}
    C --> D[16轮Feistel迭代]
    
    subgraph D [第i轮迭代]
        direction LR
        D1[R_i-1 右32位] --> D2["扩展置换E<br>32位→48位"]
        D2 --> D3[与子密钥K_i XOR]
        D3 --> D4["S盒替换<br>48位→32位"]
        D4 --> D5[P盒置换]
        D5 --> D6[与L_i-1左32位XOR]
        D6 --> D7[得到新的R_i]
        D1 -.-> D8[直接成为新的L_i]
    end

    D --> E{16轮后合并L16与R16}
    E --> F(最终置换IP的逆)
    F --> G[输出64位密文]
    
    %% 样式优化
    classDef default fill:#f9f9f9,stroke:#333,stroke-width:1px
    classDef process fill:#e1f5fe,stroke:#01579b
    classDef decision fill:#fff3e0,stroke:#ef6c00
    classDef inputOutput fill:#e8f5e8,stroke:#2e7d32
    
    class A,G inputOutput
    class B,C,E,F process
    class D1,D2,D3,D4,D5,D6,D7,D8 decision

密钥处理过程

1.抓换位列表

2.PC置换，选取56位密钥，接着对半分两组密钥

3.循环左移后合并

4.56取48作为16轮循环子密钥，每轮子密钥不同

调用库

from Crypto.Cipher import DES
from Crypto.Util.Padding import pad, unpad
from Crypto.Random import get_random_bytes
import base64


class DESCipher:
    def __init__(self, key):
        """
        初始化DES加密器
        :param key: 密钥（8字节）
        """
        if len(key) != 8:
            raise ValueError("DES密钥必须是8字节长度")
        self.key = key

    def encrypt_ecb(self, plaintext):
        """
        ECB模式加密
        :param plaintext: 明文（字节串或字符串）
        :return: Base64编码的密文
        """
        if isinstance(plaintext, str):
            plaintext = plaintext.encode('utf-8')

        # 创建ECB模式的DES加密器
        cipher = DES.new(self.key, DES.MODE_ECB)

        # 对明文进行PKCS7填充并加密
        ciphertext = cipher.encrypt(pad(plaintext, DES.block_size))

        # 返回Base64编码的密文
        return base64.b64encode(ciphertext).decode('utf-8')

    def decrypt_ecb(self, ciphertext):
        """
        ECB模式解密
        :param ciphertext: Base64编码的密文
        :return: 明文
        """
        # Base64解码
        ciphertext_bytes = base64.b64decode(ciphertext)

        # 创建ECB模式的DES解密器
        cipher = DES.new(self.key, DES.MODE_ECB)

        # 解密并去除填充
        plaintext = unpad(cipher.decrypt(ciphertext_bytes), DES.block_size)

        return plaintext.decode('utf-8')

    def encrypt_cbc(self, plaintext, iv=None):
        """
        CBC模式加密
        :param plaintext: 明文（字节串或字符串）
        :param iv: 初始化向量（8字节），如果为None则随机生成
        :return: 包含IV和密文的字典
        """
        if isinstance(plaintext, str):
            plaintext = plaintext.encode('utf-8')

        # 生成随机IV（如果未提供）
        if iv is None:
            iv = get_random_bytes(8)
        elif len(iv) != 8:
            raise ValueError("IV必须是8字节长度")

        # 创建CBC模式的DES加密器
        cipher = DES.new(self.key, DES.MODE_CBC, iv)

        # 对明文进行PKCS7填充并加密
        ciphertext = cipher.encrypt(pad(plaintext, DES.block_size))

        # 返回IV和密文（IV需要与密文一起保存）
        return {
            'iv': base64.b64encode(iv).decode('utf-8'),
            'ciphertext': base64.b64encode(ciphertext).decode('utf-8')
        }

    def decrypt_cbc(self, ciphertext, iv):
        """
        CBC模式解密
        :param ciphertext: Base64编码的密文
        :param iv: Base64编码的初始化向量
        :return: 明文
        """
        # Base64解码
        iv_bytes = base64.b64decode(iv)
        ciphertext_bytes = base64.b64decode(ciphertext)

        # 创建CBC模式的DES解密器
        cipher = DES.new(self.key, DES.MODE_CBC, iv_bytes)

        # 解密并去除填充
        plaintext = unpad(cipher.decrypt(ciphertext_bytes), DES.block_size)

        return plaintext.decode('utf-8')


# 测试示例
if __name__ == "__main__":
    # 测试密钥（必须是8字节）
    key = b'reverse0'  # 8字节密钥

    # 创建DES加密器实例
    des = DESCipher(key)

    # 测试明文
    plaintext = "re100dayzhuji"

    print("=== DES ECB模式测试 ===")
    # ECB加密
    ecb_encrypted = des.encrypt_ecb(plaintext)
    print(f"ECB加密结果: {ecb_encrypted}")

    # ECB解密
    ecb_decrypted = des.decrypt_ecb(ecb_encrypted)
    print(f"ECB解密结果: {ecb_decrypted}")
    print(f"ECB加解密验证: {ecb_decrypted == plaintext}")

    print("\n=== DES CBC模式测试 ===")
    # CBC加密（使用随机IV）
    cbc_encrypted = des.encrypt_cbc(plaintext)
    print(f"CBC IV: {cbc_encrypted['iv']}")
    print(f"CBC加密结果: {cbc_encrypted['ciphertext']}")

    # CBC解密
    cbc_decrypted = des.decrypt_cbc(cbc_encrypted['ciphertext'], cbc_encrypted['iv'])
    print(f"CBC解密结果: {cbc_decrypted}")
    print(f"CBC加解密验证: {cbc_decrypted == plaintext}")

    print("\n=== 使用固定IV的CBC模式测试 ===")
    # 使用固定IV的CBC加密
    fixed_iv = b'12345678'  # 8字节IV
    cbc_fixed_encrypted = des.encrypt_cbc(plaintext, fixed_iv)
    print(f"固定IV CBC加密结果: {cbc_fixed_encrypted['ciphertext']}")

    # 使用相同IV解密
    cbc_fixed_decrypted = des.decrypt_cbc(cbc_fixed_encrypted['ciphertext'],
                                          cbc_fixed_encrypted['iv'])
    print(f"固定IV CBC解密结果: {cbc_fixed_decrypted}")
    print(f"固定IV CBC加解密验证: {cbc_fixed_decrypted == plaintext}")

底层实现

import struct
import os

# 初始置换表 (IP)
IP = [
    58, 50, 42, 34, 26, 18, 10, 2,
    60, 52, 44, 36, 28, 20, 12, 4,
    62, 54, 46, 38, 30, 22, 14, 6,
    64, 56, 48, 40, 32, 24, 16, 8,
    57, 49, 41, 33, 25, 17, 9, 1,
    59, 51, 43, 35, 27, 19, 11, 3,
    61, 53, 45, 37, 29, 21, 13, 5,
    63, 55, 47, 39, 31, 23, 15, 7
]

# 逆初始置换表 (IP^-1)
# IP表中第i个位置的值是j，那么在IP⁻¹表中第j-1个位置的值应该是i+1
#     IP_INV[IP[i]-1] = i+1
IP_INV = [
    40, 8, 48, 16, 56, 24, 64, 32,
    39, 7, 47, 15, 55, 23, 63, 31,
    38, 6, 46, 14, 54, 22, 62, 30,
    37, 5, 45, 13, 53, 21, 61, 29,
    36, 4, 44, 12, 52, 20, 60, 28,
    35, 3, 43, 11, 51, 19, 59, 27,
    34, 2, 42, 10, 50, 18, 58, 26,
    33, 1, 41, 9, 49, 17, 57, 25
]

# 扩展置换表 (E)
E = [
    32, 1, 2, 3, 4, 5,
    4, 5, 6, 7, 8, 9,
    8, 9, 10, 11, 12, 13,
    12, 13, 14, 15, 16, 17,
    16, 17, 18, 19, 20, 21,
    20, 21, 22, 23, 24, 25,
    24, 25, 26, 27, 28, 29,
    28, 29, 30, 31, 32, 1
]

# P盒置换表
P = [
    16, 7, 20, 21,
    29, 12, 28, 17,
    1, 15, 23, 26,
    5, 18, 31, 10,
    2, 8, 24, 14,
    32, 27, 3, 9,
    19, 13, 30, 6,
    22, 11, 4, 25
]

# PC-1置换表 (密钥置换表1)
PC1 = [
    57, 49, 41, 33, 25, 17, 9,
    1, 58, 50, 42, 34, 26, 18,
    10, 2, 59, 51, 43, 35, 27,
    19, 11, 3, 60, 52, 44, 36,
    63, 55, 47, 39, 31, 23, 15,
    7, 62, 54, 46, 38, 30, 22,
    14, 6, 61, 53, 45, 37, 29,
    21, 13, 5, 28, 20, 12, 4
]

# PC-2置换表 (密钥置换表2)
PC2 = [
    14, 17, 11, 24, 1, 5,
    3, 28, 15, 6, 21, 10,
    23, 19, 12, 4, 26, 8,
    16, 7, 27, 20, 13, 2,
    41, 52, 31, 37, 47, 55,
    30, 40, 51, 45, 33, 48,
    44, 49, 39, 56, 34, 53,
    46, 42, 50, 36, 29, 32
]

# 循环左移表
SHIFT_SCHEDULE = [1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1]

# S盒
S_BOX = [
    # S1
    [
        [14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7],
        [0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8],
        [4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0],
        [15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13]
    ],
    # S2
    [
        [15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10],
        [3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5],
        [0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15],
        [13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9]
    ],
    # S3
    [
        [10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8],
        [13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1],
        [13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7],
        [1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12]
    ],
    # S4
    [
        [7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15],
        [13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9],
        [10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4],
        [3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14]
    ],
    # S5
    [
        [2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9],
        [14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6],
        [4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14],
        [11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3]
    ],
    # S6
    [
        [12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11],
        [10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8],
        [9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6],
        [4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13]
    ],
    # S7
    [
        [4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1],
        [13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6],
        [1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2],
        [6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12]
    ],
    # S8
    [
        [13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7],
        [1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2],
        [7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8],
        [2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11]
    ]
]


def permute(block, table):
    """根据给定的置换表对数据块进行置换"""
    return [block[i - 1] for i in table]


def left_shift(bits, n):
    """循环左移n位"""
    return bits[n:] + bits[:n]


def bytes_to_bits(data):
    """将字节数据转换为位列表"""
    bits = []
    for byte in data:
        bits.extend([(byte >> i) & 1 for i in range(7, -1, -1)])
    return bits


def bits_to_bytes(bits):
    """将位列表转换为字节数据"""
    bytes_list = []
    for i in range(0, len(bits), 8):
        byte = 0
        for j in range(8):
            byte = (byte << 1) | bits[i + j]
        bytes_list.append(byte)
    return bytes(bytes_list)


def generate_subkeys(key):
    """生成16轮子密钥"""
    # 将密钥转换为位列表
    key_bits = bytes_to_bits(key)

    # PC-1置换，从64位密钥中选出56位
    key_pc1 = permute(key_bits, PC1)

    # 分成左右两部分，各28位
    left = key_pc1[:28]
    right = key_pc1[28:]

    subkeys = []

    # 生成16轮子密钥
    for i in range(16):
        # 循环左移
        left = left_shift(left, SHIFT_SCHEDULE[i])
        right = left_shift(right, SHIFT_SCHEDULE[i])

        # 合并左右两部分
        combined = left + right

        # PC-2置换，从56位中选出48位作为子密钥
        subkey = permute(combined, PC2)
        subkeys.append(subkey)

    return subkeys


def f_function(right, subkey):
    """F函数，包括扩展置换、与子密钥异或、S盒替换和P盒置换"""
    # 扩展置换，32位扩展到48位
    expanded = permute(right, E)

    # 与子密钥异或
    xored = [expanded[i] ^ subkey[i] for i in range(48)]

    # S盒替换，48位变为32位
    sbox_output = []
    for i in range(8):
        # 每6位一组
        chunk = xored[i * 6:(i + 1) * 6]
        # 获取行和列索引
        row = (chunk[0] << 1) | chunk[5]
        col = (chunk[1] << 3) | (chunk[2] << 2) | (chunk[3] << 1) | chunk[4]

        # 从S盒中获取4位输出
        sbox_value = S_BOX[i][row][col]
        sbox_output.extend([(sbox_value >> j) & 1 for j in range(3, -1, -1)])

    # P盒置换
    return permute(sbox_output, P)


def des_encrypt_block(block, subkeys):
    """加密一个64位数据块"""
    # 初始置换
    block = permute(block, IP)

    # 分成左右两部分，各32位
    left = block[:32]
    right = block[32:]

    # 16轮Feistel网络
    for i in range(16):
        # 保存当前的右半部分
        temp = right

        # F函数处理右半部分，然后与左半部分异或
        f_result = f_function(right, subkeys[i])
        right = [left[j] ^ f_result[j] for j in range(32)]

        # 左半部分更新为原来的右半部分
        left = temp

    # 最后交换左右两部分
    combined = right + left

    # 逆初始置换
    return permute(combined, IP_INV)


def des_decrypt_block(block, subkeys):
    """解密一个64位数据块"""
    # 解密过程与加密过程类似，只是子密钥的使用顺序相反
    subkeys_reversed = subkeys[::-1]
    return des_encrypt_block(block, subkeys_reversed)


def pad_data(data):
    """PKCS5填充"""
    pad_len = 8 - (len(data) % 8)
    return data + bytes([pad_len] * pad_len)


def unpad_data(data):
    """去除PKCS5填充"""
    pad_len = data[-1]
    return data[:-pad_len]


def des_encrypt_ecb(data, key):
    """DES ECB模式加密函数"""
    # 确保密钥为8字节
    if len(key) != 8:
        raise ValueError("DES密钥必须为8字节")

    # 填充数据
    data = pad_data(data)

    # 生成子密钥
    subkeys = generate_subkeys(key)

    # 分块加密
    encrypted_blocks = []
    for i in range(0, len(data), 8):
        block = data[i:i + 8]
        block_bits = bytes_to_bits(block)
        encrypted_bits = des_encrypt_block(block_bits, subkeys)
        encrypted_blocks.append(bits_to_bytes(encrypted_bits))

    return b''.join(encrypted_blocks)


def des_decrypt_ecb(data, key):
    """DES ECB模式解密函数"""
    # 确保密钥为8字节
    if len(key) != 8:
        raise ValueError("DES密钥必须为8字节")

    # 生成子密钥
    subkeys = generate_subkeys(key)

    # 分块解密
    decrypted_blocks = []
    for i in range(0, len(data), 8):
        block = data[i:i + 8]
        block_bits = bytes_to_bits(block)
        decrypted_bits = des_decrypt_block(block_bits, subkeys)
        decrypted_blocks.append(bits_to_bytes(decrypted_bits))

    # 去除填充
    return unpad_data(b''.join(decrypted_blocks))


def des_encrypt_cbc(data, key, iv):
    """DES CBC模式加密函数"""
    # 确保密钥和IV为8字节
    if len(key) != 8:
        raise ValueError("DES密钥必须为8字节")
    if len(iv) != 8:
        raise ValueError("IV必须为8字节")

    # 填充数据
    data = pad_data(data)

    # 生成子密钥
    subkeys = generate_subkeys(key)

    # 分块加密
    encrypted_blocks = []
    previous_block = bytes_to_bits(iv)  # 使用IV作为第一个块的"前一个密文块"

    for i in range(0, len(data), 8):
        block = data[i:i + 8]
        block_bits = bytes_to_bits(block)

        # 与前一个密文块（或IV）异或
        xored_bits = [block_bits[j] ^ previous_block[j] for j in range(64)]

        # 加密
        encrypted_bits = des_encrypt_block(xored_bits, subkeys)
        encrypted_blocks.append(bits_to_bytes(encrypted_bits))
        previous_block = encrypted_bits  # 更新为当前密文块

    return b''.join(encrypted_blocks)


def des_decrypt_cbc(data, key, iv):
    """DES CBC模式解密函数"""
    # 确保密钥和IV为8字节
    if len(key) != 8:
        raise ValueError("DES密钥必须为8字节")
    if len(iv) != 8:
        raise ValueError("IV必须为8字节")

    # 生成子密钥
    subkeys = generate_subkeys(key)

    # 分块解密
    decrypted_blocks = []
    previous_block = bytes_to_bits(iv)  # 使用IV作为第一个块的"前一个密文块"

    for i in range(0, len(data), 8):
        block = data[i:i + 8]
        block_bits = bytes_to_bits(block)

        # 解密
        decrypted_bits = des_decrypt_block(block_bits, subkeys)

        # 与前一个密文块（或IV）异或
        xored_bits = [decrypted_bits[j] ^ previous_block[j] for j in range(64)]
        decrypted_blocks.append(bits_to_bytes(xored_bits))
        previous_block = block_bits  # 更新为当前密文块

    # 去除填充
    return unpad_data(b''.join(decrypted_blocks))


def generate_iv():
    """生成随机IV"""
    return os.urandom(8)


# 测试示例
if __name__ == "__main__":
    # 测试密钥和明文
    key = b"reverse0"  # 8字节密钥
    plaintext = b"re100dayzhuji"

    print("=== ECB模式测试 ===")
    print(f"原始明文: {plaintext}")
    print(f"密钥: {key}")

    # ECB模式加密
    ciphertext_ecb = des_encrypt_ecb(plaintext, key)
    print(f"ECB加密结果 (十六进制): {ciphertext_ecb.hex()}")

    # ECB模式解密
    decrypted_ecb = des_decrypt_ecb(ciphertext_ecb, key)
    print(f"ECB解密结果: {decrypted_ecb}")

    # 验证ECB加解密是否正确
    assert decrypted_ecb == plaintext, "ECB模式加解密验证失败!"
    print("ECB模式加解密验证成功!")

    print("\n=== CBC模式测试 ===")
    # 生成随机IV
    iv = generate_iv()
    print(f"原始明文: {plaintext}")
    print(f"密钥: {key}")
    print(f"IV: {iv.hex()}")

    # CBC模式加密
    ciphertext_cbc = des_encrypt_cbc(plaintext, key, iv)
    print(f"CBC加密结果 (十六进制): {ciphertext_cbc.hex()}")

    # CBC模式解密
    decrypted_cbc = des_decrypt_cbc(ciphertext_cbc, key, iv)
    print(f"CBC解密结果: {decrypted_cbc}")

    # 验证CBC加解密是否正确
    assert decrypted_cbc == plaintext, "CBC模式加解密验证失败!"
    print("CBC模式加解密验证成功!")

    # 演示相同明文在不同IV下加密结果不同
    # print("\n=== 演示CBC模式中IV的作用 ===")
    # iv1 = generate_iv()
    # iv2 = generate_iv()
    #
    # ciphertext1 = des_encrypt_cbc(plaintext, key, iv1)
    # ciphertext2 = des_encrypt_cbc(plaintext, key, iv2)
    # 
    # print(f"相同明文，不同IV:")
    # print(f"IV1: {iv1.hex()} -> 密文: {ciphertext1.hex()[:32]}...")
    # print(f"IV2: {iv2.hex()} -> 密文: {ciphertext2.hex()[:32]}...")
    # print(f"密文是否相同: {ciphertext1 == ciphertext2}")
    #
    # 演示错误的IV会导致解密失败
    # print("\n=== 演示错误IV会导致解密失败 ===")
    # wrong_iv = generate_iv()  # 错误的IV
    # try:
    #     wrong_decrypt = des_decrypt_cbc(ciphertext1, key, wrong_iv)
    #     print(f"使用错误IV解密结果: {wrong_decrypt}")
    #     由于CBC模式的特点，只有第一个块会解密错误，后续块可能部分正确
    # except Exception as e:
    #     print(f"解密错误: {e}")