使用示例
String str = "hello world";
int key[] = {-123,-456,789,123,456,7890,456,456};
int noc[] = {-123,-456,789,123};
byte[] encryptData = Chacha20.crytpoCounter32(str.getBytes(),key,noc);
byte[] decryptData = Chacha20.crytpoCounter32(encryptData,key,noc);
String str2 = new String(decryptData);
boolean equal = str.equals(str2);具体代码
package com.zxs.zl;
/*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
public class Chacha20 {
/*
* ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and
* nonce and writes the result to |out|, which may be equal to |inp|.
* The |key| is not 32 bytes of verbatim key material though, but the
* said material collected into 8 32-bit elements array in host byte
* order. Same approach applies to nonce: the |counter| argument is
* pointer to concatenated nonce and counter values collected into 4
* 32-bit elements. This, passing crypto material collected into 32-bit
* elements as opposite to passing verbatim byte vectors, is chosen for
* efficiency in multi-call scenarios.
*/
/**
* function same ,encrypt and decrypt
* @param inp source data (encrypt data or decrypt data)
* @param key int[8] array
* @param counter int[4] array
* @return decrypt data or encrypt data ; see inp param.
*/
public static byte[] crytpoCounter32(byte[] inp, int[] key,int[] counter)
{
byte[] out = new byte[inp.length];
int[] input = new int[16];
byte[] buf = new byte[64];
int todo, i;
/* sigma constant "expand 32-byte k" in little-endian encoding */
input[0] = ((int)'e') | ((int)'x'<<8) | ((int)'p'<<16) | ((int)'a'<<24);
input[1] = ((int)'n') | ((int)'d'<<8) | ((int)' '<<16) | ((int)'3'<<24);
input[2] = ((int)'2') | ((int)'-'<<8) | ((int)'b'<<16) | ((int)'y'<<24);
input[3] = ((int)'t') | ((int)'e'<<8) | ((int)' '<<16) | ((int)'k'<<24);
input[4] = key[0];
input[5] = key[1];
input[6] = key[2];
input[7] = key[3];
input[8] = key[4];
input[9] = key[5];
input[10] = key[6];
input[11] = key[7];
input[12] = counter[0];
input[13] = counter[1];
input[14] = counter[2];
input[15] = counter[3];
int len = inp.length;
int offset = 0;
while (len > 0) {
todo = 64;// equal to buf.length;
if (len < todo)
todo = len;
chacha20_core(buf, input);
for (i = 0; i < todo; i++){
out[i+offset] = (byte) (inp[i+offset] ^ buf[i]);
}
offset += todo;
len -= todo;
/*
* Advance 32-bit counter. Note that as subroutine is so to
* say nonce-agnostic, this limited counter width doesn't
* prevent caller from implementing wider counter. It would
* simply take two calls split on counter overflow...
*/
input[12]++;
}
return out;
}
/* chacha_core performs 20 rounds of ChaCha on the input words in
* |input| and writes the 64 output bytes to |output|. */
private static void chacha20_core(byte[] output, int[] input)
{
//output byte[64]
long[] x = new long[16];
for (int i = 0 ; i < 16 ;i++){
x[i] = (input[i] & 0xFFFFFFFFL );
}
for (int i = 20; i > 0; i -= 2) {
QUARTERROUND(x,0, 4, 8, 12);
QUARTERROUND(x,1, 5, 9, 13);
QUARTERROUND(x,2, 6, 10, 14);
QUARTERROUND(x,3, 7, 11, 15);
QUARTERROUND(x,0, 5, 10, 15);
QUARTERROUND(x,1, 6, 11, 12);
QUARTERROUND(x,2, 7, 8, 13);
QUARTERROUND(x,3, 4, 9, 14);
}
for (int i = 0; i < 16; ++i) {
long v = (x[i] + input[i]) & 0xFFFFFFFFL;
output[i<<2] = (byte) (v & 0xFF);
output[(i<<2) + 1] = (byte) ((v>>8) & 0xFF);
output[(i<<2) + 2] = (byte) ((v>>16) & 0xFF);
output[(i<<2) + 3] = (byte) ((v>>24) & 0xFF);
}
}
/* QUARTERROUND updates a, b, c, d with a ChaCha "quarter" round. */
private static void QUARTERROUND(long[]x, int a,int b,int c,int d){
x[a] = (x[a] + x[b]) & 0xFFFFFFFFL;
x[d] = ROTATE((x[d] ^ x[a]),16) & 0xFFFFFFFFL;
x[c] = (x[c] + x[d]) & 0xFFFFFFFFL;
x[b] = ROTATE((x[b] ^ x[c]),12) & 0xFFFFFFFFL;
x[a] = (x[a] + x[b]) & 0xFFFFFFFFL;
x[d] = ROTATE((x[d] ^ x[a]), 8) & 0xFFFFFFFFL;
x[c] = (x[c] + x[d]) & 0xFFFFFFFFL;
x[b] = ROTATE((x[b] ^ x[c]), 7) & 0xFFFFFFFFL;
}
private static long ROTATE(long v,int n)
{
v = v & 0xFFFFFFFFL;
return (((v) << (n)) | ((v) >> (32 - (n))));
}
}