最近 一個項目.net 要調用JAVA的WEB SERVICE,數據採用3DES加密,涉及到兩種語言3DES一致性的問題, 下面分享一下, 這裏的KEY採用Base64編碼,便用分發,因爲Java的Byte範圍爲-128至127,c#的Byte範圍是0-255 核心是確定Mode和Padding,關於這兩個的意思可以搜索3DES算法相關文章 一個是C#採用CBC Mode,PKCS7 Padding,Java採用CBC Mode,PKCS5Padding Padding, 另一個是C#採用ECB Mode,PKCS7 Padding,Java採用ECB Mode,PKCS5Padding Padding, Java的ECB模式不需要IV 對字符加密時,雙方採用的都是UTF-8編碼
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.IO;
using System.Security.Cryptography;
/// <summary>
/// DES3加密解密
/// </summary>
public class Des3
{
#region CBC模式**
/// <summary>
/// DES3 CBC模式加密
/// </summary>
/// <param name="key">密鑰</param>
/// <param name="iv">IV</param>
/// <param name="data">明文的byte數組</param>
/// <returns>密文的byte數組</returns>
public static byte[] Des3EncodeCBC(byte[] key, byte[] iv, byte[] data)
{
//複製於MSDN
try
{
// Create a MemoryStream.
MemoryStream mStream = new MemoryStream();
TripleDESCryptoServiceProvider tdsp = new TripleDESCryptoServiceProvider();
tdsp.Mode = CipherMode.CBC; //默認值
tdsp.Padding = PaddingMode.PKCS7; //默認值
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream cStream = new CryptoStream(mStream,
tdsp.CreateEncryptor(key, iv),
CryptoStreamMode.Write);
// Write the byte array to the crypto stream and flush it.
cStream.Write(data, 0, data.Length);
cStream.FlushFinalBlock();
// Get an array of bytes from the
// MemoryStream that holds the
// encrypted data.
byte[] ret = mStream.ToArray();
// Close the streams.
cStream.Close();
mStream.Close();
// Return the encrypted buffer.
return ret;
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
/// <summary>
/// DES3 CBC模式解密
/// </summary>
/// <param name="key">密鑰</param>
/// <param name="iv">IV</param>
/// <param name="data">密文的byte數組</param>
/// <returns>明文的byte數組</returns>
public static byte[] Des3DecodeCBC(byte[] key, byte[] iv, byte[] data)
{
try
{
// Create a new MemoryStream using the passed
// array of encrypted data.
MemoryStream msDecrypt = new MemoryStream(data);
TripleDESCryptoServiceProvider tdsp = new TripleDESCryptoServiceProvider();
tdsp.Mode = CipherMode.CBC;
tdsp.Padding = PaddingMode.PKCS7;
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream csDecrypt = new CryptoStream(msDecrypt,
tdsp.CreateDecryptor(key, iv),
CryptoStreamMode.Read);
// Create buffer to hold the decrypted data.
byte[] fromEncrypt = new byte[data.Length];
// Read the decrypted data out of the crypto stream
// and place it into the temporary buffer.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the buffer into a string and return it.
return fromEncrypt;
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
#endregion
#region ECB模式
/// <summary>
/// DES3 ECB模式加密
/// </summary>
/// <param name="key">密鑰</param>
/// <param name="iv">IV(當模式爲ECB時,IV無用)</param>
/// <param name="str">明文的byte數組</param>
/// <returns>密文的byte數組</returns>
public static byte[] Des3EncodeECB(byte[] key, byte[] iv, byte[] data)
{
try
{
// Create a MemoryStream.
MemoryStream mStream = new MemoryStream();
TripleDESCryptoServiceProvider tdsp = new TripleDESCryptoServiceProvider();
tdsp.Mode = CipherMode.ECB;
tdsp.Padding = PaddingMode.PKCS7;
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream cStream = new CryptoStream(mStream,
tdsp.CreateEncryptor(key, iv),
CryptoStreamMode.Write);
// Write the byte array to the crypto stream and flush it.
cStream.Write(data, 0, data.Length);
cStream.FlushFinalBlock();
// Get an array of bytes from the
// MemoryStream that holds the
// encrypted data.
byte[] ret = mStream.ToArray();
// Close the streams.
cStream.Close();
mStream.Close();
// Return the encrypted buffer.
return ret;
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
/// <summary>
/// DES3 ECB模式解密
/// </summary>
/// <param name="key">密鑰</param>
/// <param name="iv">IV(當模式爲ECB時,IV無用)</param>
/// <param name="str">密文的byte數組</param>
/// <returns>明文的byte數組</returns>
public static byte[] Des3DecodeECB(byte[] key, byte[] iv, byte[] data)
{
try
{
// Create a new MemoryStream using the passed
// array of encrypted data.
MemoryStream msDecrypt = new MemoryStream(data);
TripleDESCryptoServiceProvider tdsp = new TripleDESCryptoServiceProvider();
tdsp.Mode = CipherMode.ECB;
tdsp.Padding = PaddingMode.PKCS7;
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream csDecrypt = new CryptoStream(msDecrypt,
tdsp.CreateDecryptor(key, iv),
CryptoStreamMode.Read);
// Create buffer to hold the decrypted data.
byte[] fromEncrypt = new byte[data.Length];
// Read the decrypted data out of the crypto stream
// and place it into the temporary buffer.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the buffer into a string and return it.
return fromEncrypt;
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
#endregion
/// <summary>
/// 類測試
/// </summary>
public static void Test()
{
System.Text.Encoding utf8 = System.Text.Encoding.UTF8;
//key爲abcdefghijklmnopqrstuvwx的Base64編碼
byte[] key = Convert.FromBase64String("YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4");
byte[] iv = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; //當模式爲ECB時,IV無用
byte[] data = utf8.GetBytes("中國ABCabc123");
System.Console.WriteLine("ECB模式:");
byte[] str1 = Des3.Des3EncodeECB(key, iv, data);
byte[] str2 = Des3.Des3DecodeECB(key, iv, str1);
System.Console.WriteLine(Convert.ToBase64String(str1));
System.Console.WriteLine(System.Text.Encoding.UTF8.GetString(str2));
System.Console.WriteLine();
System.Console.WriteLine("CBC模式:");
byte[] str3 = Des3.Des3EncodeCBC(key, iv, data);
byte[] str4 = Des3.Des3DecodeCBC(key, iv, str3);
System.Console.WriteLine(Convert.ToBase64String(str3));
System.Console.WriteLine(utf8.GetString(str4));
System.Console.WriteLine();
}
}
接着是Java代碼
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class Des3 {
public static void main(String[] args) throws Exception {
byte[] key=new BASE64Decoder().decodeBuffer("YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4");
byte[] keyiv = { 1, 2, 3, 4, 5, 6, 7, 8 };
byte[] data="中國ABCabc123".getBytes("UTF-8");
System.out.println("ECB加密解密");
byte[] str3 = des3EncodeECB(key,data );
byte[] str4 = ees3DecodeECB(key, str3);
System.out.println(new BASE64Encoder().encode(str3));
System.out.println(new String(str4, "UTF-8"));
System.out.println();
System.out.println("CBC加密解密");
byte[] str5 = des3EncodeCBC(key, keyiv, data);
byte[] str6 = des3DecodeCBC(key, keyiv, str5);
System.out.println(new BASE64Encoder().encode(str5));
System.out.println(new String(str6, "UTF-8"));
}
/**
* ECB加密,不要IV
* @param key 密鑰
* @param data 明文
* @return Base64編碼的密文
* @throws Exception
*/
public static byte[] des3EncodeECB(byte[] key, byte[] data)
throws Exception {
Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(key);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec);
Cipher cipher = Cipher.getInstance("desede" + "/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, deskey);
byte[] bOut = cipher.doFinal(data);
return bOut;
}
/**
* ECB解密,不要IV
* @param key 密鑰
* @param data Base64編碼的密文
* @return 明文
* @throws Exception
*/
public static byte[] ees3DecodeECB(byte[] key, byte[] data)
throws Exception {
Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(key);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec);
Cipher cipher = Cipher.getInstance("desede" + "/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, deskey);
byte[] bOut = cipher.doFinal(data);
return bOut;
}
/**
* CBC加密
* @param key 密鑰
* @param keyiv IV
* @param data 明文
* @return Base64編碼的密文
* @throws Exception
*/
public static byte[] des3EncodeCBC(byte[] key, byte[] keyiv, byte[] data)
throws Exception {
Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(key);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec);
Cipher cipher = Cipher.getInstance("desede" + "/CBC/PKCS5Padding");
IvParameterSpec ips = new IvParameterSpec(keyiv);
cipher.init(Cipher.ENCRYPT_MODE, deskey, ips);
byte[] bOut = cipher.doFinal(data);
return bOut;
}
/**
* CBC解密
* @param key 密鑰
* @param keyiv IV
* @param data Base64編碼的密文
* @return 明文
* @throws Exception
*/
public static byte[] des3DecodeCBC(byte[] key, byte[] keyiv, byte[] data)
throws Exception {
Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(key);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec);
Cipher cipher = Cipher.getInstance("desede" + "/CBC/PKCS5Padding");
IvParameterSpec ips = new IvParameterSpec(keyiv);
cipher.init(Cipher.DECRYPT_MODE, deskey, ips);
byte[] bOut = cipher.doFinal(data);
return bOut;
}
ECB模式:
rmWB4+r9Ug93WI0KAEuMig==
中國ABCabc123
CBC模式:
4aabWF8UFour/vNfnzJrjw==
中國ABCabc123
特別注意:
1當 key 是中文的時候
byte[] key = Convert.FromBase64String( "我是中國人" ); 執行會報錯,只支持英文或者數字
2.當key的長度不是24時候回報錯 :"指定鍵的大小對於此算法無效"
解決辦法如下:
var miyaoBytes = System.Text.Encoding.UTF8.GetBytes("我是中國人");
var key = new byte[24];
for (int i = 0; (i < miyaoBytes.Length) && i<24; i++)
{
key[i] = miyaoBytes[i];
}
var iv = new byte[] { 1,2,3,4,5,6,7,8};
var data= System.Text.Encoding.UTF8.GetBytes("加密前的數據");
var ll = Des3.Des3EncodeECB(key, iv, data);
var res = Convert.ToBase64String(ll);
var te= Des3.Des3DecodeECB(key, iv, ll);
MessageBox.Show(System.Text.Encoding.UTF8.GetString(te));
如果對加密後得到的 byte數組 進行 var res = Convert.ToBase64String(ll); 是不能夠直接調用解密方法進行解密的負責會報錯。
轉換後必須 調用 byteToHexStr(); 把byte數組轉化爲 16進制字符串
var bytes = Des3.Des3EncodeECB(key, iv, data);
var jiamiHou = byteToHexStr(bytes);
然後進行解密,同樣解密前先轉化爲 16進制數組然後再進行解密:
var bytes = strToToHexByte(jiamiHou);
Des3.Des3DecodeECB(key, iv, ll);
/// <summary>
/// 字符串轉16進制字節數組
/// </summary>
/// <param name="hexString"></param>
/// <returns></returns>
private static byte[] strToToHexByte(string hexString)
{
hexString = hexString.Replace(" ", "");
if ((hexString.Length % 2) != 0)
hexString += " ";
byte[] returnBytes = new byte[hexString.Length / 2];
for (int i = 0; i < returnBytes.Length; i++)
returnBytes[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16);
return returnBytes;
}
/// <summary>
/// 字節數組轉16進制字符串
/// </summary>
/// <param name="bytes"></param>
/// <returns></returns>
public static string byteToHexStr(byte[] bytes)
{
string returnStr = "";
if (bytes != null)
{
for (int i = 0; i < bytes.Length; i++)
{
returnStr += bytes[i].ToString("X2");
}
}
return returnStr;
}
原文地址:http://www.cnblogs.com/liluping860122/p/4026015.html