参考:http://www.cnblogs.com/chnking/archive/2007/08/14/855600.html
参考:http://blog.csdn.net/change_from_now/article/details/51705934
参考:http://www.cnblogs.com/pengze0902/p/6268709.html
对称加密,是一种比较传统的加密方式,其加密运算、解密运算使用的是同样的密钥,信息的发送者和信息的接收者在进行信息的传输与处理时,必须共同持有该密码(称为对称密码)。因此,通信双方都必须获得这把钥匙,并保持钥匙的秘密。
单钥密码系统的安全性依赖于以下两个因素:
第一、加密算法必须是足够强的,仅仅基于密文本身去解密信息在实践上是不可能的。
第二、加密方法的安全性依赖于密钥的秘密性,而不是算法的秘密性,因此,我们没有必要确保算法的秘密性(事实上,现实中使用的很多单钥密码系统的算法都是公开的),但是我们一定要保证密钥的秘密性。
DES(Data Encryption Standard)和TripleDES是对称加密的两种实现。
DES和TripleDES基本算法一致,只是TripleDES算法提供的key位数更多,加密可靠性更高。
DES使用的密钥key为8字节,初始向量IV也是8字节。
TripleDES使用24字节的key,初始向量IV也是8字节。
两种算法都是以8字节为一个块进行加密,一个数据块一个数据块的加密,一个8字节的明文加密后的密文也是8字节。如果明文长度不为8字节的整数倍,添加值为0的字节凑满8字节整数倍。所以加密后的密文长度一定为8字节的整数倍。
TripleDES加密:
/// <summary>
/// TripleDES 加密
/// </summary>
/// <param name="toEncrypt"></param>
/// <param name="privateKey"></param>
/// <returns></returns>
private static string DesEncrypt(string toEncrypt, string key) {
var toEncryptArray = Encoding.UTF8.GetBytes(toEncrypt);
var keyArray = Convert.FromBase64String(key);
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider {
Key = keyArray,
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
};
ICryptoTransform cTransform = tdes.CreateEncryptor();
byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, , toEncryptArray.Length);
tdes.Clear();
return Convert.ToBase64String(resultArray, , resultArray.Length);
}
TripleDES解密:
/// <summary>
/// TripleDES解密
/// </summary>
/// <param name="toDecrypt"></param>
/// <param name="privateKey"></param>
/// <returns></returns>
public static string DesDecrypt(string toDecrypt, string key) {
try {
//先base64解密 因为加密的时候最后走了一道base64加密
var enBytes = Convert.FromBase64String(toDecrypt);
var keyArray = Convert.FromBase64String(key);
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider {
Key = keyArray,
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
};
ICryptoTransform cTransform = tdes.CreateDecryptor();
byte[] resultArray = cTransform.TransformFinalBlock(enBytes, , enBytes.Length);
tdes.Clear();
return Encoding.UTF8.GetString(resultArray);
} catch {
return "";
}
}
c#具体实现如下:
using System;
using System.Security.Cryptography;
using System.Text; namespace TripleDes
{
class Program
{
static void Main(string[] args)
{
//加密的字符串
string source = "Happy Father's Day!"; //用来加密的key 但是最终用在des加密的key
//是这个key的 md5 hash
string sourceKey = "home"; //获取原始key值的 md5 hash
byte[] keyBytes = GetKeyMd5Hash(sourceKey); string encryptedStr = DesEncrypt(source, keyBytes);
Console.WriteLine("encrypted string: "+ encryptedStr); string decryptedStr = DesDecrypt(encryptedStr, keyBytes);
Console.WriteLine("Decrypted String: " + decryptedStr);
Console.ReadKey();
} /// <summary>
/// 获取加密key的 md5 hash,最终DES加密的时候使用这个hash值
/// </summary>
/// <param name="key">原始key值</param>
/// <returns></returns>
public static byte[] GetKeyMd5Hash(string key)
{
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
byte[] keyBytes = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key));
hashmd5.Clear(); return keyBytes;
} /// <summary>
/// TripleDES 加密
/// </summary>
/// <param name="toEncrypt"></param>
/// <param name="privateKey"></param>
/// <returns></returns>
public static string DesEncrypt(string toEncrypt, byte[] privateKey)
{
byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt); TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider
{
Key = privateKey,
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
}; ICryptoTransform cTransform = tdes.CreateEncryptor();
byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, , toEncryptArray.Length);
tdes.Clear(); return Convert.ToBase64String(resultArray, , resultArray.Length);
} /// <summary>
/// TripleDES解密
/// </summary>
/// <param name="toDecrypt"></param>
/// <param name="privateKey"></param>
/// <returns></returns>
public static string DesDecrypt(string toDecrypt, byte[] privateKey)
{
//先base64解密 因为加密的时候最后走了一道base64加密
byte[] enBytes = Convert.FromBase64String(toDecrypt); TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider
{
Key = privateKey,
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
}; ICryptoTransform cTransform = tdes.CreateDecryptor();
byte[] resultArray = cTransform.TransformFinalBlock(enBytes, , enBytes.Length);
tdes.Clear(); return Encoding.UTF8.GetString(resultArray); }
}
}
PHP实现如下:
<?php /*
TripleDES加密
*/
function DesEncrypt($data)
{
//Pad for PKCS7
$blockSize = mcrypt_get_block_size('tripledes', 'ecb');
$len = strlen($data);
$pad = $blockSize - ($len % $blockSize);
$data .= str_repeat(chr($pad), $pad); $key = "home";
$key = md5($key,TRUE);
$key .= substr($key,,); //comment this if you use 168 bits long key //Encrypt data
$encData = mcrypt_encrypt('tripledes', $key, $data, 'ecb');
return base64_encode($encData);
} /*
TripleDES解密
*/
function DesDecrypt($data)
{
$key = "home";
$key = md5($key, TRUE);
$key .= substr($key, , ); //Decrypt data
$fromBase64Str = base64_decode($data);
$decData = mcrypt_decrypt('tripledes', $key, $fromBase64Str, 'ecb'); return $decData;
} /*
测试
*/
$encryptStr = DesEncrypt("Happy Father's Day!");
echo "encrypted string: $encryptStr</br>";
$decryptStr = DesDecrypt($encryptStr);
echo "decrypted string: $decryptStr";
?>
js加密:
function desEncrypt(str, key){
key = CryptoJS.enc.Base64.parse(key);
// Triple DES 加密
var encrypted = CryptoJS.TripleDES.encrypt(str, key, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
});
// 转换为字符串
return encrypted = encrypted.toString();
}