近 一个项目.net 要调用JAVA的WEB SERVICE,数据采用3DES加密,涉及到两种语言3DES一致性的问题,
下面分享一下,
这里的KEY采用Base64编码,便用分发,因为Java的Byte范围为-128至127,c#的Byte范围是0-255
核心是确定Mode和Padding,关于这两个的意思可以搜索3DES算法相关文章
一个是 C#采用 CBC Mode,PKCS7 Padding,Java采用CBC Mode,PKCS5Padding Padding,
另一个是C#采用ECB Mode,PKCS7 Padding,Java采用ECB Mode,PKCS5Padding Padding,
注意:Java的ECB模式不需要IV
对字符加密时,双方采用的都是UTF-8编码
下面是C#代码
Des3Encrypt加密解密#region Des3Encrypt加密解密
/// <summary>Des3Encrypt加密解密
///
/// </summary>
public class Des3Encrypt
{
#region 一点小注释
//注意,如果是在C#端自己加密,自己解密的时候,会发现一个补\0的问题,例如 原文是 abcde ,加密之后,再解密变成了 abcde\0\0\0
//
//这里的\0的次数,是看你的原文和8相差多少,如果不够8位就补几次。原文是abcde是5位,则会自动补齐\0 要补3次
//
//如果是c#端加密,发给java解密,则不会有问题,不会存在\0的问题
//
//如果是java端加密,发给c#解密,则还是会在结尾自动补\0
//我们需要人为的replace替换掉\0
#endregion
#region CBC模式加密解密
/// <summary>DES3 CBC模式加密
///
/// </summary>
/// <param name="key">密钥</param>
/// <param name="iv">IV</param>
/// <param name="data">明文的byte数组</param>
/// <returns>密文的byte数组</returns>
public static byte[] Des3EncodeCBC(byte[] key, byte[] iv, byte[] data)
{
//复制于MSDN
try
{
// Create a MemoryStream.
MemoryStream mStream = new MemoryStream();
TripleDESCryptoServiceProvider tdsp = new TripleDESCryptoServiceProvider();
tdsp.Mode = CipherMode.CBC; //默认值
tdsp.Padding = PaddingMode.PKCS7; //默认值
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream cStream = new CryptoStream(mStream,
tdsp.CreateEncryptor(key, iv),
CryptoStreamMode.Write);
// Write the byte array to the crypto stream and flush it.
cStream.Write(data, 0, data.Length);
cStream.FlushFinalBlock();
// Get an array of bytes from the
// MemoryStream that holds the
// encrypted data.
byte[] ret = mStream.ToArray();
// Close the streams.
cStream.Close();
mStream.Close();
// Return the encrypted buffer.
return ret;
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
/// <summary>
/// DES3 CBC模式解密
/// </summary>
/// <param name="key">密钥</param>
/// <param name="iv">IV</param>
/// <param name="data">密文的byte数组</param>
/// <returns>明文的byte数组</returns>
public static byte[] Des3DecodeCBC(byte[] key, byte[] iv, byte[] data)
{
try
{
// Create a new MemoryStream using the passed
// array of encrypted data.
MemoryStream msDecrypt = new MemoryStream(data);
TripleDESCryptoServiceProvider tdsp = new TripleDESCryptoServiceProvider();
tdsp.Mode = CipherMode.CBC;
tdsp.Padding = PaddingMode.PKCS7;
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream csDecrypt = new CryptoStream(msDecrypt,
tdsp.CreateDecryptor(key, iv),
CryptoStreamMode.Read);
// Create buffer to hold the decrypted data.
byte[] fromEncrypt = new byte[data.Length];
// Read the decrypted data out of the crypto stream
// and place it into the temporary buffer.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the buffer into a string and return it.
return fromEncrypt;
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
#endregion
#region ECB模式加密解密
/// <summary>
/// DES3 ECB模式加密(不需要IV,可以传null)
/// </summary>
/// <param name="key">密钥</param>
/// <param name="iv">IV(当模式为ECB时,IV无用)</param>
/// <param name="str">明文的byte数组</param>
/// <returns>密文的byte数组</returns>
public static byte[] Des3EncodeECB(byte[] key, byte[] iv, byte[] data)
{
try
{
// Create a MemoryStream.
MemoryStream mStream = new MemoryStream();
TripleDESCryptoServiceProvider tdsp = new TripleDESCryptoServiceProvider();
tdsp.Mode = CipherMode.ECB;
tdsp.Padding = PaddingMode.PKCS7;
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream cStream = new CryptoStream(mStream,
tdsp.CreateEncryptor(key, iv),
CryptoStreamMode.Write);
// Write the byte array to the crypto stream and flush it.
cStream.Write(data, 0, data.Length);
cStream.FlushFinalBlock();
// Get an array of bytes from the
// MemoryStream that holds the
// encrypted data.
byte[] ret = mStream.ToArray();
// Close the streams.
cStream.Close();
mStream.Close();
// Return the encrypted buffer.
return ret;
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
/// <summary>
/// DES3 ECB模式解密
/// </summary>
/// <param name="key">密钥</param>
/// <param name="iv">IV(当模式为ECB时,IV无用)</param>
/// <param name="str">密文的byte数组</param>
/// <returns>明文的byte数组</returns>
public static byte[] Des3DecodeECB(byte[] key, byte[] iv, byte[] data)
{
try
{
// Create a new MemoryStream using the passed
// array of encrypted data.
MemoryStream msDecrypt = new MemoryStream(data);
TripleDESCryptoServiceProvider tdsp = new TripleDESCryptoServiceProvider();
tdsp.Mode = CipherMode.ECB;
tdsp.Padding = PaddingMode.PKCS7;
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
CryptoStream csDecrypt = new CryptoStream(msDecrypt,
tdsp.CreateDecryptor(key, iv),
CryptoStreamMode.Read);
// Create buffer to hold the decrypted data.
byte[] fromEncrypt = new byte[data.Length];
// Read the decrypted data out of the crypto stream
// and place it into the temporary buffer.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the buffer into a string and return it.
return fromEncrypt;
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
#endregion
#region ECB模式加密(key已经设置好)
/// <summary>ECB模式加密(key已经设置好)
///
/// </summary>
/// <param name="old">输入需要加密的字符</param>
/// <returns></returns>
public static string EncodeECB(string old)
{
string keyWord = "youjiao2013_fromc#tojava";
return EncodeECB(old, keyWord);
}
#endregion
#region 自己设置KeyWord,注意key必须是24位的,不然java那边加密会显示长度不够
public static string EncodeECB(string old, string keyWord)
{
Encoding utf8 = Encoding.UTF8;
byte[] key = utf8.GetBytes(keyWord); //加密的密钥
//---- 加密
string str1 = old; //准备要加密的原文
byte[] byte1 = utf8.GetBytes(str1); //获得原文的字节
byte[] byte2 = Des3EncodeECB(key, null, byte1); //已经加密过的字节
string str2 = Convert.ToBase64String(byte2); //将字节转换为 Base64位的编码
return str2;
}
#endregion
#region ECB模式解密(key已经设置好)
public static string DecodeECB(string old)
{
string keyWord = "youjiao2013_fromc#tojava";
return DecodeECB(old, keyWord);
}
#endregion
#region ECB模式解密(自己设置KeyWord,注意key必须是24位的,不然java那边加密会显示长度不够)
public static string DecodeECB(string old, string keyWord)
{
Encoding utf8 = Encoding.UTF8;
byte[] key = utf8.GetBytes(keyWord); //加密的密钥
string strJiaMi = old; //需要解密的的密码
byte[] alreadyEnCodeByte = Convert.FromBase64String(strJiaMi); //从Base64位转换为字节
byte[] toDecodeByte = Des3.Des3DecodeECB(key, null, alreadyEnCodeByte); //解密
//将解密后的字节,转换成string字符串
//(注意,如果解密出来的字符串的长度不是8的倍数,则会自动在后面补\0多次,例如解密出来是abcde,长度为5,则会变成 abc\0\0\0\0\0 加多3次)
string strShow = Encoding.Default.GetString(toDecodeByte);
strShow = strShow.Replace("\0", "");
return strShow;
}
#endregion
#region 测试
public static void MyTest()
{
Encoding utf8 = Encoding.UTF8;
byte[] key = Encoding.Default.GetBytes("youjiao2013_fromc#tojava");
//---- 加密
string str1 = "abc"; //准备要加密的原文
byte[] byte1 = utf8.GetBytes(str1); //获得原文的字节
byte[] byte2 = Des3EncodeECB(key, null, byte1); //已经加密过的字节
string str2 = Convert.ToBase64String(byte2); //将字节转换为 Base64位的编码
Console.WriteLine(str2); //Pv8WLS7RSYRD8ushCAH/Zg==
//--- 解密
string strJiaMi = "0TvZFgRLf5s="; //需要解密的的密码
byte[] alreadyEnCodeByte = Convert.FromBase64String(strJiaMi); //从Base64位转换为字节
byte[] toDecodeByte = Des3DecodeECB(key, null, alreadyEnCodeByte); //解密
//将解密后的字节,转换成string字符串
//(注意,如果解密出来的字符串的长度不是8的倍数,则会自动在后面补\0多次,例如解密出来是abcde,长度为5,则会变成 abc\0\0\0\0\0 加多3次)
string strShow = Encoding.Default.GetString(toDecodeByte);
strShow = strShow.Replace("\0", "");
Console.WriteLine(strShow);
Console.ReadKey();
}
/// <summary>类测试
///
/// </summary>
private static void Test()
{
Encoding utf8 = Encoding.UTF8;
//key为abcdefghijklmnopqrstuvwx的Base64编码
byte[] key = Convert.FromBase64String("YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4");
byte[] iv = new byte[] {1, 2, 3, 4, 5, 6, 7, 8}; //当模式为ECB时,IV无用
byte[] data = utf8.GetBytes("中国ABCabc123");
Console.WriteLine("ECB模式:");
byte[] str1 = Des3EncodeECB(key, iv, data);
byte[] str2 = Des3DecodeECB(key, iv, str1);
Console.WriteLine(Convert.ToBase64String(str1));
Console.WriteLine(Encoding.UTF8.GetString(str2));
Console.WriteLine();
Console.WriteLine("CBC模式:");
byte[] str3 = Des3EncodeCBC(key, iv, data);
byte[] str4 = Des3DecodeCBC(key, iv, str3);
Console.WriteLine(Convert.ToBase64String(str3));
Console.WriteLine(utf8.GetString(str4));
Console.WriteLine();
}
#endregion
}
#endregion
下面是java代码
Des3Encrypt加密解密import java.security.Key; import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec; import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder; public class Des3 {
public static void main(String[] args) throws Exception { byte[] key=new BASE64Decoder().decodeBuffer("YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4");
byte[] keyiv = { 1, 2, 3, 4, 5, 6, 7, 8 }; byte[] data="中国ABCabc123".getBytes("UTF-8"); System.out.println("ECB加密解密");
byte[] str3 = des3EncodeECB(key,data );
byte[] str4 = ees3DecodeECB(key, str3);
System.out.println(new BASE64Encoder().encode(str3));
System.out.println(new String(str4, "UTF-8")); System.out.println(); System.out.println("CBC加密解密");
byte[] str5 = des3EncodeCBC(key, keyiv, data);
byte[] str6 = des3DecodeCBC(key, keyiv, str5);
System.out.println(new BASE64Encoder().encode(str5));
System.out.println(new String(str6, "UTF-8")); } /**
* ECB加密,不要IV
* @param key 密钥
* @param data 明文
* @return Base64编码的密文
* @throws Exception
*/
public static byte[] des3EncodeECB(byte[] key, byte[] data)
throws Exception { Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(key);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec); Cipher cipher = Cipher.getInstance("desede" + "/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, deskey);
byte[] bOut = cipher.doFinal(data); return bOut;
} /**
* ECB解密,不要IV
* @param key 密钥
* @param data Base64编码的密文
* @return 明文
* @throws Exception
*/
public static byte[] ees3DecodeECB(byte[] key, byte[] data)
throws Exception { Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(key);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec); Cipher cipher = Cipher.getInstance("desede" + "/ECB/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, deskey); byte[] bOut = cipher.doFinal(data); return bOut; } /**
* CBC加密
* @param key 密钥
* @param keyiv IV
* @param data 明文
* @return Base64编码的密文
* @throws Exception
*/
public static byte[] des3EncodeCBC(byte[] key, byte[] keyiv, byte[] data)
throws Exception { Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(key);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec); Cipher cipher = Cipher.getInstance("desede" + "/CBC/PKCS5Padding");
IvParameterSpec ips = new IvParameterSpec(keyiv);
cipher.init(Cipher.ENCRYPT_MODE, deskey, ips);
byte[] bOut = cipher.doFinal(data); return bOut;
} /**
* CBC解密
* @param key 密钥
* @param keyiv IV
* @param data Base64编码的密文
* @return 明文
* @throws Exception
*/
public static byte[] des3DecodeCBC(byte[] key, byte[] keyiv, byte[] data)
throws Exception { Key deskey = null;
DESedeKeySpec spec = new DESedeKeySpec(key);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
deskey = keyfactory.generateSecret(spec); Cipher cipher = Cipher.getInstance("desede" + "/CBC/PKCS5Padding");
IvParameterSpec ips = new IvParameterSpec(keyiv); cipher.init(Cipher.DECRYPT_MODE, deskey, ips); byte[] bOut = cipher.doFinal(data); return bOut; } }