flutter 加密安全

2401_86640758

于 2024-09-07 07:11:30 发布

阅读量635

点赞数 25

文章标签： flutter 安全 java

本文链接：https://blog.csdn.net/2401_86640758/article/details/141980709

版权

  }
} else {
  for (int i = base64Parts.length - 1; i >= 0; i--) {
    res = res + base64Parts[i];
  }
}
str = '';
lastPosition = count = step = -1;
return res;
}

String _stepTwo(String data) {
String res = “”;
String _strHex = _strToHex(data);
String _code = _inverse(_strHex);
final key = encrypt.Key.fromUtf8(_generateMd5(gameId + chatSign));
final iv = encrypt.IV.fromUtf8(_ivStepTwo().substring(14, 30));
final encrypter =
encrypt.Encrypter(encrypt.AES(key, mode: encrypt.AESMode.cbc));
final encrypted = encrypter.encrypt(_code, iv: iv);
res = encrypted.base64;
int maxLength = res.length;
int indexSub = 0;
int insertPos = 0;
String insertStr = '';
for (int i = 1; i < _gameIdSort.length; i++) {
  indexSub = _gameIdSort[i] + 1;
  insertPos = _magic(indexSub + i) + i * 11 + i - 1;
  // insertStr = chatSign.substring(1,indexSub);
  insertStr = chatSign[indexSub];
  //前面插入
  if (insertPos > res.length) {
    insertPos = maxLength;
  }
  res =
      '${res.substring(0, insertPos)}$insertStr${res.substring(insertPos)}';
}
_strHex = _code = '';
return res;
}

String _stepThree(String str) {
return str;
}

String _inverse(String tag) {
String res = ‘’;
List searchKeywords =
List.generate(tag.length, (index) => tag[index]);
Iterable array = searchKeywords.reversed;
for (var e in array) {
res = ‘ $res$ e’;
}
return res;
}

String _ivStepOne() {
String res = ‘’;
String map = _generateMd5(chatSign) + _generateMd5(nickName);
int index = _gameIdSort[_gameIdSort.length - 2];
while (res.length < 50) {
res += map[index];
index++;
}
index = 0;
return res;
}

String _ivStepTwo() {
String res = ‘’;
String map = _generateMd5(_inverse(chatSign)) + _generateMd5(chatSign);
int index = _gameIdSort[_gameIdSort.length - 1];
while (res.length < 50) {
res += map[index];
index++;
}
index = 0;
return _inverse(res);
}

/// 字符串转十六进制
String _strToHex(String str) {
List charCodes = str.runes.toList();
return charCodes.map((code) => code.toRadixString(16)).join(‘’);
}

/// 字符串转 base64
String _encodeBase64(String data) {
return base64Encode(utf8.encode(data));
}

/// base64转普通字符
String _decodeBase64(String data) {
return String.fromCharCodes(base64Decode(data));
}

String _generateMd5(String str) {
return md5.convert(utf8.encode(str)).toString();
}

int _magic(int num) {
if (num < 3) {
return 1;
} else {
return _magic(num - 1) + _magic(num - 2);
}
}
}
**调用的地方：**
MatchRequestData data = MatchRequestData (
gameId: userArray[i][‘gameID’],
chatSign: userArray[i][‘chatSign’],
nickName: userArray[i][‘nickName’],
);

//需要传递给后台的内容
Map datum = {
‘inTrust’: ‘TRUE’,
‘time’: DateTime.now().millisecondsSinceEpoch,
‘GameID’: userArray[i][‘gameID’],
‘nickName’: userArray[i][‘nickName’],
‘MachineCode’:
md5.convert(utf8.encode(userArray[i][‘gameID’])).toString(),
‘sign’: md5
.convert(
utf8.encode(userArray[i][‘gameID’] + userArray[i][‘chatSign’]))
.toString(),
};

String res = data.generateCode(jsonEncode(datum));

服务端的数据解密：

服务端为 .net 框架：

对应于加密算法写的解密算法：

using System;
using System.Collections.Generic;
using System.Security.Cryptography;
using System.Text;

namespace ToMatch
{
    public class MatchEncrypt
    {
        private string gameID;
        private string chatSign;
        private string nickName;
        private List<int> idSort;

        /// <summary>
        /// 匹配构造函数
        /// </summary>
        /// <param name="gameId">GameID</param>
        /// <param name="chatSign">签名</param>
        /// <param name="nickName">昵称</param>
        public MatchEncrypt(string gameId, string chatSign, string nickName) {
            this.gameID = gameId;
            this.chatSign = chatSign;
            this.nickName = nickName;

            this.idSort = new List<int>();
            string idStr = int.Parse(this.gameID).ToString();
            for (int i = 0; i < idStr.Length; i++)
            {
                this.idSort.Add((int)Char.GetNumericValue(idStr[i]));
            }
            this.idSort.Sort();
        }




        private String IvStepOne {
            get {
                String res = "";
                String map = Md5Hash(chatSign) + Md5Hash(nickName);
                int index = idSort[idSort.Count - 2];
                while (res.Length < 50)
                {
                    res += map[index];
                    index++;
                }
                return res;
            }
        }

        private String IvStepTwo
        {
            get
            {
                String res = "";
                String map = Md5Hash(AESHelper.Inverse(chatSign),false) + Md5Hash(chatSign,false);
                int index = idSort[idSort.Count - 1];
                while (res.Length < 50)
                {
                    res += map[index];
                    index++;
                }
                return AESHelper.Inverse(res);
            }
        }


        /// <summary>
        /// 解密客户端内容
        /// </summary>
        /// <param name="code">密文</param>
        /// <returns></returns>
        public string Resolver(string code) {

            //第一阶段解密内容
            string resStepOne = StepOne(code);

            if (resStepOne.Length > 0)
            {
                //Console.WriteLine("第一解密 result:" + resStepOne);
                //第二阶段解密
                string resSteptwo = Steptwo(resStepOne);
                //Console.WriteLine("第二解密 result:" + resSteptwo);
                //Console.WriteLine(AESHelper.FromBase64(resSteptwo));
                if (resSteptwo.Length > 0)
                {
                    return AESHelper.FromBase64(resSteptwo);
                }
                else 
                {
                    return "解密失败——请记录日志.Step-2";
                }       
            }
            else {
                return "解密失败——请记录日志.Step-1";
            }            
        }


        private string StepOne(string code)
        {
            // 1.先移除插入的字符
            // 2.再进行解密操作
            int maxlength = code.Length - idSort.Count - 1;
            int indexSub = 0;
            int insertPos = 0;
   
            for (int i = 1; i < idSort.Count; i++)
            {
                indexSub = idSort[i] + 1;
                insertPos = magic(indexSub + i) + i * 11;    
                //前面插入
                //Console.WriteLine("前面    索引:" + i);
                //Console.WriteLine("前面插入位置:" + insertPos);
                //Console.WriteLine("前面插入字符:" + insertStr + "");
  
                if (insertPos > code.Length) {
                    //Console.WriteLine("修正Length:" + code.Length);
                    Console.WriteLine("修正insertPos:" + insertPos);
                    //Console.WriteLine("----code.Length:" + (code.Length -maxlength  ));
                    //Console.WriteLine("----code.Length:" + (  idSort.Count-1 - i));
                    //Console.WriteLine("----code.Length:" + ((code.Length - maxlength - (idSort.Count - 1 - i))+1));
                    insertPos = maxlength -4;
                    insertPos = maxlength - ((code.Length - maxlength - (idSort.Count - 1 - i)) + 1);
                    //Console.WriteLine("*******code.Length:" + ((code.Length - maxlength - (idSort.Count - 1 - i)) + 1));
                    //Console.WriteLine("*******code.Length:" + (code.Length - maxlength - (idSort.Count - i)) );
                    //Console.WriteLine("*******code.Length:" + (code.Length - maxlength - idSort.Count  - i ));
                    //Console.WriteLine("code.Length:" + code.Length);
                    //Console.WriteLine("maxlength:" + maxlength);
                    //Console.WriteLine("idSort.Count:" + idSort.Count);
                    //Console.WriteLine("idSort.Count - i:" + (idSort.Count - i));
                    //Console.WriteLine("修正插入位置i:" + i);
                    //Console.WriteLine("修正插入位置:" + insertPos);
                    insertPos = maxlength - ((code.Length - maxlength - (idSort.Count - 1 - i)) + 1);
                }              
                code = code.Substring(0, insertPos) + code.Substring(insertPos + 1);
            }

            //Console.WriteLine("整理后的:" + code);
            //Console.WriteLine("整理后的Length:" + code.Length);
            string key = Md5Hash(this.gameID + this.chatSign, false);
            string iv = IvStepTwo.Substring(14, 16);

            //第一次解密是 16进制字符串
            string result = AESHelper.Decrypt(code, key, iv);
            return AESHelper.HexStringToString(AESHelper.Inverse(result), Encoding.UTF8);
        }

        private string Steptwo(string code) {

            string key = Md5Hash(this.chatSign + this.nickName, false);
            string iv = IvStepOne.Substring(4, 16);

      

            string base64 = AESHelper.HexStringToString(AESHelper.Decrypt(code, key, iv), Encoding.UTF8);
            
            string source = base64.Substring(0, idSort[idSort.Count - 1]) + generateMid(base64.Substring(idSort[idSort.Count - 1], base64.Length - idSort[3] - idSort[idSort.Count - 1] * 2)) + base64.Substring(base64.Length - idSort[3] - idSort[idSort.Count - 1]);

            //第二次解密是 base64
            return source ;
        }


        private string generateMid(string str) {

            string res = "";
            List<String> base64Parts = new List<string>();
            int lastPosition = this.idSort[this.idSort.Count - 1];
            string subBefore = "";
            int count = 0;
            if (lastPosition % 2 == 0)
            {
                count = idSort[idSort.Count - 2];
            }
            else
            {
                count = idSort[idSort.Count - 3];
            }
            if (count == 0) {
                count = lastPosition;
            }
            int step = str.Length / count;

            int subLength = str.Length - step * count;

            if (lastPosition % 2 == 0)
            {
                for (int i = 0; i < count; i++)
                {
                    if (i % 2 == 1)
                    {
                        base64Parts.Add(AESHelper.Inverse(str.Substring(step * (count - i - 1), step)));
                    }
                    else
                    {
                        //base64Parts.Add(v.Substring(step * i, step));
                        //Console.WriteLine(i + "不需要翻转原始：" + str.Substring(step * (count - i - 1), step));
                        base64Parts.Add(str.Substring(step * (count - i - 1), step));
                    }
                }

                for (int i = 0; i < base64Parts.Count; i++)
                {
                    //Console.WriteLine("偶数项目：" + i + " " + base64Parts[i]);
                    res = res + base64Parts[i];
                }
                subBefore = str.Substring(step * count);
                res += subBefore;
            }
            else
            {
                for (int i = 0; i < count; i++)
                {
                    if (i % 2 == 1)
                    {
                        base64Parts.Add(AESHelper.Inverse(str.Substring(step * i, step)));          
                    }
                    else
                    {
                        base64Parts.Add(str.Substring(step * i, step));
                    }
                }
                subBefore = str.Substring(step * count);
                base64Parts.Add(subBefore);
                for (int i = 0; i < base64Parts.Count; i++)
                {
                    //Console.WriteLine("奇数项目：" + i + " " + base64Parts[i]);
                    res = res + base64Parts[i];
                }
            }

            return AESHelper.Inverse(res);
        }

        private static int magic(int num)
        {

            if (num < 3)