最近要对两个程序做接口,也就是简单的SSO操作,我们会为对方提供一些角色信息,对方URL和加密后的角色名称(String)传给我的系统,我的系统经过解密后在返回给对方一些Session信息,对方就可以做内容的校验了,对方应用的python,我这边应用的java,通过统一的密钥规则来对角色信息(String)做加密
import binascii
from pyDes import des, CBC, PAD_PKCS5
def des_encrypt(s):
"""
DES 加密
:param s: 原始字符串
:return: 加密后字符串,16进制
"""
secret_key = '20170101'
iv = secret_key
k = des(secret_key, CBC, iv, pad=None, padmode=PAD_PKCS5)
en = k.encrypt(s, padmode=PAD_PKCS5)
return binascii.b2a_hex(en)
def des_descrypt(s):
"""
DES 解密
:param s: 加密后的字符串,16进制
:return: 解密后的字符串
"""
secret_key = '20090101'
iv = secret_key
k = des(secret_key, CBC, iv, pad=None, padmode=PAD_PKCS5)
de = k.decrypt(binascii.a2b_hex(s), padmode=PAD_PKCS5)
return de
str_en = des_encrypt('admin')
print(str_en)
str_de = des_descrypt(str_en)
print(str_de)
java端自然也有加密和解密的操作
package com.test;
import java.io.UnsupportedEncodingException;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
public class testForjava {
public static void main(String[] args) throws UnsupportedEncodingException {
String content = "admin";
String key = "20170101";
System.out.println("加密前:" + content);
byte[] encrypted = DES_CBC_Encrypt(content.getBytes(), key.getBytes());
System.out.println("加密后:" + byteToHexString(encrypted));
//对String进行解密
byte[] encrypted1 = hexStringToByteArray("38eb4018005b6f3b");
byte[] decrypted1 = DES_CBC_Decrypt(encrypted1, key.getBytes());
System.out.println("解密String:" + new String(decrypted1));
String dd1=new String(decrypted1);
//对byte进行解密
byte[] decrypted = DES_CBC_Decrypt(encrypted, key.getBytes());
System.out.println("解密byte:" + new String(decrypted));
String dd=new String(decrypted);
if(dd1.endsWith(dd)){
System.out.println("byte与String匹配成功");
}
}
public static byte[] DES_CBC_Encrypt(byte[] content, byte[] keyBytes) {
try {
DESKeySpec keySpec = new DESKeySpec(keyBytes);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey key = keyFactory.generateSecret(keySpec);
Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(keySpec.getKey()));
byte[] result = cipher.doFinal(content);
return result;
} catch (Exception e) {
System.out.println("exception:" + e.toString());
}
return null;
}
private static byte[] DES_CBC_Decrypt(byte[] content, byte[] keyBytes) {
try {
DESKeySpec keySpec = new DESKeySpec(keyBytes);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey key = keyFactory.generateSecret(keySpec);
Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(keyBytes));
byte[] result = cipher.doFinal(content);
return result;
} catch (Exception e) {
System.out.println("exception:" + e.toString());
}
return null;
}
public static byte[] hexStringToByteArray(String s) {
int len = s.length();
byte[] data = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4)
+ Character.digit(s.charAt(i+1), 16));
}
return data;
}
private static String byteToHexString(byte[] bytes) {
StringBuffer sb = new StringBuffer(bytes.length);
String sTemp;
for (int i = 0; i < bytes.length; i++) {
sTemp = Integer.toHexString(0xFF & bytes[i]);
if (sTemp.length() < 2)
sb.append(0);
sb.append(sTemp);
}
return sb.toString();
}
}
这部分代码是 摘抄的,发现挺好 可以用
如果是两个系统来回转必须用String类型的传递,java端需要对String类型解密,但事例里用byte转换的,怎么讲String类型转换成byte,原来以为貌似 String.getbytes("UTF-8")之类的写法就对了,发现根本不对,发过来的是byte的String类型,所以初始化时要默认这个值,所以就有了hexStringToByteArray方法,可以参考一些样例