文章来源:https://i-blog.csdnimg.cn/blog_migrate/c171c0248b953d2e5c47852df2018e00.png
itv手机App,充值后台加密流程 |
1、对于一般情况下一个电视账户应该对应有3个手机app账户。 |
2、每一个手机app账户将会对应一个支付随机数,该随机数将会在手机绑定或者是登陆时更新 |
4、在手机支付宝交易成功后,想后台请求加钱的函数具有4个参数。 | 辅助参数为支付随机数 randomNum |
a、UserId :对应的电视账户的uid | ||||||||
b、type :对应的交易成功的类型。现阶段有6个分别为1 , 2, 3 ,4 , 5, 6元。 | ||||||||
c、对应支付宝交易成功的订单号。 | ||||||||
d、md5效验码、 |
校验过程是:手机端,实际参数 sParam 先和随机数组合为新的字符串 值A,将值A进行md5加密,作为第二个参数。值A进行DES加密作为第一个参数。
后台:捕获参数后,客户端拼凑的DES加密值A 解密获得 值B, 在进行MD5加密,比对参数中的md5值,从而整个流程上面完成校验工作
C# MD5代码
- public static string MD5(string encryptString)
- {
- byte[] result = Encoding.Default.GetBytes(encryptString);
- MD5 md5 = new MD5CryptoServiceProvider();
- byte[] output = md5.ComputeHash(result);
- string encryptResult = BitConverter.ToString(output).Replace("-", "");
- return encryptResult;
- }
java MD5代码
- private static final char HEX_DIGITS[] = { '0', '1', '2', '3', '4', '5',
- '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
- public static String getMd5Code(String localPath) throws Exception {
- MessageDigest md5 = null;
- md5 = MessageDigest.getInstance("MD5");
- md5.update(localPath.getBytes());
- return toHexString(md5.digest());
- }
- private static String toHexString(byte[] b) {
- StringBuilder sb = new StringBuilder(b.length * 2);
- for (int i = 0; i < b.length; i++) {
- sb.append(HEX_DIGITS[(b[i] & 0xf0) >>> 4]);
- sb.append(HEX_DIGITS[b[i] & 0x0f]);
- }
- return sb.toString();
- }
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Text;
- using System.Collections.Generic;
- using System.ComponentModel;
- using System.Data;
- using System.Text;
- using System.Security.Cryptography;//加密部分
- using System.IO;
- namespace ConsoleApplication1
- {
- class Program
- {
- static void Main(string[] args)
- {
- Console.WriteLine(EncryptDES("price1", "12345678"));
- Console.WriteLine(EncryptDES("price5", "12345678"));
- Console.WriteLine(EncryptDES("price10", "12345678"));
- Console.WriteLine(EncryptDES("price20", "12345678"));
- Console.WriteLine(EncryptDES("price50", "12345678"));
- Console.WriteLine(EncryptDES("price100", "12345678"));
- Console.ReadLine();
- }
- private static byte[] Keys = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
- public static string DecryptDES(string decryptString, string decryptKey)
- {
- try
- {
- byte[] rgbKey = Encoding.UTF8.GetBytes(decryptKey);
- byte[] rgbIV = System.Text.Encoding.Default.GetBytes("12345678"); ;
- byte[] inputByteArray = Convert.FromBase64String(decryptString);
- DESCryptoServiceProvider DCSP = new DESCryptoServiceProvider();
- MemoryStream mStream = new MemoryStream();
- CryptoStream cStream = new CryptoStream(mStream, DCSP.CreateDecryptor(rgbKey, rgbIV), CryptoStreamMode.Write);
- cStream.Write(inputByteArray, 0, inputByteArray.Length);
- cStream.FlushFinalBlock();
- return Encoding.UTF8.GetString(mStream.ToArray());
- }
- catch
- {
- return decryptString;
- }
- }
- public static string EncryptDES(string encryptString, string encryptKey)
- {
- try
- {
- byte[] rgbKey = Encoding.UTF8.GetBytes(encryptKey.Substring(0, 8));
- byte[] rgbIV = System.Text.Encoding.Default.GetBytes("12345678");
- byte[] inputByteArray = Encoding.UTF8.GetBytes(encryptString);
- DESCryptoServiceProvider dCSP = new DESCryptoServiceProvider();
- MemoryStream mStream = new MemoryStream();
- CryptoStream cStream = new CryptoStream(mStream, dCSP.CreateEncryptor(rgbKey, rgbIV), CryptoStreamMode.Write);
- cStream.Write(inputByteArray, 0, inputByteArray.Length);
- cStream.FlushFinalBlock();
- return Convert.ToBase64String(mStream.ToArray());
- }
- catch
- {
- return encryptString;
- }
- }
- }
- }
java DES加密
- public static String encode(String key,byte[] data) throws Exception
- {
- try
- {
- DESKeySpec dks = new DESKeySpec(key.getBytes());
- SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
- //key的长度不能够小于8位字节
- Key secretKey = keyFactory.generateSecret(dks);
- Cipher cipher = Cipher.getInstance(ALGORITHM_DES);
- IvParameterSpec iv = new IvParameterSpec("12345678".getBytes());
- AlgorithmParameterSpec paramSpec = iv;
- cipher.init(Cipher.ENCRYPT_MODE, secretKey,paramSpec);
- byte[] bytes = cipher.doFinal(data);
- return Base64.encode(bytes);
- } catch (Exception e)
- {
- throw new Exception(e);
- }
- }
- /**
- * DES算法,解密
- *
- * @param data 待解密字符串
- * @param key 解密私钥,长度不能够小于8位
- * @return 解密后的字节数组
- * @throws Exception 异常
- */
- public static byte[] decode(String key,byte[] data) throws Exception
- {
- try
- {
- SecureRandom sr = new SecureRandom();
- DESKeySpec dks = new DESKeySpec(key.getBytes());
- SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
- //key的长度不能够小于8位字节
- Key secretKey = keyFactory.generateSecret(dks);
- Cipher cipher = Cipher.getInstance(ALGORITHM_DES);
- IvParameterSpec iv = new IvParameterSpec("12345678".getBytes());
- AlgorithmParameterSpec paramSpec = iv;
- cipher.init(Cipher.DECRYPT_MODE, secretKey,paramSpec);
- return cipher.doFinal(data);
- } catch (Exception e)
- {
- throw new Exception(e);
- }
- }
- /**
- * 获取编码后的值
- * @param key
- * @param data
- * @return
- * @throws Exception
- */
- public static String decodeValue(String key,String data)
- {
- byte[] datas;
- String value = null;
- try {
- if(System.getProperty("os.name") != null && (System.getProperty("os.name").equalsIgnoreCase("sunos") || System.getProperty("os.name").equalsIgnoreCase("linux")))
- {
- datas = decode(key, Base64.decode(data));
- }
- else
- {
- datas = decode(key, Base64.decode(data));
- }
- value = new String(datas);
- } catch (Exception e) {
- value = "";
- }
- return value;
- }
- /*
- * Copyright (C) 2010 The MobileSecurePay Project
- * All right reserved.
- * author: shiqun.shi@alipay.com
- */
- public final class Base64 {
- static private final int BASELENGTH = 128;
- static private final int LOOKUPLENGTH = 64;
- static private final int TWENTYFOURBITGROUP = 24;
- static private final int EIGHTBIT = 8;
- static private final int SIXTEENBIT = 16;
- static private final int FOURBYTE = 4;
- static private final int SIGN = -128;
- static private final char PAD = '=';
- static private final boolean fDebug = false;
- static final private byte[] base64Alphabet = new byte[BASELENGTH];
- static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH];
- static {
- for (int i = 0; i < BASELENGTH; ++i) {
- base64Alphabet[i] = -1;
- }
- for (int i = 'Z'; i >= 'A'; i--) {
- base64Alphabet[i] = (byte) (i - 'A');
- }
- for (int i = 'z'; i >= 'a'; i--) {
- base64Alphabet[i] = (byte) (i - 'a' + 26);
- }
- for (int i = '9'; i >= '0'; i--) {
- base64Alphabet[i] = (byte) (i - '0' + 52);
- }
- base64Alphabet['+'] = 62;
- base64Alphabet['/'] = 63;
- for (int i = 0; i <= 25; i++) {
- lookUpBase64Alphabet[i] = (char) ('A' + i);
- }
- for (int i = 26, j = 0; i <= 51; i++, j++) {
- lookUpBase64Alphabet[i] = (char) ('a' + j);
- }
- for (int i = 52, j = 0; i <= 61; i++, j++) {
- lookUpBase64Alphabet[i] = (char) ('0' + j);
- }
- lookUpBase64Alphabet[62] = (char) '+';
- lookUpBase64Alphabet[63] = (char) '/';
- }
- private static boolean isWhiteSpace(char octect) {
- return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);
- }
- private static boolean isPad(char octect) {
- return (octect == PAD);
- }
- private static boolean isData(char octect) {
- return (octect < BASELENGTH && base64Alphabet[octect] != -1);
- }
- /**
- * Encodes hex octects into Base64
- *
- * @param binaryData
- * Array containing binaryData
- * @return Encoded Base64 array
- */
- public static String encode(byte[] binaryData) {
- if (binaryData == null) {
- return null;
- }
- int lengthDataBits = binaryData.length * EIGHTBIT;
- if (lengthDataBits == 0) {
- return "";
- }
- int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP;
- int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP;
- int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1
- : numberTriplets;
- char encodedData[] = null;
- encodedData = new char[numberQuartet * 4];
- byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;
- int encodedIndex = 0;
- int dataIndex = 0;
- if (fDebug) {
- System.out.println("number of triplets = " + numberTriplets);
- }
- for (int i = 0; i < numberTriplets; i++) {
- b1 = binaryData[dataIndex++];
- b2 = binaryData[dataIndex++];
- b3 = binaryData[dataIndex++];
- if (fDebug) {
- System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3);
- }
- l = (byte) (b2 & 0x0f);
- k = (byte) (b1 & 0x03);
- byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2)
- : (byte) ((b1) >> 2 ^ 0xc0);
- byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4)
- : (byte) ((b2) >> 4 ^ 0xf0);
- byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6)
- : (byte) ((b3) >> 6 ^ 0xfc);
- if (fDebug) {
- System.out.println("val2 = " + val2);
- System.out.println("k4 = " + (k << 4));
- System.out.println("vak = " + (val2 | (k << 4)));
- }
- encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
- encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
- encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];
- encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];
- }
- // form integral number of 6-bit groups
- if (fewerThan24bits == EIGHTBIT) {
- b1 = binaryData[dataIndex];
- k = (byte) (b1 & 0x03);
- if (fDebug) {
- System.out.println("b1=" + b1);
- System.out.println("b1<<2 = " + (b1 >> 2));
- }
- byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2)
- : (byte) ((b1) >> 2 ^ 0xc0);
- encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
- encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];
- encodedData[encodedIndex++] = PAD;
- encodedData[encodedIndex++] = PAD;
- } else if (fewerThan24bits == SIXTEENBIT) {
- b1 = binaryData[dataIndex];
- b2 = binaryData[dataIndex + 1];
- l = (byte) (b2 & 0x0f);
- k = (byte) (b1 & 0x03);
- byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2)
- : (byte) ((b1) >> 2 ^ 0xc0);
- byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4)
- : (byte) ((b2) >> 4 ^ 0xf0);
- encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
- encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
- encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];
- encodedData[encodedIndex++] = PAD;
- }
- return new String(encodedData);
- }
- /**
- * Decodes Base64 data into octects
- *
- * @param encoded
- * string containing Base64 data
- * @return Array containind decoded data.
- */
- public static byte[] decode(String encoded) {
- if (encoded == null) {
- return null;
- }
- char[] base64Data = encoded.toCharArray();
- // remove white spaces
- int len = removeWhiteSpace(base64Data);
- if (len % FOURBYTE != 0) {
- return null;// should be divisible by four
- }
- int numberQuadruple = (len / FOURBYTE);
- if (numberQuadruple == 0) {
- return new byte[0];
- }
- byte decodedData[] = null;
- byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;
- char d1 = 0, d2 = 0, d3 = 0, d4 = 0;
- int i = 0;
- int encodedIndex = 0;
- int dataIndex = 0;
- decodedData = new byte[(numberQuadruple) * 3];
- for (; i < numberQuadruple - 1; i++) {
- if (!isData((d1 = base64Data[dataIndex++]))
- || !isData((d2 = base64Data[dataIndex++]))
- || !isData((d3 = base64Data[dataIndex++]))
- || !isData((d4 = base64Data[dataIndex++]))) {
- return null;
- }// if found "no data" just return null
- b1 = base64Alphabet[d1];
- b2 = base64Alphabet[d2];
- b3 = base64Alphabet[d3];
- b4 = base64Alphabet[d4];
- decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
- decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
- decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
- }
- if (!isData((d1 = base64Data[dataIndex++]))
- || !isData((d2 = base64Data[dataIndex++]))) {
- return null;// if found "no data" just return null
- }
- b1 = base64Alphabet[d1];
- b2 = base64Alphabet[d2];
- d3 = base64Data[dataIndex++];
- d4 = base64Data[dataIndex++];
- if (!isData((d3)) || !isData((d4))) {// Check if they are PAD characters
- if (isPad(d3) && isPad(d4)) {
- if ((b2 & 0xf) != 0)// last 4 bits should be zero
- {
- return null;
- }
- byte[] tmp = new byte[i * 3 + 1];
- System.arraycopy(decodedData, 0, tmp, 0, i * 3);
- tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);
- return tmp;
- } else if (!isPad(d3) && isPad(d4)) {
- b3 = base64Alphabet[d3];
- if ((b3 & 0x3) != 0)// last 2 bits should be zero
- {
- return null;
- }
- byte[] tmp = new byte[i * 3 + 2];
- System.arraycopy(decodedData, 0, tmp, 0, i * 3);
- tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
- tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
- return tmp;
- } else {
- return null;
- }
- } else { // No PAD e.g 3cQl
- b3 = base64Alphabet[d3];
- b4 = base64Alphabet[d4];
- decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
- decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
- decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
- }
- return decodedData;
- }
- /**
- * remove WhiteSpace from MIME containing encoded Base64 data.
- *
- * @param data
- * the byte array of base64 data (with WS)
- * @return the new length
- */
- private static int removeWhiteSpace(char[] data) {
- if (data == null) {
- return 0;
- }
- // count characters that's not whitespace
- int newSize = 0;
- int len = data.length;
- for (int i = 0; i < len; i++) {
- if (!isWhiteSpace(data[i])) {
- data[newSize++] = data[i];
- }
- }
- return newSize;
- }
- }
如果有问题请指正,还有很多漏洞需要补齐。