在给别人提供直充接口的时候,为了数据安全采用了DES加密,自己测通以为万事ok写了文档就回家了。在第二天客户调的时候发现两边解密出来的结果并不一样。我以为我用了java之后大家都会用java开发,但是事实并不是酱……原来我才知道,同样的算法虽然名称一致,但是jav和.net还是会有一些区别的……
为了能让他们匹配,尝试了很多方法,也许是我自己的算法有问题,于是向网上打申请请教做了小修改之后,找朋友帮忙测试,终于暂时的成功了……
Java代码:
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
/**
* Created by xuxiaoguai on 2016/1/25.
*/
public class SecretDES {
private byte[] desKey;
//解密数据
public static String decrypt(String message, String key) throws Exception {
byte[] bytesrc = convertHexString(message);
Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
DESKeySpec desKeySpec = new DESKeySpec(key.getBytes("UTF-8"));
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey secretKey = keyFactory.generateSecret(desKeySpec);
IvParameterSpec iv = new IvParameterSpec(key.getBytes("UTF-8"));
cipher.init(Cipher.DECRYPT_MODE, secretKey, iv);
byte[] retByte = cipher.doFinal(bytesrc);
return new String(retByte);
}
//加密数据
public static byte[] encrypt(String message, String key) throws Exception {
Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
DESKeySpec desKeySpec = new DESKeySpec(key.getBytes("UTF-8"));
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey secretKey = keyFactory.generateSecret(desKeySpec);
IvParameterSpec iv = new IvParameterSpec(key.getBytes("UTF-8"));
cipher.init(Cipher.ENCRYPT_MODE, secretKey, iv);
return cipher.doFinal(message.getBytes("UTF-8"));
}
public static byte[] convertHexString(String ss) {
byte digest[] = new byte[ss.length() / 2];
for (int i = 0; i < digest.length; i++) {
String byteString = ss.substring(2 * i, 2 * i + 2);
int byteValue = Integer.parseInt(byteString, 16);
digest[i] = (byte) byteValue;
}
return digest;
}
public static void main(String[] args) throws Exception {
String key = "12345678";
String value = "{\n" +
" \"phoneNumber\": \"13576961294\",\n" +
" \"flowValue\": \"0\",\n" +
" \"accountId\":\"2c90808b52637dd701526daf722b003c\"\n" +
"}";
String value1="我爱吃棒棒糖";
String jiami = java.net.URLEncoder.encode(value, "utf-8").toLowerCase();
System.out.println("加密数据:" + jiami);
String a = toHexString(encrypt(jiami, key)).toUpperCase();
System.out.println("加密后的数据为:" + a);
String aa="45CF1FF07B3889F388304CAAF71AA19C7543A2F28EAD12ACCCA551963A6E7C40C12A1C635C4A4DAB30648CB8817F0E3E45088B2A46C185155CFAB2D3BEF3CFDEFC1B445CE3A28258C880685D08E115F06095B8CC3C91CE0B63307CD5838432FB42D20CC55553A72D29FAC1531062B6325B16372057A88A43C89DEFCD8AC1280AF2800C569CAB8FE4BD7C4493068384D106AFDF86790F57E0";
String b = java.net.URLDecoder.decode(decrypt(aa, key), "utf-8");
System.out.println("解密后的数据:" + b);
}
/*加密--xiaoguai*/
public static String encryptencrypt (String message, String key)throws Exception {
String jiami = toHexString(encrypt(message, key)).toUpperCase();
return jiami;
}
/*解密--xiaoguai*/
public static String decryptdecrypt (String message, String key)throws Exception {
String jiemi = java.net.URLDecoder.decode(decrypt(message, key), "utf-8");
return jiemi;
}
public static String toHexString(byte b[]) {
StringBuffer hexString = new StringBuffer();
for (int i = 0; i < b.length; i++) {
String plainText = Integer.toHexString(0xff & b[i]);
if (plainText.length() < 2)
plainText = "0" + plainText;
hexString.append(plainText);
}
return hexString.toString();
}
}
.net代码
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Security.Cryptography;
using System.IO;
using System.Text;
public class TestDes{
//cookies加密密钥
public static string DES_Key = "12345678";
#region DESEnCode DES加密
public static string DESEnCode(string pToEncrypt, string sKey)
{
pToEncrypt = HttpContext.Current.Server.UrlEncode(pToEncrypt);
DESCryptoServiceProvider des = new DESCryptoServiceProvider();
byte[] inputByteArray = Encoding.GetEncoding("UTF-8").GetBytes(pToEncrypt);
des.Key = ASCIIEncoding.ASCII.GetBytes(sKey);
des.IV = ASCIIEncoding.ASCII.GetBytes(sKey);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
StringBuilder ret = new StringBuilder();
foreach (byte b in ms.ToArray())
{
ret.AppendFormat("{0:X2}", b);
}
ret.ToString();
return ret.ToString();
}
#endregion
#region DESDeCode DES解密
public static string DESDeCode(string pToDecrypt, string sKey)
{
DESCryptoServiceProvider des = new DESCryptoServiceProvider();
byte[] inputByteArray = new byte[pToDecrypt.Length / 2];
for (int x = 0; x < pToDecrypt.Length / 2; x++)
{
int i = (Convert.ToInt32(pToDecrypt.Substring(x * 2, 2), 16));
inputByteArray[x] = (byte)i;
}
des.Key = ASCIIEncoding.ASCII.GetBytes(sKey);
des.IV = ASCIIEncoding.ASCII.GetBytes(sKey);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
StringBuilder ret = new StringBuilder();
return HttpContext.Current.Server.UrlDecode(System.Text.Encoding.Default.GetString(ms.ToArray()));
}
#endregion
}
但是,这里有一个缺陷,秘钥只支持8位,再然后就是以后提供给别人接口的时候一定要问清楚人家用的是什么语言,万一有不一样的需要我们做充分的考虑……长点心吧孩子。