对于BouncyCastle类库(包)来说,他提供了很多加密算法,在与.net和java进行相互加解密过程中,得到了不错的应用,本文以DES3为例,来说一下DES3加解密的过程。
加密过程
- 明文字符转为byte数组
- 对密钥进行处理,处理后一般为16或者24字节
- 对明文进行DES3加密,生成密文的byte数组
- 对密文byte数组进行base64的编码
解密过程
- 对密文byte数组进行base64的解码
- 对密钥进行处理,处理后一般为16或者24字节
- 对解码后的byte数组进行DES3解密
- 对解密之后的byte数组进行Encoding.UTF8.GetString方法的调用生成明文字符串
原码
/// <summary>
/// DES3加密
/// https://www.go4expert.com/articles/bouncy-castle-net-implementation-triple-t24829/
/// </summary>
public class BouncyCastleHelper
{
static IBlockCipher engine = new DesEngine();
/// <summary>
/// 生成一个16位的key.
/// </summary>
/// <returns></returns>
public string GenerateDES3Key()
{
CipherKeyGenerator cipherKeyGenerator = new CipherKeyGenerator();
cipherKeyGenerator.Init(new KeyGenerationParameters(new SecureRandom(), 192));
//192 specifies the size of key in bits i.e 24 bytes
var keyDES3 = cipherKeyGenerator.GenerateKey();
BigInteger bigInteger = new BigInteger(keyDES3);
return bigInteger.ToString(16);
}
/// <summary>
/// 做一个16位的md5加密,防止被其它人解析.
/// </summary>
/// <param name="Source"></param>
/// <returns></returns>
static byte[] GetMd5Digest(string Source)
{
var msgBytes = Encoding.UTF8.GetBytes(Source);
var md5Digest = new MD5Digest();
md5Digest.BlockUpdate(msgBytes, 0, msgBytes.Length);
byte[] result = new byte[md5Digest.GetDigestSize()];
md5Digest.DoFinal(result, 0);
return result;
}
/// <summary>
/// 使用DES3加密
/// </summary>
/// <param name="plainText">需要加密的字符串</param>
/// <param name="keys">加密字符串的密钥</param>
/// <returns>加密后的字符串</returns>
public static string Encrypt(string plainText, string keys)
{
byte[] ptBytes = Encoding.UTF8.GetBytes(plainText);
byte[] rv = Encrypt(ptBytes, keys);
// 密文转为base64字符串
return Convert.ToBase64String(rv);
}
static byte[] Encrypt(byte[] ptBytes, string keys)
{
byte[] key = GetMd5Digest(keys);
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new DesEdeEngine());
cipher.Init(true, new KeyParameter(key));
byte[] rv = new byte[cipher.GetOutputSize(ptBytes.Length)];
int tam = cipher.ProcessBytes(ptBytes, 0, ptBytes.Length, rv, 0);
cipher.DoFinal(rv, tam);
return rv;
}
/// <summary>
/// 使用DES3解密
/// </summary>
/// <param name="cipherText">需要加密的字符串</param>
/// <param name="keys">加密字符串的密钥</param>
/// <returns>解密后的字符串</returns>
public static string Decrypt(string cipherText, string keys)
{
// 把密文进行base64的解码
byte[] base64StringBytes = Convert.FromBase64String(cipherText);
var rv = Decrypt(base64StringBytes, keys);
// 字符数组转为明文字符串
return Encoding.UTF8.GetString(rv, 0, rv.Length);
}
static byte[] Decrypt(byte[] cipherText, string keys)
{
byte[] key = GetMd5Digest(keys);
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new DesEdeEngine());
cipher.Init(false, new KeyParameter(key));
byte[] comparisonBytes = new byte[cipher.GetOutputSize(cipherText.Length)];
int length = cipher.ProcessBytes(cipherText, comparisonBytes, 0);
cipher.DoFinal(comparisonBytes, length); //Do the final block
return comparisonBytes;
}
}
调用
string result = BouncyCastleHelper.Encrypt("hello", "abc123");
Console.WriteLine("hello=" + result);
Console.WriteLine("plainText=" + BouncyCastleHelper.Decrypt(result, "abc123"));
结果