免费网站制作网站源码,六安网站建设网络服务,凡科建站网址,徐州百度seo排名优化前言
记得之前写了一个文章#xff0c;是关于java和c#加密不一致导致需要使用ikvm的方式来进行数据加密#xff0c;主要是ikvm把打包后的jar包打成dll包#xff0c;然后Nuget引入ikvm#xff0c;从而实现算法的统一#xff0c;这几天闲来无事#xff0c;网上找了一下加密…前言
记得之前写了一个文章是关于java和c#加密不一致导致需要使用ikvm的方式来进行数据加密主要是ikvm把打包后的jar包打成dll包然后Nuget引入ikvm从而实现算法的统一这几天闲来无事网上找了一下加密库【BouncyCastle.dll】进行加密,目的是想统一加密。因为ikvm相对重了点引入一堆dll包。
官方网址 c#入口: https://www.bouncycastle.org/csharp/ java入口: https://www.bouncycastle.org/java.html 如图所示在1.8.4中 发现它是支持SM4 加密的如果你想要使用SM4加密算法最低版本需要是1.8.4。
Nuget安装如图所示) 注意事项
这个是针对java和c#的加解密一致性
1.算法要保持一致 均是SM4 2.算法模式要保持一致 如CBC和ECB 当然还有填充模式 举个例子我这边就使用 SM4/CBC/PKCS5Padding 3.编码一致性 如果JAVA 加解密用的UTF8 C#加解密用的是GBK 这样肯定不行了 俺们都是Chinese,所以果断选择UTF8了
最后就是代码部分了
java
需要引入bcprov-jdk15on-1.59.jar 和 httpcore-4.4.3.jar
package com.ken.utils;
import java.security.*;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;public class SM4Util {static {Security.addProvider(new BouncyCastleProvider());}//默认是UTF-8编码//private static final String ENCODING UTF-8;public static final String ALGORITHM_NAME SM4;// 加密算法/分组加密模式/分组填充方式// PKCS5Padding-以8个字节为一组进行分组加密// 定义分组加密模式使用PKCS5Paddingpublic static final String ALGORITHM_NAME_ECB_PADDING SM4/ECB/PKCS5Padding;// 128 32位16进制 本身SM4默认就是这一种// public static final int DEFAULT_KEY_SIZE 128;// 这边我默认了密钥public static final String SM4_KEY 86C63180C2806ED1F47B859DE501215B;/*** 生成ECB暗号* explain ECB模式电子密码本模式Electronic codebook* param algorithmName* 算法名称* param mode* 模式* param key* return* throws Exception*/private static Cipher generateEcbCipher(String algorithmName, int mode, byte[] key) throws Exception {Cipher cipher Cipher.getInstance(algorithmName, BouncyCastleProvider.PROVIDER_NAME);Key sm4Key new SecretKeySpec(key, ALGORITHM_NAME);cipher.init(mode, sm4Key);return cipher;}/** 方式一系统生成密钥* 自动生成密钥* explain* return* throws NoSuchAlgorithmException* throws NoSuchProviderException*/public static byte[] generateKey() throws Exception {return generateKey(DEFAULT_KEY_SIZE);}/*** explain* param keySize* return* throws Exception*/public static byte[] generateKey(int keySize) throws Exception {KeyGenerator kg KeyGenerator.getInstance(ALGORITHM_NAME, BouncyCastleProvider.PROVIDER_NAME);kg.init(keySize, new SecureRandom());return kg.generateKey().getEncoded();}/*** sm4加密* explain 加密模式ECB* 密文长度不固定会随着被加密字符串长度的变化而变化* param hexKey* 16进制密钥忽略大小写* param paramStr* 待加密字符串* return 返回16进制的加密字符串* throws Exception*/public static String encryptEcb(String hexKey, String paramStr) throws Exception {String cipherText ;// 16进制字符串--gt;byte[]byte[] keyData ByteUtils.fromHexString(hexKey);// String--gt;byte[]byte[] srcData paramStr.getBytes(ENCODING);// 加密后的数组byte[] cipherArray encrypt_Ecb_Padding(keyData, srcData);// byte[]--gt;hexStringcipherText ByteUtils.toHexString(cipherArray);return cipherText;}/*** 加密模式之Ecb 方法二自己提供16进制的密钥* explain* param key* param data* return* throws Exception*/public static byte[] encrypt_Ecb_Padding(byte[] key, byte[] data) throws Exception {Cipher cipher generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.ENCRYPT_MODE, key);return cipher.doFinal(data);}/*** sm4解密* explain 解密模式采用ECB* param hexKey* 16进制密钥* param cipherText* 16进制的加密字符串忽略大小写* return 解密后的字符串* throws Exception*/public static String decryptEcb(String hexKey, String cipherText) throws Exception {// 用于接收解密后的字符串String decryptStr ;// hexString--gt;byte[]byte[] keyData ByteUtils.fromHexString(hexKey);// hexString--gt;byte[]byte[] cipherData ByteUtils.fromHexString(cipherText);// 解密byte[] srcData decrypt_Ecb_Padding(keyData, cipherData);// byte[]--gt;StringdecryptStr new String(srcData, ENCODING);return decryptStr;}/*** 解密* explain* param key* param cipherText* return* throws Exception*/public static byte[] decrypt_Ecb_Padding(byte[] key, byte[] cipherText) throws Exception {Cipher cipher generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.DECRYPT_MODE, key);return cipher.doFinal(cipherText);}/*** 校验加密前后的字符串是否为同一数据* explain* param hexKey* 16进制密钥忽略大小写* param cipherText* 16进制加密后的字符串* param paramStr* 加密前的字符串* return 是否为同一数据* throws Exception*/public static boolean verifyEcb(String hexKey, String cipherText, String paramStr) throws Exception {// 用于接收校验结果boolean flag false;// hexString--gt;byte[]byte[] keyData ByteUtils.fromHexString(hexKey);// 将16进制字符串转换成数组byte[] cipherData ByteUtils.fromHexString(cipherText);// 解密byte[] decryptData decrypt_Ecb_Padding(keyData, cipherData);// 将原字符串转换成byte[]byte[] srcData paramStr.getBytes(ENCODING);// 判断2个数组是否一致flag Arrays.equals(decryptData, srcData);return flag;}/*** 字符串转化成为16进制字符串* param s* return*/public static String strTo16(String s) {String str ;for (int i 0; i s.length(); i) {int ch (int) s.charAt(i);String s4 Integer.toHexString(ch);str str s4;}return str;}public static String byteArrayToHexStr(byte[] byteArray) {StringBuilder stringBuilder new StringBuilder();if (byteArray null || byteArray.length 0) {return null;}for (int i 0; i byteArray.length; i) {int v byteArray[i] 0xFF;String hv Integer.toHexString(v);if (hv.length() 2) {stringBuilder.append(0);}stringBuilder.append(hv);}return stringBuilder.toString();}}C# (Csharp)
using Org.BouncyCastle.Crypto.IO;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities.Encoders;
using System;
using System.IO;
using System.Text;namespace Web.Security.Util
{public static class SM4Util{/// summary/// 默认编码/// /summaryprivate static Encoding DefaultEncoding Encoding.UTF8;//GB2312;public const string ALGORITHM_NAME SM4;/// summary/// ECB模式 [pkcs5padding填充方式]/// /summarypublic const string ALGORITHM_NAME_ECB_PADDING SM4/ECB/PKCS5Padding;/// summary/// CBC模式 [pkcs5padding填充方式]/// /summarypublic const string ALGORITHM_NAME_CBC_PADDING SM4/CBC/PKCS5Padding;//这个不需要 SM4默认就是128位的密钥//public const int DEFAULT_KEY_SIZE 128;/// summary/// 解密/// /summary/// param namekey密钥/param/// param namepassInput/param/// param nameencoding编码/param/// param namealgorithmMode默认是ECB模式 [pkcs5padding填充方式]/param/// returns/returnspublic static string DecryptEcb(string key, string passInput, Encoding encoding, string algorithmMode ALGORITHM_NAME_ECB_PADDING){encoding encoding??Encoding.UTF8;byte[] keyBytes Hex.Decode(key);byte[] input Hex.Decode(passInput);return encoding.GetString(DecryptEcb(keyBytes, input, algorithmMode));}/// summary/// 解密/// /summary/// param namekey密钥/param/// param namepassInput/param/// param namealgorithmMode默认是ECB模式 [pkcs5padding填充方式]/param/// returns/returnspublic static string DecryptEcb(string key, string passInput, string algorithmMode ALGORITHM_NAME_ECB_PADDING){return DecryptEcb(key, passInput, DefaultEncoding, algorithmMode);}/// summary/// 解密/// /summary/// param namekeyBytes密钥/param/// param namepassInput/param/// param namealgorithmMode加密方式/param/// returns/returns/// exception crefException/exceptionpublic static byte[] DecryptEcb(byte[] keyBytes, byte[] passInput, string algorithmMode){KeyParameter key ParameterUtilities.CreateKeyParameter(ALGORITHM_NAME, keyBytes);IBufferedCipher inCipher CipherUtilities.GetCipher(algorithmMode);//forEncryption位false表示解密inCipher.Init(false, key);MemoryStream bIn new MemoryStream(passInput, false);CipherStream cIn new CipherStream(bIn, inCipher, null);byte[] bytes new byte[passInput.Length];byte[] totalBytes;try{#region 此代码一次性读取解密 可行/*BinaryReader dIn new BinaryReader(cIn);byte[] extra dIn.ReadBytes(passInput.Length);Array.Copy(extra, 0, bytes, 0, extra.Length);*/#endregion#region 官方demo 是先处理一半 再处理剩下的 最后把剩下的复制到bytes剩余部分BinaryReader dIn new BinaryReader(cIn);for (int i 0; i ! passInput.Length / 2; i){bytes[i] dIn.ReadByte();}int remaining bytes.Length - passInput.Length / 2;byte[] extra dIn.ReadBytes(remaining);//把为了加密补位的部分去掉if (extra.Length remaining){int len passInput.Length/2 extra.Length;totalBytes new byte[len];Array.Copy(bytes, 0, totalBytes, 0, passInput.Length / 2);extra.CopyTo(totalBytes, passInput.Length / 2);return totalBytes;}else{extra.CopyTo(bytes, passInput.Length / 2);}//throw new EndOfStreamException();#endregion}catch (Exception e){throw new Exception(SM4 failed encryption - e, e);}return bytes;}/// summary/// 加密/// /summary/// param namekey密钥/param/// param nametext/param/// param nameencoding编码/param/// param namealgorithmMode默认是ECB模式 [pkcs5padding填充方式]/param/// returns/returnspublic static string EncryptEcb(string key, string text, Encoding encoding,string algorithmMode ALGORITHM_NAME_ECB_PADDING){encoding encoding??Encoding.UTF8;byte[] keyBytes Hex.Decode(key);byte[] input encoding.GetBytes(text);return Hex.ToHexString(EncryptEcb(keyBytes, input, algorithmMode));}/// summary/// 加密/// /summary/// param namekey密钥/param/// param nametext/param/// param namealgorithmMode/param/// returns/returnspublic static string EncryptEcb(string key, string text, string algorithmMode ALGORITHM_NAME_ECB_PADDING){return EncryptEcb(key,text, DefaultEncoding, algorithmMode);}/// summary/// 加密/// /summary/// param namekeyBytes密钥/param/// param nameinput/param/// returns/returns/// exception crefException/exceptionpublic static byte[] EncryptEcb(byte[] keyBytes, byte[] input,string algorithmMode){KeyParameter key ParameterUtilities.CreateKeyParameter(ALGORITHM_NAME, keyBytes);IBufferedCipher outCipher CipherUtilities.GetCipher(algorithmMode);//forEncryption位true表示加密outCipher.Init(true, key);MemoryStream bOut new MemoryStream();CipherStream cOut new CipherStream(bOut, null, outCipher);try{//处理前一半for (int i 0; i ! input.Length / 2; i){cOut.WriteByte(input[i]);}//处理后一半cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);cOut.Close();}catch (IOException e){throw new Exception(SM4 failed encryption - e, e);}byte[] bytes bOut.ToArray();return bytes;} }}
密钥生成 java可以使用UUID生成32位的16进制字符串 C#可以使用 GUID生成32位的16进制字符串 密钥格式示例: 7A5B5AE03F764358AEAEF0D1B4B2ADAE 调用方式 string SM4_KEY “7A5B5AE03F764358AEAEF0D1B4B2ADAE”; java
SM4Util.encryptEcb(SM4_KEY, “待加密文本”);SM4Util.decryptEcb(SM4_KEY, “加密后的文本”);C#
SM4Util.EncryptEcb(SM4_KEY, “待加密文本”);
SM4Util.DecryptEcb(SM4_KEY, “加密后的文本”)ps: java版本的如果数据量超过5000不建议全部加密会比较耗时。c# 2万条依旧扛得住。
这个我试过虽然加密的结果两者java和C#是不一样的但解密的结果都是一样的如果你对此不放心 也可以把java版的改成使用统一版本的BouncyCastle。
