Java 使用华为md5+;三重DES
哎 谢谢你提前阅读 我在3des中加密某些东西时遇到了一些问题,它正在工作,但似乎没有输出正确的值 目的: 我需要通过php的rest API认证才能检索信息, 他们的文件表明:Java 使用华为md5+;三重DES,java,php,security,encryption,3des,Java,Php,Security,Encryption,3des,哎 谢谢你提前阅读 我在3des中加密某些东西时遇到了一些问题,它正在工作,但似乎没有输出正确的值 目的: 我需要通过php的rest API认证才能检索信息, 他们的文件表明: 步骤1调用login函数以接收令牌(我有这个) 步骤2,使用令牌生成的字符串调用authorize函数 我已经实现了下面的代码,但不确定我是否做错了什么, 这里有一些来自文档的信息 生成密钥的过程如下: 1.华为定义的内部值99991231添加到需要加密的纯文本中。结果A已生成。 2.对结果A执行标准MD5算法。生成结
1.华为定义的内部值99991231添加到需要加密的纯文本中。结果A已生成。
2.对结果A执行标准MD5算法。生成结果B。
3.结果B被转换为十六进制数。生成结果C。
如果十六进制字符串中的第一个字符是0,则忽略它。如果另一个字符为0,请保留它。例如,0x0101F3B转换为100101F3B。
4.得到结果C中的前八个字符。生成结果D。
5.结果D中的字符将转换为小写字符。生成加密文本 这是他们提供的生成md5华为的示例代码(我认为它是java?需要它的php等价物) 要检查我的PHP代码是否有任何错误的详细信息:
$userid = '123';
$terminalip = '';
$mac = 'ABCDEFGH';
$terminalid = $userid;
$pin = '123';
$encToken = 'testtest';
$encryption_key = $pin;
$authenticator = rand(0,99999999).'$'.$encToken.'$'.$userid.'$'.$terminalid.'$'.$terminalip.'$'.$mac.'$'.'Reserved'.'$'.'CTC';
$desEncryptedData = encrypt($authenticator, $encryption_key);
echo "encrypted: <br>".$desEncryptedData;
echo"<br><br><br><b>Decrypt</b><br>";
$d = decrypt($desEncryptedData,$encryption_key);
echo $d;
echo "<BR><BR>encrypted hex: <br>". strToHex($desEncryptedData);
echo "<br><br>3des authenticator: <br>".$desEncryptedData."<br />";
$req = "<?xml version='1.0' encoding='UTF-8'?>
<AuthenticateReq>
<userid>$userid</userid>
<authenticator>$desEncryptedData</authenticator>
</AuthenticateReq>
";
// the functions to use to login
$context = stream_context_create(array('http'=>array(
'method' => 'POST',
'header' => "Content-Type: text/xml\r\n",
'content' => $req
)));
function encrypt($input,$ky)
{
$key = $ky;
$size = mcrypt_get_block_size(MCRYPT_TRIPLEDES, 'ecb');
$input = pkcs5_pad($input, $size);
$td = mcrypt_module_open(MCRYPT_TRIPLEDES, '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$data = mcrypt_generic($td, $input);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
$data = base64_encode($data);
$data = urlencode($data); //push it out so i can check it works
return $data;
}
function decrypt($crypt,$ky)
{
$crypt = urldecode($crypt);
$crypt = base64_decode($crypt);
$key = $ky;
$td = mcrypt_module_open (MCRYPT_TRIPLEDES, '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$decrypted_data = mdecrypt_generic ($td, $crypt);
mcrypt_generic_deinit ($td);
mcrypt_module_close ($td);
$decrypted_data = pkcs5_unpad($decrypted_data);
$decrypted_data = rtrim($decrypted_data);
return $decrypted_data;
}
function pkcs5_pad($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
function pkcs5_unpad($text)
{
$pad = ord($text{strlen($text)-1});
if ($pad > strlen($text)) return false;
return substr($text, 0, -1 * $pad);
}
function strToHex($string){
$hex = '';
for ($i=0; $i<strlen($string); $i++){
$ord = ord($string[$i]);
$hexCode = dechex($ord);
$hex .= substr('0'.$hexCode, -2);
}
return strToUpper($hex);
}
$userid='123';
$terminalip='';
$mac='ABCDEFGH';
$terminalid=$userid;
$pin='123';
$encToken='testtest';
$encryption\u key=$pin;
$authenticator=rand(09999999)。“$”.$encToken.$”.$userid.$“.$terminalid.$”.$terminalip.$”.$mac.$.“保留”。$.“CTC”;
$desEncryptedData=encrypt($authenticator,$encryption\u key);
echo“加密:
”$desEncryptedData;
回声“
解密
”;
$d=解密($desEncryptedData,$encryption\u key);
echo$d;
回显“
加密十六进制:
”。strothex($desEncryptedData);
echo“
3des验证器:
”$desEncryptedData.“
”;
$req=”
$userid
$desEncryptedData
";
//用于登录的函数
$context=stream\u context\u create(数组('http'=>array(
'方法'=>'发布',
'header'=>“内容类型:text/xml\r\n”,
“内容”=>$req
)));
函数加密($input,$ky)
{
$key=$ky;
$size=mcrypt_get_block_size(mcrypt_TRIPLEDES,'ecb');
$input=pkcs5_焊盘($input,$size);
$td=mcrypt_模块打开(mcrypt_三重模块,“,”ecb“,”;
$iv=mcrypt\u create\u iv(mcrypt\u enc\u get\u iv\u size($td),mcrypt\u RAND);
mcrypt_generic_init($td,$key,$iv);
$data=mcrypt_generic($td$input);
mcrypt_generic_deinit($td);
mcrypt模块关闭($td);
$data=base64_编码($data);
$data=urlencode($data);//把它推出去,这样我就可以检查它是否工作了
返回$data;
}
函数解密($crypt,$ky)
{
$crypt=urldecode($crypt);
$crypt=base64_解码($crypt);
$key=$ky;
$td=mcrypt_模块打开(mcrypt_三重模块,“,”ecb“,”;
$iv=mcrypt\u create\u iv(mcrypt\u enc\u get\u iv\u size($td),mcrypt\u RAND);
mcrypt_generic_init($td,$key,$iv);
$decrypted_data=mdecrypt_generic($td,$crypt);
mcrypt_generic_deinit($td);
mcrypt模块关闭($td);
$decrypted_data=pkcs5_unpad($decrypted_data);
$decrypted_data=rtrim($decrypted_data);
返回$decrypted_数据;
}
函数pkcs5_pad($text,$blocksize)
{
$pad=$blocksize-(strlen($text)%$blocksize);
返回$text.stru repeat(chr($pad),$pad);
}
函数pkcs5_unpad($text)
{
$pad=ord($text{strlen($text)-1});
如果($pad>strlen($text))返回false;
返回substr($text,0,-1*$pad);
}
函数strToHex($string){
$hex='';
对于($i=0;$i是一个复杂的身份验证方案,他们没有提供PHP中的代码示例?不幸的是,没有,当我们调用他们时,我们被引导到一个第三方IT团队,他们根本没有提供任何帮助!没有示例代码或任何东西什么的绝对陷阱。他们的十六进制编码不符合他们自己的规范,他们在ECB中使用3DES模式-使用一个8字节的键,重复3次。因此他们使用E(K,D(K0,E(K0,M)),这显然与E(K,M)相同-换言之,使用单个DES。啊,我明白了…不是我的专业领域…你建议如何使上述工作?有什么想法吗?我不知道要求。使用AES/GCM(正确)ECB模式下不使用单一DES将大大有助于确保对称密码的使用。在没有理由使用字符串的地方不依赖字符串也会有所帮助。如果需要字符串,则使用定义良好的(字符)编码方案。雇佣懂Java的人(例如,知道数组自动初始化为零会很有帮助)。
public class DESUtil
{
private static final String Algorithm = "DESede/ECB/PKCS5Padding";// DESede/ECB/PKCS5Padding;DESede
private static final String DESede = "DESede";
public static byte[] encrypt(byte[] keybyte, byte[] src)
throws NoSuchAlgorithmException, NoSuchPaddingException, Exception
{
SecretKey deskey = new SecretKeySpec(keybyte, DESede);
Cipher c1 = Cipher.getInstance(Algorithm);
c1.init(Cipher.ENCRYPT_MODE, deskey);
return c1.doFinal(src);
}
public static byte[] decrypt(byte[] keybyte, byte[] src)
throws NoSuchAlgorithmException, NoSuchPaddingException, Exception
{
SecretKey deskey = new SecretKeySpec(keybyte, DESede);
Cipher c1 = Cipher.getInstance(Algorithm);
c1.init(Cipher.DECRYPT_MODE, deskey);
return c1.doFinal(src);
}
public static String byte2hex(byte[] b)
{
StringBuffer hs = new StringBuffer();
String stmp = "";
for (int n = 0; n <b.length; n++)
{
stmp = (java.lang.Integer.toHexString(b[n] & 0XFF));
if (stmp.length() == 1)
hs.append("0").append(stmp);
else
hs.append(stmp);
}
return hs.toString().toUpperCase(Locale.getDefault());
}
public static byte[] hex2byte(String hexStr)
{
if (hexStr.length() % 2 != 0)
{
AppLogger.error("hex2bytes's hexStr length is not even.");
return null;
}
byte[] toBytes = new byte[hexStr.length() / 2];
for (int i = 0, j = 0; i <hexStr.length(); j++, i = i + 2)
{
int tmpa = Integer.decode(
"0X" + hexStr.charAt(i) + hexStr.charAt(i + 1)).intValue();
toBytes[j] = (byte) (tmpa & 0XFF);
}
return toBytes;
}
public static void main(String[] args)
{
Security.addProvider(new com.sun.crypto.provider.SunJCE());
final byte[] rawKey = "db90e7eb".getBytes();
final byte[] keyBytes = new byte[24];
for (int i = 0; i <rawKey.length; i++)
{
keyBytes[i] = rawKey[i];
}
for (int i = rawKey.length; i <keyBytes.length; i++)
{
keyBytes[i] = (byte)0;
}
String szSrc = "20926330$AD75B1697FB5EB6345B2D412124030D2$10086$10086$10.164.111$ABCDEFGH$Reserved$CTC";
System.out.println("string before encrypt:" + szSrc);
byte[] encoded = null;
try
{
encoded = encrypt(keyBytes, szSrc.getBytes());
}
catch (Exception e)
{
e.printStackTrace();
}
System.out.println("string after encrypt::" + byte2hex(encoded));
byte[] srcBytes = null;
try
{
srcBytes = decrypt(keyBytes, encoded);
}
catch (Exception e)
{
e.printStackTrace();
}
System.out.println("string before decode: :" + (new String(srcBytes)));
}
}
[retmsg] => 3DES decrypt error second time(0x30), please check epg's encrytMode and acs's encryMode.
$userid = '123';
$terminalip = '';
$mac = 'ABCDEFGH';
$terminalid = $userid;
$pin = '123';
$encToken = 'testtest';
$encryption_key = $pin;
$authenticator = rand(0,99999999).'$'.$encToken.'$'.$userid.'$'.$terminalid.'$'.$terminalip.'$'.$mac.'$'.'Reserved'.'$'.'CTC';
$desEncryptedData = encrypt($authenticator, $encryption_key);
echo "encrypted: <br>".$desEncryptedData;
echo"<br><br><br><b>Decrypt</b><br>";
$d = decrypt($desEncryptedData,$encryption_key);
echo $d;
echo "<BR><BR>encrypted hex: <br>". strToHex($desEncryptedData);
echo "<br><br>3des authenticator: <br>".$desEncryptedData."<br />";
$req = "<?xml version='1.0' encoding='UTF-8'?>
<AuthenticateReq>
<userid>$userid</userid>
<authenticator>$desEncryptedData</authenticator>
</AuthenticateReq>
";
// the functions to use to login
$context = stream_context_create(array('http'=>array(
'method' => 'POST',
'header' => "Content-Type: text/xml\r\n",
'content' => $req
)));
function encrypt($input,$ky)
{
$key = $ky;
$size = mcrypt_get_block_size(MCRYPT_TRIPLEDES, 'ecb');
$input = pkcs5_pad($input, $size);
$td = mcrypt_module_open(MCRYPT_TRIPLEDES, '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$data = mcrypt_generic($td, $input);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
$data = base64_encode($data);
$data = urlencode($data); //push it out so i can check it works
return $data;
}
function decrypt($crypt,$ky)
{
$crypt = urldecode($crypt);
$crypt = base64_decode($crypt);
$key = $ky;
$td = mcrypt_module_open (MCRYPT_TRIPLEDES, '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td, $key, $iv);
$decrypted_data = mdecrypt_generic ($td, $crypt);
mcrypt_generic_deinit ($td);
mcrypt_module_close ($td);
$decrypted_data = pkcs5_unpad($decrypted_data);
$decrypted_data = rtrim($decrypted_data);
return $decrypted_data;
}
function pkcs5_pad($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
function pkcs5_unpad($text)
{
$pad = ord($text{strlen($text)-1});
if ($pad > strlen($text)) return false;
return substr($text, 0, -1 * $pad);
}
function strToHex($string){
$hex = '';
for ($i=0; $i<strlen($string); $i++){
$ord = ord($string[$i]);
$hexCode = dechex($ord);
$hex .= substr('0'.$hexCode, -2);
}
return strToUpper($hex);
}