基礎才是重中之重~BouncyCastle實現的DES3加密~java通用

• 2020 年 12 月 28 日
• 筆記
• JAVA

對於BouncyCastle類庫（包）來說，他提供了很多加密演算法，在與.net和java進行相互加解密過程中，得到了不錯的應用，本文以DES3為例，來說一下DES3加解密的過程。

加密過程

• 明文字元轉為byte數組
• 對密鑰進行處理，處理後一般為16或者24位元組
• 對明文進行DES3加密，生成密文的byte數組
• 對密文byte數組進行base64的編碼

解密過程

• 對密文byte數組進行base64的解碼
• 對密鑰進行處理，處理後一般為16或者24位元組
• 對解碼後的byte數組進行DES3解密
• 對解密之後的byte數組進行Encoding.UTF8.GetString方法的調用生成明文字元串

原碼

    /// <summary>
    /// DES3加密
    /// //www.go4expert.com/articles/bouncy-castle-net-implementation-triple-t24829/
    /// </summary>
    public class BouncyCastleHelper
    {
        static IBlockCipher engine = new DesEngine();

        /// <summary>
        /// 生成一個16位的key.
        /// </summary>
        /// <returns></returns>
        public string GenerateDES3Key()
        {
            CipherKeyGenerator cipherKeyGenerator = new CipherKeyGenerator();
            cipherKeyGenerator.Init(new KeyGenerationParameters(new SecureRandom(), 192));
            //192 specifies the size of key in bits i.e 24 bytes 
            var keyDES3 = cipherKeyGenerator.GenerateKey();
            BigInteger bigInteger = new BigInteger(keyDES3);
            return bigInteger.ToString(16);
        }

        /// <summary>
        /// 做一個16位的md5加密，防止被其它人解析.
        /// </summary>
        /// <param name="Source"></param>
        /// <returns></returns>
        static byte[] GetMd5Digest(string Source)
        {
            var msgBytes = Encoding.UTF8.GetBytes(Source);
            var md5Digest = new MD5Digest();
            md5Digest.BlockUpdate(msgBytes, 0, msgBytes.Length);
            byte[] result = new byte[md5Digest.GetDigestSize()];
            md5Digest.DoFinal(result, 0);
            return result;
        }

        /// <summary>
        /// 使用DES3加密
        /// </summary>
        /// <param name="plainText">需要加密的字元串</param>
        /// <param name="keys">加密字元串的密鑰</param>
        /// <returns>加密後的字元串</returns>
        public static string Encrypt(string plainText, string keys)
        {
            byte[] ptBytes = Encoding.UTF8.GetBytes(plainText);
            byte[] rv = Encrypt(ptBytes, keys);
            // 密文轉為base64字元串 
            return Convert.ToBase64String(rv);
        }

        static byte[] Encrypt(byte[] ptBytes, string keys)
        {

            byte[] key = GetMd5Digest(keys);
            BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new DesEdeEngine());
            cipher.Init(true, new KeyParameter(key));
            byte[] rv = new byte[cipher.GetOutputSize(ptBytes.Length)];
            int tam = cipher.ProcessBytes(ptBytes, 0, ptBytes.Length, rv, 0);
            cipher.DoFinal(rv, tam);
            return rv;
        }

        /// <summary>
        /// 使用DES3解密
        /// </summary>
        /// <param name="cipherText">需要加密的字元串</param>
        /// <param name="keys">加密字元串的密鑰</param>
        /// <returns>解密後的字元串</returns>
        public static string Decrypt(string cipherText, string keys)
        {
            // 把密文進行base64的解碼
            byte[] base64StringBytes = Convert.FromBase64String(cipherText);
            var rv = Decrypt(base64StringBytes, keys);
            // 字元數組轉為明文字元串
            return Encoding.UTF8.GetString(rv, 0, rv.Length);
        }

        static byte[] Decrypt(byte[] cipherText, string keys)
        {
            byte[] key = GetMd5Digest(keys);
            BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new DesEdeEngine());
            cipher.Init(false, new KeyParameter(key));
            byte[] comparisonBytes = new byte[cipher.GetOutputSize(cipherText.Length)];
            int length = cipher.ProcessBytes(cipherText, comparisonBytes, 0);
            cipher.DoFinal(comparisonBytes, length); //Do the final block
            return comparisonBytes;
        }
    }

調用

string result = BouncyCastleHelper.Encrypt("hello", "abc123");
Console.WriteLine("hello=" + result);
Console.WriteLine("plainText=" + BouncyCastleHelper.Decrypt(result, "abc123"));

結果