参考:http://www.cnblogs.com/chnking/archive/2007/08/14/855600.html
参考:http://blog.csdn.net/change_from_now/article/details/51705934
参考:http://www.cnblogs.com/pengze0902/p/6268709.html
对称加密,是一种比较传统的加密方式,其加密运算、解密运算使用的是同样的密钥,信息的发送者和信息的接收者在进行信息的传输与处理时,必须共同持有该密码(称为对称密码)。因此,通信双方都必须获得这把钥匙,并保持钥匙的秘密。
单钥密码系统的安全性依赖于以下两个因素:
第一、加密算法必须是足够强的,仅仅基于密文本身去解密信息在实践上是不可能的。
第二、加密方法的安全性依赖于密钥的秘密性,而不是算法的秘密性,因此,我们没有必要确保算法的秘密性(事实上,现实中使用的很多单钥密码系统的算法都是公开的),但是我们一定要保证密钥的秘密性。
DES(Data Encryption Standard)和TripleDES是对称加密的两种实现。
DES和TripleDES基本算法一致,只是TripleDES算法提供的key位数更多,加密可靠性更高。
DES使用的密钥key为8字节,初始向量IV也是8字节。
TripleDES使用24字节的key,初始向量IV也是8字节。
两种算法都是以8字节为一个块进行加密,一个数据块一个数据块的加密,一个8字节的明文加密后的密文也是8字节。如果明文长度不为8字节的整数倍,添加值为0的字节凑满8字节整数倍。所以加密后的密文长度一定为8字节的整数倍。
TripleDES加密:
/// <summary> /// TripleDES 加密 /// </summary> /// <param name="toEncrypt"></param> /// <param name="privateKey"></param> /// <returns></returns> private static string DesEncrypt(string toEncrypt, string key) { var toEncryptArray = Encoding.UTF8.GetBytes(toEncrypt); var keyArray = Convert.FromBase64String(key); TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider { Key = keyArray, Mode = CipherMode.ECB, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = tdes.CreateEncryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); tdes.Clear(); return Convert.ToBase64String(resultArray, 0, resultArray.Length);
}
TripleDES解密:
/// <summary> /// TripleDES解密 /// </summary> /// <param name="toDecrypt"></param> /// <param name="privateKey"></param> /// <returns></returns> public static string DesDecrypt(string toDecrypt, string key) { try { //先base64解密 因为加密的时候最后走了一道base64加密 var enBytes = Convert.FromBase64String(toDecrypt); var keyArray = Convert.FromBase64String(key); TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider { Key = keyArray, Mode = CipherMode.ECB, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = tdes.CreateDecryptor(); byte[] resultArray = cTransform.TransformFinalBlock(enBytes, 0, enBytes.Length); tdes.Clear(); return Encoding.UTF8.GetString(resultArray); } catch { return ""; } }
c#具体实现如下:
using System; using System.Security.Cryptography; using System.Text; namespace TripleDes { class Program { static void Main(string[] args) { //加密的字符串 string source = "Happy Father's Day!"; //用来加密的key 但是最终用在des加密的key //是这个key的 md5 hash string sourceKey = "home"; //获取原始key值的 md5 hash byte[] keyBytes = GetKeyMd5Hash(sourceKey); string encryptedStr = DesEncrypt(source, keyBytes); Console.WriteLine("encrypted string: "+ encryptedStr); string decryptedStr = DesDecrypt(encryptedStr, keyBytes); Console.WriteLine("Decrypted String: " + decryptedStr); Console.ReadKey(); } /// <summary> /// 获取加密key的 md5 hash,最终DES加密的时候使用这个hash值 /// </summary> /// <param name="key">原始key值</param> /// <returns></returns> public static byte[] GetKeyMd5Hash(string key) { MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider(); byte[] keyBytes = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(key)); hashmd5.Clear(); return keyBytes; } /// <summary> /// TripleDES 加密 /// </summary> /// <param name="toEncrypt"></param> /// <param name="privateKey"></param> /// <returns></returns> public static string DesEncrypt(string toEncrypt, byte[] privateKey) { byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt); TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider { Key = privateKey, Mode = CipherMode.ECB, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = tdes.CreateEncryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); tdes.Clear(); return Convert.ToBase64String(resultArray, 0, resultArray.Length); } /// <summary> /// TripleDES解密 /// </summary> /// <param name="toDecrypt"></param> /// <param name="privateKey"></param> /// <returns></returns> public static string DesDecrypt(string toDecrypt, byte[] privateKey) { //先base64解密 因为加密的时候最后走了一道base64加密 byte[] enBytes = Convert.FromBase64String(toDecrypt); TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider { Key = privateKey, Mode = CipherMode.ECB, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = tdes.CreateDecryptor(); byte[] resultArray = cTransform.TransformFinalBlock(enBytes, 0, enBytes.Length); tdes.Clear(); return Encoding.UTF8.GetString(resultArray); } } }
PHP实现如下:
<?php /* TripleDES加密 */ function DesEncrypt($data) { //Pad for PKCS7 $blockSize = mcrypt_get_block_size('tripledes', 'ecb'); $len = strlen($data); $pad = $blockSize - ($len % $blockSize); $data .= str_repeat(chr($pad), $pad); $key = "home"; $key = md5($key,TRUE); $key .= substr($key,0,8); //comment this if you use 168 bits long key //Encrypt data $encData = mcrypt_encrypt('tripledes', $key, $data, 'ecb'); return base64_encode($encData); } /* TripleDES解密 */ function DesDecrypt($data) { $key = "home"; $key = md5($key, TRUE); $key .= substr($key, 0, 8); //Decrypt data $fromBase64Str = base64_decode($data); $decData = mcrypt_decrypt('tripledes', $key, $fromBase64Str, 'ecb'); return $decData; } /* 测试 */ $encryptStr = DesEncrypt("Happy Father's Day!"); echo "encrypted string: $encryptStr</br>"; $decryptStr = DesDecrypt($encryptStr); echo "decrypted string: $decryptStr"; ?>
js加密:
function desEncrypt(str, key){ key = CryptoJS.enc.Base64.parse(key); // Triple DES 加密 var encrypted = CryptoJS.TripleDES.encrypt(str, key, { mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7 }); // 转换为字符串 return encrypted = encrypted.toString(); }