JAVA使用RC4解密C#的RC4密文问题

最近公司买了wifi探针设备，主要探测用户进出时间以及mac地址

设备通过http post请求发送数据到 配置的服务器上，然后解密数据。

流程： 获取设备post过来的body内容-->判空-->解密（前16位字符串作为key，16位以后的作为内容解密）--->入库

网上随便搜了个RC4 JAVA版本的解密程序，使用。结果一团乱码

网上代码：

package com.powercn.util;public class RC4 {public static String HloveyRC4(String aInput, String aKey) {int[] iS = new int[256];byte[] iK = new byte[256];for (int i = 0; i < 256; i++)iS[i] = i;int j = 1;for (short i = 0; i < 256; i++) {iK[i] = (byte) aKey.charAt((i % aKey.length()));}j = 0;for (int i = 0; i < 255; i++) {j = (j + iS[i] + iK[i]) % 256;int temp = iS[i];iS[i] = iS[j];iS[j] = temp;}int i = 0;j = 0;char[] iInputChar = aInput.toCharArray();char[] iOutputChar = new char[iInputChar.length];for (short x = 0; x < iInputChar.length; x++) {i = (i + 1) % 256;j = (j + iS[i]) % 256;int temp = iS[i];iS[i] = iS[j];iS[j] = temp;int t = (iS[i] + (iS[j] % 256)) % 256;int iY = iS[t];char iCY = (char) iY;iOutputChar[x] = (char) (iInputChar[x] ^ iCY);}return new String(iOutputChar);}public static String decry_RC4(byte[] data, String key) {if (data == null || key == null) {return null;}return asString(RC4Base(data, key));}public static String decry_RC4(String data, String key) {if (data == null || key == null) {return null;}return new String(RC4Base(HexString2Bytes(data), key));}public static byte[] encry_RC4_byte(String data, String key) {if (data == null || key == null) {return null;}byte b_data[] = data.getBytes();return RC4Base(b_data, key);}public static String encry_RC4_string(String data, String key) {if (data == null || key == null) {return null;}return toHexString(asString(encry_RC4_byte(data, key)));}private static String asString(byte[] buf) {StringBuffer strbuf = new StringBuffer(buf.length);for (int i = 0; i < buf.length; i++) {strbuf.append((char) buf[i]);}return strbuf.toString();}private static byte[] initKey(String aKey) {byte[] b_key = aKey.getBytes();byte state[] = new byte[256];for (int i = 0; i < 256; i++) {state[i] = (byte) i;}int index1 = 0;int index2 = 0;if (b_key == null || b_key.length == 0) {return null;}for (int i = 0; i < 256; i++) {index2 = ((b_key[index1] & 0xff) + (state[i] & 0xff) + index2) & 0xff;byte tmp = state[i];state[i] = state[index2];state[index2] = tmp;index1 = (index1 + 1) % b_key.length;}return state;}private static String toHexString(String s) {String str = "";for (int i = 0; i < s.length(); i++) {int ch = (int) s.charAt(i);String s4 = Integer.toHexString(ch & 0xFF);if (s4.length() == 1) {s4 = '0' + s4;}str = str + s4;}return str;// 0x表示十六进制}private static byte[] HexString2Bytes(String src) {int size = src.length();byte[] ret = new byte[size / 2];byte[] tmp = src.getBytes();for (int i = 0; i < size / 2; i++) {ret[i] = uniteBytes(tmp[i * 2], tmp[i * 2 + 1]);}return ret;}private static byte uniteBytes(byte src0, byte src1) {char _b0 = (char) Byte.decode("0x" + new String(new byte[] { src0 })).byteValue();_b0 = (char) (_b0 << 4);char _b1 = (char) Byte.decode("0x" + new String(new byte[] { src1 })).byteValue();byte ret = (byte) (_b0 ^ _b1);return ret;}private static byte[] RC4Base(byte[] input, String mKkey) {int x = 0;int y = 0;byte key[] = initKey(mKkey);int xorIndex;byte[] result = new byte[input.length];for (int i = 0; i < input.length; i++) {x = (x + 1) & 0xff;y = ((key[x] & 0xff) + y) & 0xff;byte tmp = key[x];key[x] = key[y];key[y] = tmp;xorIndex = ((key[x] & 0xff) + (key[y] & 0xff)) & 0xff;result[i] = (byte) (input[i] ^ key[xorIndex]);}return result;}public static void main(String[] args) throws Exception {String inputStr = "Hello World 你好";String str = encry_RC4_string(inputStr, "123456");System.out.println(str);System.out.println(decry_RC4(str, "123456"));// Cipher cipher=Cipher.getInstance("RC4");// String pwd="123456";// String ptext="Hello World 你好";// SecretKeySpec key=new SecretKeySpec(pwd.getBytes("UTF-8"), "RC4");// cipher.init(Cipher.ENCRYPT_MODE, key);// byte[] cdata =cipher.update(ptext.getBytes("UTF-8"));// //解密// cipher.init(Cipher.DECRYPT_MODE, key);// byte[] ddata =cipher.update(cdata);// System.out.println("key: "+pwd);// System.out.println("明文: "+ptext);// System.out.println("密文: "+DatatypeConverter.printHexBinary(cdata));// System.out.println("解密文: "+new String(ddata,"UTF-8"));String str123 = HloveyRC4("Hello World 你好", "123456");System.out.println(str123);String str1234 = HloveyRC4(str123, "123456");System.out.println(str1234);}} 

java接收端解密代码：

request.setCharacterEncoding("UTF-8");br = new BufferedReader(new InputStreamReader(in,"UTF-8"));String line = null;StringBuilder sb = new StringBuilder();while((line = br.readLine())!=null){    sb.append(line);}System.out.println("recive post str: "+sb.toString());if (null !=sb && !StringUtils.isEmpty(sb.toString())) {System.out.println("RC4 decrypt:"+RC4.HloveyRC4(sb.substring(16), sb.substring(0,16)));}

解密结果是一堆乱码

但是通过main方法运行的加密解密都是正常结果

然后找原因，秘钥，需要解密的字符串都是正确的，

怀疑是不是C那边加密程序有问题，

然后google一下，主要是说java这边需要使用byte数组接收，以及截取byte数组的内容key，以及内容解密，因为c那边会把key在body中传输过来放在前16个字符中

java代码如下：

in = request.getInputStream();byte[] getArr = readBytes(in, request.getContentLength());byte[] key = new byte[16];System.arraycopy(getArr, 0, key, 0, key.length);System.out.println("key:"+new String(key));int contentLength = request.getContentLength()-16;byte[] content = new byte[contentLength];System.arraycopy(getArr, 16, content, 0, content.length);System.out.println("content"+new String(content));String result = RC4T2.decry_RC4(content, new String(key));System.out.println("RC4 decrypt:"+result);

解密程序代码如下：

package com.powercn.util;public class RC4T2 {public static String decry_RC4(byte[] data, String key) {if (data == null || key == null) {return null;}return asString(RC4Base(data, key));}public static String decry_RC4(String data, String key) {if (data == null || key == null) {return null;}return new String(RC4Base(HexString2Bytes(data), key));}public static byte[] encry_RC4_byte(String data, String key) {if (data == null || key == null) {return null;}byte b_data[] = data.getBytes();return RC4Base(b_data, key);}public static String encry_RC4_string(String data, String key) {if (data == null || key == null) {return null;}return toHexString(asString(encry_RC4_byte(data, key)));}private static String asString(byte[] buf) {StringBuffer strbuf = new StringBuffer(buf.length);for (int i = 0; i < buf.length; i++) {strbuf.append((char) buf[i]);}return strbuf.toString();}private static byte[] initKey(String aKey) {byte[] b_key = aKey.getBytes();byte state[] = new byte[256];for (int i = 0; i < 256; i++) {state[i] = (byte) i;}int index1 = 0;int index2 = 0;if (b_key == null || b_key.length == 0) {return null;}for (int i = 0; i < 256; i++) {index2 = ((b_key[index1] & 0xff) + (state[i] & 0xff) + index2) & 0xff;byte tmp = state[i];state[i] = state[index2];state[index2] = tmp;index1 = (index1 + 1) % b_key.length;}return state;}private static String toHexString(String s) {String str = "";for (int i = 0; i < s.length(); i++) {int ch = (int) s.charAt(i);String s4 = Integer.toHexString(ch & 0xFF);if (s4.length() == 1) {s4 = '0' + s4;}str = str + s4;}return str;// 0x表示十六进制}private static byte[] HexString2Bytes(String src) {int size = src.length();byte[] ret = new byte[size / 2];byte[] tmp = src.getBytes();for (int i = 0; i < size / 2; i++) {ret[i] = uniteBytes(tmp[i * 2], tmp[i * 2 + 1]);}return ret;}private static byte uniteBytes(byte src0, byte src1) {char _b0 = (char) Byte.decode("0x" + new String(new byte[] { src0 })).byteValue();_b0 = (char) (_b0 << 4);char _b1 = (char) Byte.decode("0x" + new String(new byte[] { src1 })).byteValue();byte ret = (byte) (_b0 ^ _b1);return ret;}private static byte[] RC4Base(byte[] input, String mKkey) {int x = 0;int y = 0;byte key[] = initKey(mKkey);int xorIndex;byte[] result = new byte[input.length];for (int i = 0; i < input.length; i++) {x = (x + 1) & 0xff;y = ((key[x] & 0xff) + y) & 0xff;byte tmp = key[x];key[x] = key[y];key[y] = tmp;xorIndex = ((key[x] & 0xff) + (key[y] & 0xff)) & 0xff;result[i] = (byte) (input[i] ^ key[xorIndex]);}return result;}public static void main(String args[]) {String txt = "你好china";String key = "12srditmgijt";String enc = encry_RC4_string(txt, key);System.out.println(enc);String dec = decry_RC4(enc, key);System.out.println(dec);}}

结果完全解密正确