iTV android与客户端加密交互流程。

来源：互联网发布：深圳市灵沃软件编辑：程序博客网时间：2024/06/06 01:08

itv手机App，充值后台加密流程1、对于一般情况下一个电视账户应该对应有3个手机app账户。2、每一个手机app账户将会对应一个支付随机数，该随机数将会在手机绑定或者是登陆时更新4、在手机支付宝交易成功后，想后台请求加钱的函数具有4个参数。辅助参数为支付随机数 randomNum

a、UserId ：对应的电视账户的uidb、type ：对应的交易成功的类型。现阶段有6个分别为1 ， 2， 3 ，4 ， 5， 6元。c、对应支付宝交易成功的订单号。d、md5效验码、

校验过程是：手机端，实际参数 sParam 先和随机数组合为新的字符串值A,将值A进行md5加密，作为第二个参数。值A进行DES加密作为第一个参数。
后台：捕获参数后，客户端拼凑的DES加密值A 解密获得值B，在进行MD5加密，比对参数中的md5值，从而整个流程上面完成校验工作

C# MD5代码

 public static string MD5(string encryptString)        {            byte[] result = Encoding.Default.GetBytes(encryptString);            MD5 md5 = new MD5CryptoServiceProvider();            byte[] output = md5.ComputeHash(result);            string encryptResult = BitConverter.ToString(output).Replace("-", "");            return encryptResult;        }

java MD5代码

private static final char HEX_DIGITS[] = { '0', '1', '2', '3', '4', '5','6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };public static String getMd5Code(String localPath) throws Exception {MessageDigest md5 = null;md5 = MessageDigest.getInstance("MD5");md5.update(localPath.getBytes());return toHexString(md5.digest());}private static String toHexString(byte[] b) {StringBuilder sb = new StringBuilder(b.length * 2);for (int i = 0; i < b.length; i++) {sb.append(HEX_DIGITS[(b[i] & 0xf0) >>> 4]);sb.append(HEX_DIGITS[b[i] & 0x0f]);}return sb.toString();}

C# DES加密密钥12345678

using System;using System.Collections.Generic;using System.Linq;using System.Text;using System.Collections.Generic;using System.ComponentModel;using System.Data;using System.Text;using System.Security.Cryptography;//加密部分using System.IO;namespace ConsoleApplication1{    class Program    {        static void Main(string[] args)        {            Console.WriteLine(EncryptDES("price1", "12345678"));            Console.WriteLine(EncryptDES("price5", "12345678"));            Console.WriteLine(EncryptDES("price10", "12345678"));            Console.WriteLine(EncryptDES("price20", "12345678"));            Console.WriteLine(EncryptDES("price50", "12345678"));            Console.WriteLine(EncryptDES("price100", "12345678"));            Console.ReadLine();        }        private static byte[] Keys = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };        public static string DecryptDES(string decryptString, string decryptKey)        {            try            {                byte[] rgbKey = Encoding.UTF8.GetBytes(decryptKey);                byte[] rgbIV = System.Text.Encoding.Default.GetBytes("12345678"); ;                byte[] inputByteArray = Convert.FromBase64String(decryptString);                DESCryptoServiceProvider DCSP = new DESCryptoServiceProvider();                MemoryStream mStream = new MemoryStream();                CryptoStream cStream = new CryptoStream(mStream, DCSP.CreateDecryptor(rgbKey, rgbIV), CryptoStreamMode.Write);                cStream.Write(inputByteArray, 0, inputByteArray.Length);                cStream.FlushFinalBlock();                return Encoding.UTF8.GetString(mStream.ToArray());            }            catch            {                return decryptString;            }        }        public static string EncryptDES(string encryptString, string encryptKey)        {            try            {                byte[] rgbKey = Encoding.UTF8.GetBytes(encryptKey.Substring(0, 8));                byte[] rgbIV = System.Text.Encoding.Default.GetBytes("12345678");                byte[] inputByteArray = Encoding.UTF8.GetBytes(encryptString);                DESCryptoServiceProvider dCSP = new DESCryptoServiceProvider();                MemoryStream mStream = new MemoryStream();                CryptoStream cStream = new CryptoStream(mStream, dCSP.CreateEncryptor(rgbKey, rgbIV), CryptoStreamMode.Write);                cStream.Write(inputByteArray, 0, inputByteArray.Length);                cStream.FlushFinalBlock();                return Convert.ToBase64String(mStream.ToArray());            }            catch            {                return encryptString;            }        }    }}

java DES加密

 public static String encode(String key,byte[] data) throws Exception      {          try          {              DESKeySpec dks = new DESKeySpec(key.getBytes());                            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");              //key的长度不能够小于8位字节               Key secretKey = keyFactory.generateSecret(dks);              Cipher cipher = Cipher.getInstance(ALGORITHM_DES);              IvParameterSpec iv = new IvParameterSpec("12345678".getBytes());              AlgorithmParameterSpec paramSpec = iv;              cipher.init(Cipher.ENCRYPT_MODE, secretKey,paramSpec);                            byte[] bytes = cipher.doFinal(data);                            return Base64.encode(bytes);          } catch (Exception e)          {              throw new Exception(e);          }      }        /**      * DES算法，解密      *      * @param data 待解密字符串      * @param key  解密私钥，长度不能够小于8位      * @return 解密后的字节数组      * @throws Exception 异常      */      public static byte[] decode(String key,byte[] data) throws Exception      {          try          {              SecureRandom sr = new SecureRandom();              DESKeySpec dks = new DESKeySpec(key.getBytes());              SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");              //key的长度不能够小于8位字节               Key secretKey = keyFactory.generateSecret(dks);              Cipher cipher = Cipher.getInstance(ALGORITHM_DES);              IvParameterSpec iv = new IvParameterSpec("12345678".getBytes());              AlgorithmParameterSpec paramSpec = iv;              cipher.init(Cipher.DECRYPT_MODE, secretKey,paramSpec);              return cipher.doFinal(data);          } catch (Exception e)          {              throw new Exception(e);          }      }            /**      * 获取编码后的值      * @param key      * @param data      * @return      * @throws Exception      */      public static String decodeValue(String key,String data)       {          byte[] datas;          String value = null;          try {              if(System.getProperty("os.name") != null && (System.getProperty("os.name").equalsIgnoreCase("sunos") || System.getProperty("os.name").equalsIgnoreCase("linux")))              {                  datas = decode(key, Base64.decode(data));              }              else              {                  datas = decode(key, Base64.decode(data));              }                            value = new String(datas);          } catch (Exception e) {              value = "";          }          return value;      }

辅助类Base64.java

/* * Copyright (C) 2010 The MobileSecurePay Project * All right reserved. * author: shiqun.shi@alipay.com */public final class Base64 {static private final int BASELENGTH = 128;static private final int LOOKUPLENGTH = 64;static private final int TWENTYFOURBITGROUP = 24;static private final int EIGHTBIT = 8;static private final int SIXTEENBIT = 16;static private final int FOURBYTE = 4;static private final int SIGN = -128;static private final char PAD = '=';static private final boolean fDebug = false;static final private byte[] base64Alphabet = new byte[BASELENGTH];static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH];static {for (int i = 0; i < BASELENGTH; ++i) {base64Alphabet[i] = -1;}for (int i = 'Z'; i >= 'A'; i--) {base64Alphabet[i] = (byte) (i - 'A');}for (int i = 'z'; i >= 'a'; i--) {base64Alphabet[i] = (byte) (i - 'a' + 26);}for (int i = '9'; i >= '0'; i--) {base64Alphabet[i] = (byte) (i - '0' + 52);}base64Alphabet['+'] = 62;base64Alphabet['/'] = 63;for (int i = 0; i <= 25; i++) {lookUpBase64Alphabet[i] = (char) ('A' + i);}for (int i = 26, j = 0; i <= 51; i++, j++) {lookUpBase64Alphabet[i] = (char) ('a' + j);}for (int i = 52, j = 0; i <= 61; i++, j++) {lookUpBase64Alphabet[i] = (char) ('0' + j);}lookUpBase64Alphabet[62] = (char) '+';lookUpBase64Alphabet[63] = (char) '/';}private static boolean isWhiteSpace(char octect) {return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);}private static boolean isPad(char octect) {return (octect == PAD);}private static boolean isData(char octect) {return (octect < BASELENGTH && base64Alphabet[octect] != -1);}/** * Encodes hex octects into Base64 *  * @param binaryData *            Array containing binaryData * @return Encoded Base64 array */public static String encode(byte[] binaryData) {if (binaryData == null) {return null;}int lengthDataBits = binaryData.length * EIGHTBIT;if (lengthDataBits == 0) {return "";}int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP;int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP;int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1: numberTriplets;char encodedData[] = null;encodedData = new char[numberQuartet * 4];byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;int encodedIndex = 0;int dataIndex = 0;if (fDebug) {System.out.println("number of triplets = " + numberTriplets);}for (int i = 0; i < numberTriplets; i++) {b1 = binaryData[dataIndex++];b2 = binaryData[dataIndex++];b3 = binaryData[dataIndex++];if (fDebug) {System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3);}l = (byte) (b2 & 0x0f);k = (byte) (b1 & 0x03);byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2): (byte) ((b1) >> 2 ^ 0xc0);byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4): (byte) ((b2) >> 4 ^ 0xf0);byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6): (byte) ((b3) >> 6 ^ 0xfc);if (fDebug) {System.out.println("val2 = " + val2);System.out.println("k4   = " + (k << 4));System.out.println("vak  = " + (val2 | (k << 4)));}encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];}// form integral number of 6-bit groupsif (fewerThan24bits == EIGHTBIT) {b1 = binaryData[dataIndex];k = (byte) (b1 & 0x03);if (fDebug) {System.out.println("b1=" + b1);System.out.println("b1<<2 = " + (b1 >> 2));}byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2): (byte) ((b1) >> 2 ^ 0xc0);encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];encodedData[encodedIndex++] = PAD;encodedData[encodedIndex++] = PAD;} else if (fewerThan24bits == SIXTEENBIT) {b1 = binaryData[dataIndex];b2 = binaryData[dataIndex + 1];l = (byte) (b2 & 0x0f);k = (byte) (b1 & 0x03);byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2): (byte) ((b1) >> 2 ^ 0xc0);byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4): (byte) ((b2) >> 4 ^ 0xf0);encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];encodedData[encodedIndex++] = PAD;}return new String(encodedData);}/** * Decodes Base64 data into octects *  * @param encoded *            string containing Base64 data * @return Array containind decoded data. */public static byte[] decode(String encoded) {if (encoded == null) {return null;}char[] base64Data = encoded.toCharArray();// remove white spacesint len = removeWhiteSpace(base64Data);if (len % FOURBYTE != 0) {return null;// should be divisible by four}int numberQuadruple = (len / FOURBYTE);if (numberQuadruple == 0) {return new byte[0];}byte decodedData[] = null;byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;char d1 = 0, d2 = 0, d3 = 0, d4 = 0;int i = 0;int encodedIndex = 0;int dataIndex = 0;decodedData = new byte[(numberQuadruple) * 3];for (; i < numberQuadruple - 1; i++) {if (!isData((d1 = base64Data[dataIndex++]))|| !isData((d2 = base64Data[dataIndex++]))|| !isData((d3 = base64Data[dataIndex++]))|| !isData((d4 = base64Data[dataIndex++]))) {return null;}// if found "no data" just return nullb1 = base64Alphabet[d1];b2 = base64Alphabet[d2];b3 = base64Alphabet[d3];b4 = base64Alphabet[d4];decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);}if (!isData((d1 = base64Data[dataIndex++]))|| !isData((d2 = base64Data[dataIndex++]))) {return null;// if found "no data" just return null}b1 = base64Alphabet[d1];b2 = base64Alphabet[d2];d3 = base64Data[dataIndex++];d4 = base64Data[dataIndex++];if (!isData((d3)) || !isData((d4))) {// Check if they are PAD charactersif (isPad(d3) && isPad(d4)) {if ((b2 & 0xf) != 0)// last 4 bits should be zero{return null;}byte[] tmp = new byte[i * 3 + 1];System.arraycopy(decodedData, 0, tmp, 0, i * 3);tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);return tmp;} else if (!isPad(d3) && isPad(d4)) {b3 = base64Alphabet[d3];if ((b3 & 0x3) != 0)// last 2 bits should be zero{return null;}byte[] tmp = new byte[i * 3 + 2];System.arraycopy(decodedData, 0, tmp, 0, i * 3);tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));return tmp;} else {return null;}} else { // No PAD e.g 3cQlb3 = base64Alphabet[d3];b4 = base64Alphabet[d4];decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);}return decodedData;}/** * remove WhiteSpace from MIME containing encoded Base64 data. *  * @param data *            the byte array of base64 data (with WS) * @return the new length */private static int removeWhiteSpace(char[] data) {if (data == null) {return 0;}// count characters that's not whitespaceint newSize = 0;int len = data.length;for (int i = 0; i < len; i++) {if (!isWhiteSpace(data[i])) {data[newSize++] = data[i];}}return newSize;}}

如果有问题请指正，还有很多漏洞需要补齐。

0 0