昨天做项目的时候,遇到了c++通讯发送加密数据c#解密出错问题。
因为有很多选项,特地做了个对比,研究了其中的一些参数
DES
要注意的项目:
1.密钥 Key、IV
两个密钥都是8字节
2.模式 ECB、CBC
在ECB模式下,只用key;在CBC模式下,同时使用key和IV
3.字节填充模式 非8倍数字节数、8倍数字节数
C# DES { //输入 byte[] INPUT_buffer____ = { 0x31, }; //ECB byte[] ECB_PKCS7_____ = { 0xD6, 0x98, 0x32, 0xA0, 0x62, 0x9A, 0xB7, 0x0F, }; byte[] ECB_Zeros_____ = { 0xB6, 0x61, 0x3E, 0xE6, 0x93, 0x8B, 0x45, 0x71, };// 填充Zero√ byte[] ECB_ANSIX923__ = { 0x7C, 0xB0, 0xEE, 0xE6, 0xD1, 0x3C, 0xC7, 0x88, }; byte[] ECB_ISO10126__ = { 0x0A, 0x22, 0x65, 0xE4, 0x2E, 0xB3, 0xBC, 0x34, }; //CBC byte[] CBC_PKCS7_____ = { 0x3C, 0x77, 0x8E, 0xD4, 0x82, 0xA6, 0x66, 0x36, }; byte[] CBC_Zeros_____ = { 0x40, 0x9D, 0xA7, 0xE5, 0x0D, 0xDF, 0x61, 0x7E, };// 填充Zero√ byte[] CBC_ANSIX923__ = { 0x41, 0x91, 0x0C, 0xCE, 0xC4, 0x41, 0x77, 0xFF, }; byte[] CBC_ISO10126__ = { 0x5C, 0x9C, 0xA9, 0xD6, 0x65, 0x23, 0x5E, 0x39, }; } C# DES { //输入 byte[] INPUT_buffer____ = { 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, }; //ECB byte[] ECB_PKCS7_____ = { 0x74, 0xA5, 0x81, 0x53, 0x4A, 0x4B, 0xF8, 0xB1, 0x89, 0xF4, 0xD1, 0xBA, 0x96, 0x97, 0x9A, 0xD0, }; byte[] ECB_Zeros_____ = { 0x74, 0xA5, 0x81, 0x53, 0x4A, 0x4B, 0xF8, 0xB1, };// 填充Zero√ byte[] ECB_ANSIX923__ = { 0x74, 0xA5, 0x81, 0x53, 0x4A, 0x4B, 0xF8, 0xB1, 0x24, 0xC8, 0x74, 0xB9, 0x6D, 0x5C, 0x9E, 0x13, }; byte[] ECB_ISO10126__ = { 0x74, 0xA5, 0x81, 0x53, 0x4A, 0x4B, 0xF8, 0xB1, 0xAC, 0xB2, 0x70, 0x9C, 0xDC, 0xB5, 0x2C, 0x03, }; //CBC byte[] CBC_PKCS7_____ = { 0x6B, 0x0E, 0xC8, 0x18, 0x33, 0xE5, 0xE6, 0xA7, 0x70, 0xF9, 0x31, 0x8D, 0xDF, 0x6C, 0x6A, 0x86, }; byte[] CBC_Zeros_____ = { 0x6B, 0x0E, 0xC8, 0x18, 0x33, 0xE5, 0xE6, 0xA7, };// 填充Zero√ byte[] CBC_ANSIX923__ = { 0x6B, 0x0E, 0xC8, 0x18, 0x33, 0xE5, 0xE6, 0xA7, 0x28, 0xA0, 0xBC, 0x4A, 0x5A, 0x28, 0x41, 0xB8, }; byte[] CBC_ISO10126__ = { 0x6B, 0x0E, 0xC8, 0x18, 0x33, 0xE5, 0xE6, 0xA7, 0xD5, 0xF9, 0x47, 0xDD, 0xF3, 0xCE, 0x7D, 0xC2, }; } 2017-10-19 22:59:33,455 - 461560 [DEBUG] : ECB : PAD_ISO_1 2017-10-19 22:59:33,456 - 461560 [DEBUG] : B6613EE6938B45710000000000000000 2017-10-19 22:59:33,457 - 461560 [DEBUG] : ECB : PAD_ISO_2 2017-10-19 22:59:33,457 - 461560 [DEBUG] : B6613EE6938B45710000000000000000 2017-10-19 22:59:33,458 - 461560 [DEBUG] : ECB : PAD_PKCS_7 2017-10-19 22:59:33,458 - 461560 [DEBUG] : B6613EE6938B45710000000000000000 // 填充Zero√ 2017-10-19 22:59:33,459 - 461560 [DEBUG] : CBC : PAD_ISO_1 2017-10-19 22:59:33,460 - 461560 [DEBUG] : 409DA7E50DDF617E0000000000000000 2017-10-19 22:59:33,460 - 461560 [DEBUG] : CBC : PAD_ISO_2 2017-10-19 22:59:33,461 - 461560 [DEBUG] : 409DA7E50DDF617E0000000000000000 2017-10-19 22:59:33,462 - 461560 [DEBUG] : CBC : PAD_PKCS_7 2017-10-19 22:59:33,462 - 461560 [DEBUG] : 409DA7E50DDF617E0000000000000000 // 填充Zero√ 2017-10-19 23:01:30,977 - 464436 [DEBUG] : ECB : PAD_ISO_1 2017-10-19 23:01:30,979 - 464436 [DEBUG] : 74A581534A4BF8B10000000000000000 2017-10-19 23:01:30,980 - 464436 [DEBUG] : ECB : PAD_ISO_2 2017-10-19 23:01:30,981 - 464436 [DEBUG] : 74A581534A4BF8B10000000000000000 2017-10-19 23:01:30,982 - 464436 [DEBUG] : ECB : PAD_PKCS_7 2017-10-19 23:01:30,983 - 464436 [DEBUG] : 74A581534A4BF8B10000000000000000 // 填充Zero√ 2017-10-19 23:01:30,988 - 464436 [DEBUG] : CBC : PAD_ISO_1 2017-10-19 23:01:30,989 - 464436 [DEBUG] : 6B0EC81833E5E6A70000000000000000 2017-10-19 23:01:30,990 - 464436 [DEBUG] : CBC : PAD_ISO_2 2017-10-19 23:01:30,990 - 464436 [DEBUG] : 6B0EC81833E5E6A70000000000000000 2017-10-19 23:01:30,991 - 464436 [DEBUG] : CBC : PAD_PKCS_7 2017-10-19 23:01:30,992 - 464436 [DEBUG] : 6B0EC81833E5E6A70000000000000000 // 填充Zero√ 长度不足应该补充 00 ,并且只有不满足8倍数字节的时候才补充字节
不同的填充模式,对于输出的结果最后一组数据会有很大不同。
譬如:
金融DES:在末尾填充“8000...”
PKCS #7: 填充字符串由一个字节序列组成,每个字节填充该字节序列的长度。
Zeros :填充字符串由设置为零的字节组成。
ANSIX923: 填充字符串由一个字节序列组成,此字节序列的最后一个字节填充字节序列的长度,其余字节均填充数字零。
ISO10126: 填充字符串由一个字节序列组成,此字节序列的最后一个字节填充字节序列的长度,其余字节填充随机数据。
代码中C++库,对于其他填充模式支持不好,默认设置为 PAD_PKCS_7,并表现出跟C# Zero填充一样的效果
下面贴出代码示例
c#代码
private byte[] Encrypt(byte[] inputByteArray, string sKey) { DESCryptoServiceProvider des = new DESCryptoServiceProvider(); //建立加密对象的密钥和偏移量 //原文使用ASCIIEncoding.ASCII方法的GetBytes方法 //使得输入密码必须输入英文文本 des.Mode = CipherMode.CBC; des.Padding = PaddingMode.Zeros; des.Key = ASCIIEncoding.ASCII.GetBytes(sKey); des.IV = ASCIIEncoding.ASCII.GetBytes(sKey); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write); //Write the byte array into the crypto stream //(It will end up in the memory stream) cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //Get the data back from the memory stream byte[] result = ms.ToArray(); return result; } //解密方法 private byte[] Decrypt(byte[] inputByteArray, string sKey) { DESCryptoServiceProvider des = new DESCryptoServiceProvider(); //建立加密对象的密钥和偏移量,此值重要,不能修改 des.Mode = CipherMode.CBC; des.Padding = PaddingMode.Zeros; des.Key = ASCIIEncoding.ASCII.GetBytes(sKey); des.IV = ASCIIEncoding.ASCII.GetBytes(sKey); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write); //Flush the data through the crypto stream into the memory stream cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //Get the data back from the memory stream byte[] result = ms.ToArray(); return result; }
c#demo
byte[] buffer = { 0x02, 0xDF, 0xD1, 0x9F, 0x23, 0xC9, 0x29, 0xA7, 0x3B, 0xB9, 0x92, 0xED, 0x2A, 0xB2, 0x47, 0x03, 0x7E, 0x6F, 0x27, 0x92, 0x0E, 0xDB, 0x17, 0xB2, 0x53, 0x2C, 0x48, 0x38, 0x61, 0x8E, 0x2E, 0xB2, 0xD2, 0xB7, 0xCA, 0x4F, 0x7D, 0xCE, 0x0F, 0xA4, 0xD7, 0x06, 0xA7, 0x29 }; byte[] minwen = Decrypt(buffer, "password");
c++ 代码
来源于[邹德强代码]
#ifndef CDES_H_CAESAR__DEF #define CDES_H_CAESAR__DEF /*! /Brief CDES类说明 * * 该类是DES和3DES算法类 */ class Des { public: Des(); virtual ~Des(); //加密解密 enum { ENCRYPT = 0, //! 加密 DECRYPT, //! 解密 }; //DES算法的模式 enum { ECB = 0, //! ECB模式 CBC //! CBC模式 }; typedef bool (*PSubKey)[16][48]; //Pad填充的模式 enum { PAD_ISO_1 = 0, //! ISO_1填充:数据长度不足8比特的倍数,以0x00补足,如果为8比特的倍数,补8个0x00 PAD_ISO_2, //! ISO_2填充:数据长度不足8比特的倍数,以0x80,0x00..补足,如果为8比特的倍数,补0x80,0x00..0x00 PAD_PKCS_7 //! PKCS7填充:数据长度除8余数为n,以(8-n)补足为8的倍数 }; /* /Brief 补足8位数据 * * Description: 根据协议对加密前的数据进行填充 * @param nType :类型:PAD类型 * @param In :数据串指针 * @param Out :填充输出串指针 * @param datalen :数据的长度 * @param padlen :(in,out)输出buffer的长度,填充后的长度 * @return true--成功;false--失败; */ static bool RunPad(int nType,const char* In, unsigned datalen,char* Out,unsigned& padlen); /* /Brief 执行DES算法对文本加解密 * * Description :执行DES算法对文本加解密 * @param bType : 类型:加密ENCRYPT,解密DECRYPT * @param bMode : 模式:ECB,CBC * @param In :待加密串指针 * @param Out :待输出串指针 * @param datalen :待加密串的长度,同时Out的缓冲区大小应大于或者等于datalen * @param Key :密钥(可为8位,16位,24位)支持3密钥 * @param keylen : 密钥长度,多出24位部分将被自动裁减 * @return true--成功;false--失败; */ static bool RunDes(bool bType,int bMode,const char* In, char* Out,unsigned datalen,const char* Key,unsigned keylen,const char* IV = 0,unsigned IVlen = 0) ; protected: //计算并填充子密钥到SubKey数据中 static void SetSubKey(PSubKey pSubKey, const char Key[8]); //DES单元运算 static void DES(char Out[8], const char In[8], const PSubKey pSubKey, bool Type); }; #endif//CDES_H_CAESAR__DEF
// DES.cpp: implementation of the CDES class. // ////////////////////////////////////////////////////////////////////// #include "DES.h" #include "memory.h" #include <iostream> using namespace std; //////////////////////////////////////////////////////////////////////// // initial permutation IP const char IP_Table[64] = { 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 }; // final permutation IP^-1 const char IPR_Table[64] = { 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27, 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25 }; // expansion operation matrix const char E_Table[48] = { 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9, 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17, 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25, 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1 }; // 32-bit permutation function P used on the output of the S-boxes const char P_Table[32] = { 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25 }; // permuted choice table (key) const char PC1_Table[56] = { 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 }; // permuted choice key (table) const char PC2_Table[48] = { 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32 }; // number left rotations of pc1 const char LOOP_Table[16] = { 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1 }; // The (in)famous S-boxes const char S_Box[8][4][16] = { // S1 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13, // S2 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9, // S3 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12, // S4 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14, // S5 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3, // S6 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13, // S7 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12, // S8 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 }; Des::Des() { } Des::~Des() { } /*******************************************************************/ /* 函 数 名 称: ByteToBit 功 能 描 述: 把BYTE转化为Bit流 参 数 说 明: Out: 输出的Bit流[in][out] In: 输入的BYTE流[in] bits: Bit流的长度[in] 返回值 说明: void 作 者: 邹德强 更 新 日 期: 2003.12.19 /*******************************************************************/ static void ByteToBit(bool *Out, const char *In, int bits) { for(int i=0; i<bits; ++i) Out[i] = (In[i>>3]>>(7 - i&7)) & 1; } /*******************************************************************/ /* 函 数 名 称: BitToByte 功 能 描 述: 把Bit转化为Byte流 参 数 说 明: Out: 输出的BYTE流[in][out] In: 输入的Bit流[in] bits: Bit流的长度[in] 返回值 说明: void 作 者: 邹德强 更 新 日 期: 2003.12.19 /*******************************************************************/ static void BitToByte(char *Out, const bool *In, int bits) { memset(Out, 0, bits>>3); for(int i=0; i<bits; ++i) Out[i>>3] |= In[i]<<(7 - i&7); } /*******************************************************************/ /* 函 数 名 称: RotateL 功 能 描 述: 把BIT流按位向左迭代 参 数 说 明: In: 输入的Bit流[in] len: Bit流的长度[in] loop: 向左迭代的长度 返回值 说明: void 作 者: 邹德强 更 新 日 期: 2003.12.19 /*******************************************************************/ static void RotateL(bool *In, int len, int loop) { bool Tmp[256]; memcpy(Tmp, In, loop); memcpy(In, In+loop, len-loop); memcpy(In+len-loop, Tmp, loop); } /*******************************************************************/ /* 函 数 名 称: Xor 功 能 描 述: 把两个Bit流进行异或 参 数 说 明: InA: 输入的Bit流[in][out] InB: 输入的Bit流[in] loop: Bit流的长度 返回值 说明: void 作 者: 邹德强 更 新 日 期: 2003.12.19 /*******************************************************************/ static void Xor(bool *InA, const bool *InB, int len) { for(int i=0; i<len; ++i) InA[i] ^= InB[i]; } /*******************************************************************/ /* 函 数 名 称: Transform 功 能 描 述: 把两个Bit流按表进行位转化 参 数 说 明: Out: 输出的Bit流[out] In: 输入的Bit流[in] Table: 转化需要的表指针 len: 转化表的长度 返回值 说明: void 作 者: 邹德强 更 新 日 期: 2003.12.19 /*******************************************************************/ static void Transform(bool *Out, bool *In, const char *Table, int len) { bool Tmp[256]; for(int i=0; i<len; ++i) Tmp[i] = In[ Table[i]-1 ]; memcpy(Out, Tmp, len); } /*******************************************************************/ /* 函 数 名 称: S_func 功 能 描 述: 实现数据加密S BOX模块 参 数 说 明: Out: 输出的32Bit[out] In: 输入的48Bit[in] 返回值 说明: void 作 者: 邹德强 更 新 日 期: 2003.12.19 /*******************************************************************/ static void S_func(bool Out[32], const bool In[48]) { for(char i=0,j,k; i<8; ++i,In+=6,Out+=4) { j = (In[0]<<1) + In[5]; k = (In[1]<<3) + (In[2]<<2) + (In[3]<<1) + In[4]; //组织SID下标 for(int l=0; l<4; ++l) //把相应4bit赋值 Out[l] = (S_Box[i][j][k]>>(3 - l)) & 1; } } /*******************************************************************/ /* 函 数 名 称: F_func 功 能 描 述: 实现数据加密到输出P 参 数 说 明: Out: 输出的32Bit[out] In: 输入的48Bit[in] 返回值 说明: void 作 者: 邹德强 更 新 日 期: 2003.12.19 /*******************************************************************/ static void F_func(bool In[32], const bool Ki[48]) { bool MR[48]; Transform(MR, In, E_Table, 48); Xor(MR, Ki, 48); S_func(In, MR); Transform(In, In, P_Table, 32); } bool Des::RunDes(bool bType,int bMode,const char* In, char* Out,unsigned datalen,const char* Key,unsigned keylen,const char* IV,unsigned IVlen) { //判断输入合法性 if(!(In && Out && Key && datalen && keylen>=8)) return false; char* inbuf = new char[datalen + 8]; memset(inbuf, 0x00, sizeof(inbuf)); memcpy(inbuf, In, datalen); char* tempBuf; unsigned padlen = datalen; //只处理8的整数倍,不足长度自己填充 if(datalen & 0x00000007) { if (!RunPad(PAD_PKCS_7, In, datalen, inbuf, padlen)) return false; tempBuf = inbuf; } else { tempBuf = inbuf; } bool m_SubKey[3][16][48]; //秘钥 //构造并生成SubKeys char nKey = (keylen>>3)>=3 ? 3: (keylen>>3); for(int i=0;i<nKey;i++) { SetSubKey(&m_SubKey[i],&Key[i<<3]); } if(bMode == ECB) //ECB模式 { if(nKey == 1) //单Key { int j = padlen>>3; for(int i=0,j = padlen>>3;i<j;++i,Out+=8,tempBuf+=8) { DES(Out,tempBuf,&m_SubKey[0],bType); } } else if(nKey == 2) //3DES 2Key { for(int i=0,j = padlen>>3;i<j;++i,Out+=8,tempBuf+=8) { DES(Out,tempBuf,&m_SubKey[0],bType); DES(Out,Out,&m_SubKey[1],!bType); DES(Out,Out,&m_SubKey[0],bType); } } else //3DES 3Key { for(int i=0,j=padlen>>3;i<j;++i,Out+=8,tempBuf+=8) { DES(Out,tempBuf,&m_SubKey[bType? 2 : 0],bType); DES(Out,Out,&m_SubKey[1],!bType); DES(Out,Out,&m_SubKey[bType? 0 : 2],bType); } } } else //CBC模式 { char cvec[8] = ""; //扭转向量 char cvin[8] = ""; //中间变量 if (IV!=NULL && IVlen == 8) { memcpy(cvec,IV,IVlen); } if(nKey == 1) //单Key { for(int i=0,j=padlen>>3;i<j;++i,Out+=8,tempBuf+=8) { if(bType == Des::ENCRYPT) { for(int j=0;j<8;++j) //将输入与扭转变量异或 { cvin[j] = tempBuf[j] ^ cvec[j]; } } else { memcpy(cvin,tempBuf,8); } DES(Out,cvin,&m_SubKey[0],bType); if(bType == Des::ENCRYPT) { memcpy(cvec,Out,8); //将输出设定为扭转变量 } else { for(int j=0;j<8;++j) //将输出与扭转变量异或 { Out[j] = Out[j] ^ cvec[j]; } memcpy(cvec,cvin,8); //将输入设定为扭转变量 } } } else if(nKey == 2) //3DES CBC 2Key { for(int i=0,j=padlen>>3;i<j;++i,Out+=8,tempBuf+=8) { if(bType == Des::ENCRYPT) { for(int j=0;j<8;++j) //将输入与扭转变量异或 { cvin[j] = tempBuf[j] ^ cvec[j]; } } else { memcpy(cvin,tempBuf,8); } DES(Out,cvin,&m_SubKey[0],bType); DES(Out,Out,&m_SubKey[1],!bType); DES(Out,Out,&m_SubKey[0],bType); if(bType == Des::ENCRYPT) { memcpy(cvec,Out,8); //将输出设定为扭转变量 } else { for(int j=0;j<8;++j) //将输出与扭转变量异或 { Out[j] = Out[j] ^ cvec[j]; } memcpy(cvec,cvin,8); //将输入设定为扭转变量 } } } else //3DES CBC 3Key { for(int i=0,j=padlen >>3;i<j;++i,Out+=8,tempBuf+=8) { if(bType == Des::ENCRYPT) { for(int j=0;j<8;++j) //将输入与扭转变量异或 { cvin[j] = tempBuf[j] ^ cvec[j]; } } else { memcpy(cvin,tempBuf,8); } DES(Out,cvin,&m_SubKey[bType ? 2 : 0],bType); DES(Out,Out,&m_SubKey[1],!bType); DES(Out,Out,&m_SubKey[bType ? 0 : 2],bType); if(bType == Des::ENCRYPT) { memcpy(cvec,Out,8); //将输出设定为扭转变量 } else { for(int j=0;j<8;++j) //将输出与扭转变量异或 { Out[j] = Out[j] ^ cvec[j]; } memcpy(cvec,cvin,8); //将输入设定为扭转变量 } } } } return true; } /*******************************************************************/ /* 函 数 名 称: RunPad 功 能 描 述: 根据协议对加密前的数据进行填充 参 数 说 明: bType :类型:PAD类型 In :数据串指针 Out :填充输出串指针 datalen :数据的长度 padlen :(in,out)输出buffer的长度,填充后的长度 返回值 说明: bool :是否填充成功 作 者: 邹德强 修 改 历 史: 更 新 日 期: 2003.12.19 /*******************************************************************/ bool Des::RunPad(int nType, const char* In, unsigned datalen, char* Out, unsigned& padlen) { if (nType < PAD_ISO_1 || nType > PAD_PKCS_7) return false; if (In == NULL || datalen < 0 || Out == NULL) return false; int res = (datalen & 0x00000007); if (res == 0) { padlen = datalen; memcpy(Out, In, datalen); return true; } padlen = (datalen+8-res); memcpy(Out,In,datalen); if(nType == PAD_ISO_1) { memset(Out+datalen,0x00,8-res); } else if(nType == PAD_ISO_2) { memset(Out+datalen,0x80,1); memset(Out+datalen,0x00,7-res); } else if(nType == PAD_PKCS_7) { memset(Out+datalen,0x00,8-res); } else { return false; } return true; } //计算并填充子密钥到SubKey数据中 void Des::SetSubKey(PSubKey pSubKey, const char Key[8]) { bool K[64], *KL=&K[0], *KR=&K[28]; ByteToBit(K, Key, 64); Transform(K, K, PC1_Table, 56); for(int i=0; i<16; ++i) { RotateL(KL, 28, LOOP_Table[i]); RotateL(KR, 28, LOOP_Table[i]); Transform((*pSubKey)[i], K, PC2_Table, 48); } } //DES单元运算 void Des::DES(char Out[8], const char In[8], const PSubKey pSubKey, bool Type) { bool M[64], tmp[32], *Li=&M[0], *Ri=&M[32]; ByteToBit(M, In, 64); Transform(M, M, IP_Table, 64); if( Type == ENCRYPT ) { for(int i=0; i<16; ++i) { memcpy(tmp, Ri, 32); //Ri[i-1] 保存 F_func(Ri, (*pSubKey)[i]); //Ri[i-1]经过转化和SBox输出为P Xor(Ri, Li, 32); //Ri[i] = P XOR Li[i-1] memcpy(Li, tmp, 32); //Li[i] = Ri[i-1] } } else { for(int i=15; i>=0; --i) { memcpy(tmp, Ri, 32); //Ri[i-1] 保存 F_func(Ri, (*pSubKey)[i]); //Ri[i-1]经过转化和SBox输出为P Xor(Ri, Li, 32); //Ri[i] = P XOR Li[i-1] memcpy(Li, tmp, 32); //Li[i] = Ri[i-1] } } RotateL(M,64,32); //Ri与Li换位重组M Transform(M, M, IPR_Table, 64); //最后结果进行转化 BitToByte(Out, M, 64); //组织成字符 }
代码中C++库,对于其他填充模式支持不好,默认设置为 PAD_PKCS_7,并表现出跟C# Zero填充一样的效果
c++封装,相当于使用案例
#ifndef CDES_H_CAESAR_1_DEF #define CDES_H_CAESAR_1_DEF #include <string> #include <iostream> class HGDes { private: HGDes(); virtual ~HGDes(); public: //加密 - 从流中加密数据 static void DES_Decrypt(std::istream& input,std::ostream& output); //解密 - 从流中解密数据 static void DES_Encrypt(std::istream& input,std::ostream& output); //加密 - 加密文本到base64格式 static std::string Encrypt_to_Base64(std::string input); //解密 - 从base64格式解密文本 static std::string Decrypt_from_Base64(std::string input); }; #endif//CDES_H_CAESAR__DEF
// DES.cpp: implementation of the CDES class. // ////////////////////////////////////////////////////////////////////// #include "HGDES.h" #include "memory.h" #include <iostream> #include <sstream> #include "DES.h" #include "..Base64Base64.h" using namespace std; HGDes::HGDes() { } HGDes::~HGDes() { } void HGDes::DES_Encrypt(std::istream& input,std::ostream& output) { //计算缓冲区长度 input.seekg(0, input.end); int datalen = input.tellg(); input.seekg(0, input.beg); int outlen = ((datalen/8)*8) + ((datalen%8==0) ? 0:8); //创建缓冲区 char* In = new char[datalen]; char* Out = new char[outlen]; memset(In,0,datalen); memset(Out,0,outlen); for (int i=0 ; i<datalen ; i++) { In[i] = input.get(); } int keylen = 8; char Key[8] = {0x31,0x31,0x31,0x31,0x31,0x31,0x31,0x31,}; char IV[8] = {0x31,0x31,0x31,0x31,0x31,0x31,0x31,0x31,}; Des::RunDes(Des::ENCRYPT,Des::CBC, In,Out,datalen,Key,keylen); for (int i = 0; i < outlen ; i++) { output<<Out[i]; } } void HGDes::DES_Decrypt(std::istream& input,std::ostream& output) { //计算缓冲区长度 input.seekg(0, input.end); int datalen = input.tellg(); input.seekg(0, input.beg); int outlen = ((datalen/8)*8) + ((datalen%8==0) ? 0:8); //创建缓冲区 char* In = new char[datalen]; char* Out = new char[datalen]; memset(In,0,datalen); memset(Out,0,datalen); for (int i=0 ; i<datalen ; i++) { In[i] = input.get(); } int keylen = 8; char Key[8] = {0x31,0x31,0x31,0x31,0x31,0x31,0x31,0x31,}; char IV[8] = {0x31,0x31,0x31,0x31,0x31,0x31,0x31,0x31,}; Des::RunDes(Des::DECRYPT,Des::CBC, In,Out,datalen,Key,keylen); //计算末尾0的数量 int count = 0; for (int i = outlen - 1; i >= 0 ; i--) { if (Out[i] != 0) { break; } count++; } for (int i = 0; i < outlen - count ; i++) { output<<Out[i]; } } std::string HGDes::Encrypt_to_Base64(std::string input) { if (input.empty()) { return ""; } else { std::stringstream inputstream; inputstream << input; std::stringstream outputstream; DES_Encrypt(inputstream,outputstream); std::string result = Base64::base64_encode(outputstream); return result; } } std::string HGDes::Decrypt_from_Base64(std::string input) { if (input.empty()) { return ""; } else { std::stringstream inputstream; Base64::base64_decode(input,inputstream); std::stringstream outputstream; DES_Decrypt(inputstream,outputstream); return outputstream.str(); } }