java - AESCrypt 从 Java 到 c#

我的答案可互操作加密。结果可以从任何平台解密 - C# 代码或 Android/Java 代码。

• 从 C# 加密 -> 从 C#、Android、Java 解密。
• 从 Android 加密 -> 从 Android、Java、C# 解密。
• 从 Java 加密 -> 从 Java、Android、C# 解密。
• encrypt 的结果包含加密文本 + IV。
• IV 是使用安全随机算法生成的。

加密过程
1. plaintext => plaintextBytes
2. password => passwordBytes => Sha256(passwordbytes) = passwordHashBytes
3. 生成随机IV bytes = ivBytes
4. 使用plaintextbytes和passwordHashBytes
加密 5. join (encryptedbytes + ivBytes)
6. 转换为base64加入字节。

C# 实现

public enum HashAlgorithm
{
    MD5,
    SHA1,
    SHA256,
    SHA384,
    SHA512
}

public class HashManager {
    public static byte[] ToRawHash(byte[] data, HashAlgorithm algorithm)
    {
        byte[] hash;
        switch (algorithm)
        {
            case HashAlgorithm.MD5:
                MD5 md5 = MD5.Create();
                hash = md5.ComputeHash(data, 0, data.Length);
                return hash;
            case HashAlgorithm.SHA1:
                SHA1Managed sha1 = new SHA1Managed();
                hash = sha1.ComputeHash(data);
                return hash;
            case HashAlgorithm.SHA256:
                SHA256Managed sha256 = new SHA256Managed();
                hash = sha256.ComputeHash(data);
                return hash;
            case HashAlgorithm.SHA384:
                SHA384Managed sha384 = new SHA384Managed();
                hash = sha384.ComputeHash(data);
                return hash;
            case HashAlgorithm.SHA512:
                SHA512Managed sha512 = new SHA512Managed();
                hash = sha512.ComputeHash(data, 0, data.Length);
                return hash;
            default:
                throw new ArgumentException("Invalid Algorithm");
        }
    }
}

public class Base64Manager
{
    public static byte[] Base64ToByteArray(String base64)
    {
        return Convert.FromBase64String(base64);
    }

    public static String ToBase64(byte[] data, Boolean insertLineBreaks = default(Boolean))
    {
        return insertLineBreaks ? Convert.ToBase64String(data, Base64FormattingOptions.InsertLineBreaks) : Convert.ToBase64String(data);
    }
}

public class AesManager
{
    private const int MAX_IV_LENGTH = 16;
    private const int MAX_KEY_LENGTH = 32;

    private static byte[] GenerateValidKey(byte[] keyBytes)
    {
        byte[] ret = new byte[MAX_KEY_LENGTH];
        byte[] hash = HashManager.ToRawHash(keyBytes, HashAlgorithm.SHA256);
        Array.Copy(hash, ret, MAX_KEY_LENGTH);
        return ret;
    }


    public static byte[] EncryptRaw(byte[] PlainBytes, byte[] Key)
    {
        AesManaged AesAlgorithm = new AesManaged()
        {
            Key = GenerateValidKey(Key)
        };
        AesAlgorithm.GenerateIV();
        var Encrypted = AesAlgorithm.CreateEncryptor().TransformFinalBlock(PlainBytes, 0, PlainBytes.Length);
        byte[] ret = new byte[Encrypted.Length + MAX_IV_LENGTH];
        Array.Copy(Encrypted, ret, Encrypted.Length);
        Array.Copy(AesAlgorithm.IV, 0, ret, ret.Length - MAX_IV_LENGTH, MAX_IV_LENGTH);
        return ret;
    }

    public static byte[] DecryptRaw(byte[] CipherBytes, byte[] Key)
    {
        AesManaged AesAlgorithm = new AesManaged()
        {
            Key = GenerateValidKey(Key)
        };
        byte[] IV = new byte[MAX_IV_LENGTH];
        Array.Copy(CipherBytes, CipherBytes.Length - MAX_IV_LENGTH, IV, 0, MAX_IV_LENGTH);
        AesAlgorithm.IV = IV;
        byte[] RealBytes = new byte[CipherBytes.Length - MAX_IV_LENGTH];
        Array.Copy(CipherBytes, RealBytes, CipherBytes.Length - MAX_IV_LENGTH);
        return AesAlgorithm.CreateDecryptor().TransformFinalBlock(RealBytes, 0, RealBytes.Length); ;
    }


    public static String EncryptToBase64(String Plaintext, String Key)
    {
        byte[] PlainBytes = Encoding.UTF8.GetBytes(Plaintext);
        return Base64Manager.ToBase64(EncryptRaw(PlainBytes, Encoding.UTF8.GetBytes(Key)), false);
    }



    public static String DecryptFromBase64(String CipherText, String Key)
    {
        byte[] CiPherBytes = Base64Manager.Base64ToByteArray(CipherText);
        byte[] Encrypted = DecryptRaw(CiPherBytes, Encoding.UTF8.GetBytes(Key));
        return Encoding.UTF8.GetString(Encrypted, 0, Encrypted.Length);
    }

}

class Program
{

    static void Main(string[] args)
    {
        string plainText = "plain text";
        string password = "password";
        string encrypted = AesManager.EncryptToBase64(plainText, password);
        Console.WriteLine(AesManager.DecryptFromBase64(encrypted, password));
        Console.ReadLine();
    }
}

---

安卓/Java实现

public enum HashAlgorithm {

    SHA512("SHA-512"),
    SHA256("SHA-256"),
    SHA384("SHA-384"),
    SHA1("SHA-1"),
    MD5("MD5");

    private String Value = "";

    HashAlgorithm(String Value) {
        this.Value = Value;
    }

    @Override
    public String toString() {
        return Value;
    }

}

import java.security.MessageDigest;
public class HashManager {
    public static byte[] toRawHash(byte[] data,
                                   HashAlgorithm algorithm) throws Exception
    {
        byte[] buffer = data;
        MessageDigest messageDigest = MessageDigest.getInstance(algorithm.toString());
        messageDigest.reset();
        messageDigest.update(buffer);
        return messageDigest.digest();
    }
}

Base64Manager 类 Android 实现

import android.util.Base64;

public class Base64Manager {
    public static String toBase64(byte[] data,
                                  boolean insertLineBreaks) throws Exception
    {
        String ret;
        if (insertLineBreaks)
        {
            ret = Base64.encodeToString(data, Base64.DEFAULT);
        }
        else
        {
            ret = Base64.encodeToString(data, Base64.NO_WRAP);
        }
        return ret;
    }

    public static String toBase64(String data,
                                  boolean insertLineBreaks) throws Exception
    {
        return toBase64(data.getBytes("UTF-8"), insertLineBreaks);
    }

    public static byte[] base64ToByteArray(String base64) throws Exception
    {
        return base64.contains(System.getProperty("line.separator")) ? Base64.decode(base64, Base64.DEFAULT) : Base64.decode(base64, Base64.NO_WRAP);
    }
}

Base64Manager 类 Java8+ 实现

import java.util.Base64;

public class Base64Manager {    
    public static String toBase64(byte[] data, Boolean insertLineBreaks) throws Exception {
        String ret;
        if (insertLineBreaks) {
            ret = Base64.getMimeEncoder().encodeToString(data);
        } else {
            ret = Base64.getEncoder().encodeToString(data);
        }
        return ret;
    }

    public static String toBase64(String data, Boolean insertLineBreaks) throws Exception {
        return toBase64(data.getBytes("UTF-8" ), insertLineBreaks);
    }

    public static byte[] base64ToByteArray(String base64) throws Exception {
        return base64.contains(System.getProperty("line.separator")) ? Base64.getMimeDecoder().decode(base64) : Base64.getDecoder().decode(base64);
    }    
}

import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class AesManager {

    private static final int MAX_IV_LENGTH = 16;
    private static final int MAX_KEY_LENGTH = 32;

    public static String decryptFromBase64(String cipherText, String key) throws Exception {
        byte[] CiPherBytes = Base64Manager.base64ToByteArray(cipherText);
        byte[] KeyBytes = key.getBytes("UTF-8");
        return new String((decryptRaw(CiPherBytes, KeyBytes)));
    }

    public static byte[] generateValidKey(byte[] key) throws Exception {
        return Arrays.copyOf(HashManager.toRawHash(key, HashAlgorithm.SHA256), MAX_KEY_LENGTH);
    }


    public static byte[] decryptRaw(byte[] cipherBytes, byte[] keyBytes) throws Exception {
        byte[] IV = Arrays.copyOfRange(cipherBytes, cipherBytes.length - MAX_IV_LENGTH, cipherBytes.length);
        byte[] RealBytes = Arrays.copyOf(cipherBytes, cipherBytes.length - MAX_IV_LENGTH);
        Cipher AesAlgorithm = Cipher.getInstance("AES/CBC/PKCS5Padding" );
        byte[] ValidKeyBytes = generateValidKey(keyBytes);
        SecretKeySpec secretKeySpec = new SecretKeySpec(ValidKeyBytes, "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec(IV);
        AesAlgorithm.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);
        byte[] Decrypted = AesAlgorithm.doFinal(RealBytes);
        return Decrypted;
    }

    public static byte[] encryptRaw(byte[] plainBytes, byte[] keyBytes) throws Exception {
        Cipher AesAlgorithm = Cipher.getInstance("AES/CBC/PKCS5Padding");
        byte[] ValidKeyBytes = generateValidKey(keyBytes);
        SecretKeySpec secretKeySpec = new SecretKeySpec(ValidKeyBytes, "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec(generateIV());
        AesAlgorithm.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec);
        byte[] Encrypted = AesAlgorithm.doFinal(plainBytes);
        byte[] ret = new byte[Encrypted.length + MAX_IV_LENGTH];
        System.arraycopy(Encrypted, 0, ret, 0, Encrypted.length);
        System.arraycopy(ivParameterSpec.getIV(), 0, ret, Encrypted.length, MAX_IV_LENGTH);
        return ret;
    }

    private static byte[] generateIV() throws Exception {
        return generateRandomArray(MAX_IV_LENGTH);
    }

    public static byte[] generateRandomArray(int size) {
        SecureRandom RandomGenerator = new SecureRandom();
        byte[] ret = new byte[size];
        RandomGenerator.nextBytes(ret);
        return ret;
    }

    public static String encryptToBase64(String plaintext, String key) throws Exception {
        byte[] PlainBytes = plaintext.getBytes("UTF-8");
        byte[] KeyBytes = key.getBytes("UTF-8");
        return Base64Manager.toBase64(encryptRaw(PlainBytes, KeyBytes), false);
    }

}

public class Program {
    public static  void main(String[] args) throws Exception
    {
        String plainText = "plain text";
        String password = "password";
        String encrypted = AesManager.encryptToBase64(plainText, password);
        System.out.println(AesManager.decryptFromBase64(encrypted, password));
    }
}