Criptografia
Toda comunicação entre AnnA e cliente trafega com criptografia 3DES-CBC (Cipher Block Chaining) com block size de 64 e key size 192 bytes
Abaixo temos alguns exemplos de implementação para encriptação e desencriptação:
public static string Encrypt3DES(string data, string key, string iv) { byte[] bytes = Encoding.UTF8.GetBytes(data); byte[] decodedKey = Convert.FromBase64String(key); byte[] decodedIv = Convert.FromBase64String(iv);
var cryptoServiceProvider = new TripleDESCryptoServiceProvider() { Key = decodedKey, IV = decodedIv, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 };
byte[] encrypted = cryptoServiceProvider.CreateEncryptor().TransformFinalBlock(bytes, 0, bytes.Length); cryptoServiceProvider.Clear();
return Convert.ToBase64String(encrypted); }
public static string Decrypt3DES(string data, string key, string iv) { byte[] encryptedBytes = Convert.FromBase64String(data); byte[] decodedKey = Convert.FromBase64String(key); byte[] decodedIv = Convert.FromBase64String(iv);
var cryptoServiceProvider = new TripleDESCryptoServiceProvider() { Key = decodedKey, IV = decodedIv, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 };
byte[] bytes = cryptoServiceProvider.CreateDecryptor().TransformFinalBlock(encryptedBytes, 0, encryptedBytes.Length); cryptoServiceProvider.Clear();
return Encoding.UTF8.GetString(bytes); }
public static string GenerateIV() { var cryptoServiceProvider = new TripleDESCryptoServiceProvider(); cryptoServiceProvider.GenerateIV();
return Convert.ToBase64String(cryptoServiceProvider.IV); } public static string Encrypt3DES(string data, string key, string IV) { byte[] bytes = Encoding.UTF8.GetBytes(data); byte[] convertedKey = Convert.FromBase64String(key); byte[] convertedIV = Convert.FromBase64String(IV);
var cryptoServiceProvider = TripleDES.Create(); cryptoServiceProvider.Key = convertedKey; cryptoServiceProvider.IV = convertedIV; cryptoServiceProvider.Mode = CipherMode.CBC; cryptoServiceProvider.Padding = PaddingMode.PKCS7;
byte[] inArray = cryptoServiceProvider.CreateEncryptor().TransformFinalBlock(bytes, 0, bytes.Length); cryptoServiceProvider.Clear();
return Convert.ToBase64String(inArray, 0, inArray.Length); }
public static string Decrypt3DES(string data, string key, string IV) { byte[] inputBuffer = Convert.FromBase64String(data); byte[] convertedKey = Convert.FromBase64String(key); byte[] convertedIV = Convert.FromBase64String(IV);
var cryptoServiceProvider = TripleDES.Create(); cryptoServiceProvider.Key = convertedKey; cryptoServiceProvider.IV = convertedIV; cryptoServiceProvider.Mode = CipherMode.CBC; cryptoServiceProvider.Padding = PaddingMode.PKCS7;
byte[] bytes = cryptoServiceProvider.CreateDecryptor().TransformFinalBlock(inputBuffer, 0, inputBuffer.Length); cryptoServiceProvider.Clear();
return Encoding.UTF8.GetString(bytes); }
public static string GenerateIV() { var auxTdes = TripleDES.Create(); auxTdes.GenerateIV(); byte[] IVArray = auxTdes.IV; string IV = Convert.ToBase64String(IVArray);
return IV; } public String encrypt(String message, SecretKey key, IvParameterSpec iv) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, UnsupportedEncodingException, IllegalBlockSizeException, BadPaddingException { final Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, key, iv);
byte[] plainTextBytes = message.getBytes("utf-8"); byte[] buf = cipher.doFinal(plainTextBytes); byte[] base64Bytes = Base64.getEncoder().encode(buf);
String base64EncryptedString = new String(base64Bytes);
return base64EncryptedString; }
public String decrypt(String encMessage, SecretKey key, IvParameterSpec iv) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException { byte[] message = Base64.getDecoder().decode(encMessage.getBytes("utf-8"));
final Cipher decipher = Cipher.getInstance("DESede/CBC/PKCS5Padding"); decipher.init(Cipher.DECRYPT_MODE, key, iv);
byte[] plainText = decipher.doFinal(message);
return new String(plainText, "UTF-8"); } function encrypt3DES($data, $key, $IV) { $IV = base64_decode($IV); $key = base64_decode($key); return openssl_encrypt($data, 'des-ede3-cbc', $key, 0, $IV); }
function decrypt3DES($data, $deckey, $IV) { $IV = base64_decode($IV); $deckey = base64_decode($deckey); return openssl_decrypt($data, 'des-ede3-cbc', $deckey, 0, $IV); } from flask import Flask, request, Response from flask_ngrok import run_with_ngrok import json from Crypto.Cipher import AES, DES3, DES from Crypto.Util.Padding import pad, unpad from Crypto.Random import get_random_bytes from base64 import b64encode, b64decode
# Initialising a web application with flask app = Flask(__name__)
# For this integration example, NGROK was used to emulate a response server run_with_ngrok(app)
# Encryption method def encrypt(data, enckey, iv): enckey = b64decode(enckey) iv = b64decode(iv) cipher = DES3.new(enckey, DES3.MODE_CBC, iv) ct_bytes = cipher.encrypt( pad(bytes(data, encoding='utf-8'), DES3.block_size)) ciphertext = b64encode(ct_bytes).decode('utf-8')
return ciphertext
# Decryption method def decrypt(data, deckey, iv): try: deckey = b64decode(deckey) iv = b64decode(iv) data = b64decode(data) cipher = DES3.new(deckey, DES3.MODE_CBC, iv) pt = unpad(cipher.decrypt(data), DES3.block_size)
return pt
except (ValueError, KeyError): return 'Incorrect decryption'
# Get POST AnnA @app.route('/get-post', methods=['POST']) def receber_post():
# Encryption Keys enckey = 'ENCRYPTION_KEY' deckey = 'DECRYPTION_KEY'
# Retrieving the form sent by AnnA data = request.form
# Recovering the received IV ivReceived = data.get('ANNAEXEC')
# Creating the structure of an AnnA message nodeMessage = [ { "PropName": "Alias", "PropValue": "msg001" }, { "PropName": "Type", "PropValue": "MESSAGE" }, { "PropName": "Phrase", "PropValue": "Hello World!" } ]
# Creating the container structure container = [ { "PropName": "Container001", "PropValue": json.dumps(nodeMessage) } ]
# Creating a new IV and encrypting it key = get_random_bytes(8) cipher = DES.new(key, DES3.MODE_CBC) newIV = b64encode(cipher.iv).decode('utf-8')
# Serialising the container structure and encrypting it serialisedContainer = json.dumps(container) encryptedSerialisedContainer = encrypt(serialisedContainer, enckey, newIV)
# Encrypting the new IV newIVEncrypted = encrypt(newIV, deckey, ivReceived)
# Configuring response for AnnA replyToAnnA = encryptedSerialisedContainer + ivReceived + newIVEncrypted
# Replying to AnnA response = Response(replyToAnnA, content_type='text/plain')
# Log print('\nData received from AnnA:', data) print('\nIV Received:', ivReceived) print('\n') print('\nNode Message:', nodeMessage) print('\nContainer:', container) print('\nContainer Serialised:', serialisedContainer) print('\nContainer Serialised Encrypted:', encryptedSerialisedContainer) print('\n') print('\nNew IV:', newIV) print('\nNew IV Encrypted:', newIVEncrypted) print('\n') print('\nReply To AnnA:', replyToAnnA) print('\nResponse From AnnA:', response)
return response
if __name__ == '__main__': app.run()