IMCAFS

 Home

e-commerce project: cookie anti tampering

Posted by barello at 2020-02-26
all

01...

01 02

03 String ltpa3DESKey ="7dH4i81Yepbve+gF9XVE4C1Ca5g6A4Q69OFobJV9g=";

03 String ltpa3DESKey =  "7dH4i81YepbVe+gF9XVUzE4C1Ca5g6A4Q69OFobJV9g=" ;

04        

04

05 String ltpaPassword ="Passw0rd";

05 String ltpaPassword =  "Passw0rd" ;

06        try {

06 try {

07            

07 08 byte [] secretKey = getSecretKey(ltpa3DESKey, ltpaPassword);

09            

09

10 String ltpaplaintex=new string(decryptltpatoken(Tokencipher),

10 String ltpaPlaintext =  new String(decryptLtpaToken(tokenCipher,

11                    secretKey));

11 secretKey));

12 displayTokenData(ltpaPlaintext);

12 displayTokenData(ltpaPlaintext); 13 }  catch (Exception e) {

14            System.out.println("Caught inner: " + e);

14 System.out.println( "Caught inner: " + e);

15        }

15 }

16...

16

17    

17

18    private static byte[] getSecretKey(String ltpa3DESKey, String password)

18 private static byte [] getSecretKey(String ltpa3DESKey, String password)

19            throws Exception {

19 throws Exception {

20        

20

21 MessageDigest MD=MessageDigest.Getinstance(“Sha”);

21 MessageDigest md = MessageDigest.getInstance( "SHA" );

22        md.update(password.getBytes());

22 md.update(password.getBytes()); 23 byte [] hash3DES =  new byte [ 24 ];

24 system.arraycopy(.md.digest)(,0,hash3des,0,20);

24 System.arraycopy(md.digest(),  , hash3DES,  ,  20 );

25        

25

26 Arrays.fill()hash3des,20,24,(byte)0;

26 Arrays.fill(hash3DES,  20 ,  24 , ( byte )  );

27        

27

28        byte[] decode3DES = Base64.decodeBase64(ltpa3DESKey.getBytes());

28 byte [] decode3DES = Base64.decodeBase64(ltpa3DESKey.getBytes());

29        

29

30        return decrypt(decode3DES, hash3DES);

30 return decrypt(decode3DES, hash3DES);

31    }

31 } 32

33 public static byte[] decryptLtpaToken(String encryptedLtpaToken, byte[] key)

33 public static byte [] decryptLtpaToken(String encryptedLtpaToken,  byte [] key)

34            throws Exception {

34 throws Exception { 35

36 Final Byte[…]LTPABYTERRAY=BASE64.DECODEBASE64(Encryptedltpatoken)

36 final byte [] ltpaByteArray = Base64.decodeBase64(encryptedLtpaToken

37.getBytes());

37 .getBytes());

38        

38

39 return decrypt(ltpaByteArray, key);

39 return decrypt(ltpaByteArray, key);

40    }

40 }

41    

41

42 public static byte[] decrypt(byte[] ciphertext, byte[] key

42 public static byte [] decrypt( byte [] ciphertext,  byte [] key)

43            throws Exception {

43 throws Exception { 44 final Cipher cipher = Cipher.getInstance( "DESede/ECB/PKCS5Padding" );

45        final KeySpec keySpec = new DESedeKeySpec(key);

45 final KeySpec keySpec =  new DESedeKeySpec(key); 46 final Key secretKey = SecretKeyFactory.getInstance( "TripleDES" )

47                .generateSecret(keySpec);

47 .generateSecret(keySpec);

48        cipher.init(Cipher.DECRYPT_MODE, secretKey);

48 cipher.init(Cipher.DECRYPT_MODE, secretKey);

49 return cipher.doFinal(ciphertext);

49 return cipher.doFinal(ciphertext);

50    }

50 }

51...

51
© 2023