(1) RSA currently only knows that there are public keys and private keys, which can encrypt and decrypt strings, but cannot directly encrypt and decrypt files.
(2) DES can encrypt and decrypt files through passwords.
(3) The password used by DES can be encrypted twice using the public key and private key of RSA to protect it.
(4) The password of DES is the MAC address of the computer read, and a strong password is added for synthesis, and MD5 processing is also performed.
(5) The password of DES is machine-related. If you change the machine, you need to synchronize your newly generated private key to the superior.
=============================================================
1. Obtain the name of the reporting department: Org_Name
2. Generate the public key and private key according to Org_Name, which are calculated as: Org_Name_Public.xml and Org_Name_Private.xml, spare.
3. Obtain the MAC address of the network card, and use md5 (MAC address + password Dsidea*********) to generate the DES complete password of the encrypted file: DES_PassWord
4. Use DES to encrypt the EXCEL file.
5. Encrypt DES_PassWord with the public key twice to get RSA_SECOND_MIWEN
6. Measure the length of the text after secondary encryption len (RSA_SECOND_MIWEN), no matter whether the length is 2 digits, 3 digits, or 4 digits, it is uniformly counted as 4 digits. Get a number of XXXX, less than four digits, fill with zeros in front to solve it.
7. Make the department name again, convert it to BASE64 code: BASE64_OrgName, and get the length: len(BASE64_OrgName), no matter whether the length is 2 digits, 3 digits, or 4 digits, it will be counted as 4 digits, and a YYYY number will be obtained , if it is less than four digits, the front is filled with zeros to solve the problem.
Cloud Platform Software Department
5LqR5bmz5Y+w6L2v5Lu26YOo
Management Software Department
566h55CG6L2v5Lu26YOo
8. Add content at the end of the encrypted EXCEL, first add RSA_SECOND_MIWEN, then add BASE64_OrgaName, then add XXXX, YYYY and 0001 to the end. 0001 indicates that the department manager has passed the review.
At this point, the encryption work is completely completed. This file consists of five parts,
(1) DES encrypted file body.
(2) RSA_SECOND_MIWEN: This is the DES password encrypted by RSA. It cannot be directly used to decrypt the DES encrypted file without the private key.
(3) BASE64 encoding of department name
(4) YYYY:len(BASE64_OrgName) The last 4 digits of the file represent the BASE64 length of Org_Name, that is, remove 12 bytes from the end of the file, and then take YYYY length, which is the department BASE64 encoding, knowing this principle, you can directly obtain the reporting department of the file.
(5) XXXX:len(RSA_SECOND_MIWEN) According to the obtained reporting department name, find the corresponding private key, and use the private key to unlock the DES ciphertext.
==================================================================================================================================================================================================================================================================================
_
_ The principle of uncompressing EXCEL files.
(2) After the audit finds that there is no problem, perform another round of DES encryption on the encrypted EXCEL submitted by the department manager. The method is exactly the same as the above, except that the 0002 logo is added at the end of XXXX and YYYY, which is approved by the deputy general manager.
(3) The program of the vice president also needs to set the name of the department, such as the basic education software research and development department.
Financial decompression process:
(1) Only decompress the last digit of 0002.
(2) The private key files of the department manager and the vice president are required to exist in the financial computer.
(3) Decide which private key to take for decryption according to the name of the identification department at the end of the file.
=========================================================================================================================================================================================================================================================================================================;