近期項目論壇,需要把網站的登陸註冊用戶這方面要全部走上面給的用戶中心數據庫的接口,接口文檔中用到了AES加密,原以爲用PHP的mcrypt_encrypt或者openssl_encrypt寫就好了,沒想到沒那麼簡單,原來接口文檔中祕鑰又進行了一次SHA1PRNG算法的加密,話不多了上代碼
Java代碼
public static String encrypt(String content, String password) {
try {
if (StringUtils.isEmpty(content))
return "";
KeyGeneratorkgen = KeyGenerator.getInstance("AES");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed(password.getBytes());
kgen.init(128, random);
SecretKeysecretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");
byte[] byteContent = content.getBytes("utf-8");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] result = cipher.doFinal(byteContent);
String str = Base64.getEncoder().encodeToString(result);
returnstr;
} catch (NoSuchAlgorithmException e) {
// e.printStackTrace();
} catch (NoSuchPaddingException e) {
// e.printStackTrace();
} catch (InvalidKeyException e) {
// e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// e.printStackTrace();
} catch (BadPaddingException e) {
// e.printStackTrace();
}
return null;
}
public static String decrypt(String str, String password) {
try {
byte[] content = Base64.getDecoder().decode(str);
KeyGeneratorkgen = KeyGenerator.getInstance("AES");
SecureRandomsecureRandom = SecureRandom.getInstance("SHA1PRNG");
secureRandom.setSeed(password.getBytes());
kgen.init(128, secureRandom);
SecretKeysecretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] result = cipher.doFinal(content);
return new String(result,"UTF-8");
} catch (NoSuchAlgorithmException e) {
// e.printStackTrace();
} catch (NoSuchPaddingException e) {
// e.printStackTrace();
} catch (InvalidKeyException e) {
// e.printStackTrace();
} catch (IllegalBlockSizeException e) {
// e.printStackTrace();
} catch (BadPaddingException e) {
// e.printStackTrace();
} catch (Exception e) {
// e.printStackTrace();
}
return "";
}
然後對應封裝了一個PHP類
PHP代碼
class AES {
//PKCS5Padding 補碼方式
private function _pkcs5Pad($text, $blockSize) {
$pad = $blockSize - (strlen($text) % $blockSize);
return $text . str_repeat(chr($pad), $pad);
}
private function _pkcs5Unpad($text) {
$end = substr($text, -1);
$last = ord($end);
$len = strlen($text) - $last;
if(substr($text, $len) == str_repeat($end, $last)) {
return substr($text, 0, $len);
}
return false;
}
//加密
public function encrypt($encrypt, $key) {
$blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$paddedData = $this->_pkcs5Pad($encrypt, $blockSize);
$ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($ivSize, MCRYPT_RAND);
$key2 = substr(openssl_digest(openssl_digest($key, 'sha1', true), 'sha1', true),0,16);
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key2, $paddedData, MCRYPT_MODE_ECB, $iv);
return base64_encode($encrypted);
}
//解密
public function decrypt($decrypt, $key) {
$decoded = base64_decode($decrypt);
$blockSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($blockSize, MCRYPT_RAND);
$key2 = substr(openssl_digest(openssl_digest($key, 'sha1', true), 'sha1', true), 0, 16);
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key2, $decoded, MCRYPT_MODE_ECB, $iv);
return $this->_pkcs5Unpad($decrypted);
}
}附錄:
感謝 php中關於AES加密對應Java中的SHA1PRNG方式加密的實例詳解 文章的啓發