前提:
在實際開發過程中,跨平臺跨語言api接口簽名算法肯定是常有的事情。這裏主要解釋說的是php7 aes簽名對接java aes簽名。把開發過程中遇到的坑整理出來,
首先貼上java代碼,java主要要注意key種子,
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
/**
* @version V1.0
* @desc AES 加密工具類
*/
public class AESUtil {
private static final String DEFAULT_CHARSET = "UTF-8";
private static final String KEY = "KE0yS1GcqQ823TatPYMLbwOmu7NZXHJI";
private static final String KEY_ALGORITHM = "AES";
private static final String DEFAULT_CIPHER_ALGORITHM = "AES/ECB/PKCS5Padding";//默認的加密算法
/**
* AES 加密操作
*
* @param content 待加密內容
* @param password 加密密碼
* @return 返回Base64轉碼後的加密數據
*/
public static String encrypt(String content, String password) {
try {
Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM);// 創建密碼器
byte[] byteContent = content.getBytes(DEFAULT_CHARSET);
cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(password));// 初始化爲加密模式的密碼器
byte[] result = cipher.doFinal(byteContent);// 加密
return parseByte2HexStr(result);//通過hex轉碼返回
} catch (Exception ex) {
Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
}
return null;
}
/**
* AES 解密操作
*
* @param content
* @param password
* @return
*/
public static String decrypt(String content, String password) {
try {
//實例化
Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM);
//使用密鑰初始化,設置爲解密模式
cipher.init(Cipher.DECRYPT_MODE, getSecretKey(password));
//執行操作
byte[] result = cipher.doFinal(parseHexStr2Byte(content));
return new String(result, DEFAULT_CHARSET);
} catch (Exception ex) {
Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
}
return null;
}
/**
* 生成加密祕鑰
*
* @return
*/
private static SecretKeySpec getSecretKey(final String password) {
//返回生成指定算法密鑰生成器的 KeyGenerator 對象
KeyGenerator kg = null;
try {
kg = KeyGenerator.getInstance(KEY_ALGORITHM);
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG" );
secureRandom.setSeed(password.getBytes());
//AES 要求密鑰長度爲 128
// kg.init(128, new SecureRandom(password.getBytes()));
kg.init(128, secureRandom);
//生成一個密鑰
SecretKey secretKey = kg.generateKey();
//System.out.println(secretKey);
return new SecretKeySpec(secretKey.getEncoded(), KEY_ALGORITHM);// 轉換爲AES專用密鑰
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
}
return null;
}
/**
* 將二進制轉換成16進制
*
* @param buf
* @return
*/
public static String parseByte2HexStr(byte buf[]) {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
return sb.toString();
}
/**
* 將16進制轉換爲二進制
*
* @param hexStr
* @return
*/
public static byte[] parseHexStr2Byte(String hexStr) {
if (hexStr.length() < 1) {
return null;
}
byte[] result = new byte[hexStr.length() / 2];
for (int i = 0; i < hexStr.length() / 2; i++) {
int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
result[i] = (byte) (high * 16 + low);
}
return result;
}
public static void main(String[] args) {
String content = "idaddy0000000001KE0yS1GcqQ823TatPYMLbwOmu7NZXHJI111111";
System.out.println("加密前:" + content);
String encrypt = AESUtil.encrypt(content, KEY);
System.out.println("加密後:" + encrypt);
System.out.println("解密後:"+AESUtil.decrypt(encrypt, KEY));
}
}
結果:
加密前:123abc
加密後:ED4FFA53B4F3AE8277DEB8A4D313508E
解密後:123abc
php代碼:
/**
*
* @author ran
*
*/
class AES {
/**
*
* @param string $string 需要加密的字符串
* @param string $key 密鑰
* @return string
*/
public static function encrypt($string, $key)
{
// 對接java,服務商做的AES加密通過SHA1PRNG算法(只要password一樣,每次生成的數組都是一樣的),Java的加密源碼翻譯php如下:
$key = substr(openssl_digest(openssl_digest($key, 'sha1', true), 'sha1', true), 0, 16);
// openssl_encrypt 加密不同Mcrypt,對祕鑰長度要求,超出16加密結果不變
$data = openssl_encrypt($string, 'AES-128-ECB', $key, OPENSSL_RAW_DATA);
$data = strtolower(bin2hex($data));
return $data;
}
/**
* @param string $string 需要解密的字符串
* @param string $key 密鑰
* @return string
*/
public static function decrypt($string, $key)
{
// 對接java,服務商做的AES加密通過SHA1PRNG算法(只要password一樣,每次生成的數組都是一樣的),Java的加密源碼翻譯php如下:
$key = substr(openssl_digest(openssl_digest($key, 'sha1', true), 'sha1', true), 0, 16);
$decrypted = openssl_decrypt(hex2bin($string), 'AES-128-ECB', $key, OPENSSL_RAW_DATA);
return $decrypted;
}
}
$encrypt = AES::encrypt('123abc', 'g87y65ki6e8p93av8zjdrtfdrtgdwetd');
$decrypt = AES::decrypt($encrypt, 'g87y65ki6e8p93av8zjdrtfdrtgdwetd');
echo "加密後:".$encrypt."\n";
echo "解密:".$decrypt;
加密後:ed4ffa53b4f3ae8277deb8a4d313508e
解密:123abc