PHP使用AES方式進行加密、解密。
使用openssl_encrypt函數進行加密:
openssl_encrypt ( string $data , string $method , string $key [, int $options = 0 [, string $iv = "" [, string &$tag = NULL [, string $aad = "" [, int $tag_length = 16 ]]]]] ) : string
參數$method - 加密方法,可選值DES-ECB、DES-CBC、DES-CTR、DES-OFB、DES-CFB
參數$options - 操作,可選值0、OPENSSL_RAW_DATA=1、OPENSSL_ZERO_PADDING=2、OPENSSL_NO_PADDING=3
OPENSSL_RAW_DATA方式,會用PKCS#7進行補位
OPENSSL_ZERO_PADDING方式,會用0進行補位
與前端交互只能使用OPENSSL_RAW_DATA和OPENSSL_ZERO_PADDING方式
參數$key和$iv只能是16位,超過16位PHP加密失敗,非16位,前端解密失敗。如果加密方法是DES-ECB,則iv必須爲空。
很多加密方法加密的結果是亂碼,所以需要對結果進行base64編碼,前端拿到直接解密,不需要base64解碼。
PHP加密解密代碼:
<?php
class Aes {
protected $method = 'AES-128-CBC';
protected $secret_key = '[email protected])_2o6dpu';
protected $options = OPENSSL_RAW_DATA;
public function encrypt($data) {
$ivlen = openssl_cipher_iv_length($this->method);
$iv = openssl_random_pseudo_bytes($ivlen);
$iv = bin2hex($iv);
if(strlen($iv) > $ivlen) {
$iv = substr($iv, 0, $ivlen);
}
if(is_array($data)) {
$data = json_encode($data);
}
$sign = openssl_encrypt($data, $this->method, $this->secret_key, $this->options, $iv);
$sign = base64_encode($sign);
return array('sign' => $sign, 'iv' => $iv);
}
public function decrypt($sign, $iv) {
return openssl_decrypt($sign, $this->method, $this->secret_key, $this->options, $iv);
}
}
$aes = new Aes;
$content = array('name' => 'test', 'sex' => 'man');
$result = $aes->encrypt($content);
print_r($result);
$data = $aes->decrypt(base64_decode($result['sign']), $result['iv']);
print_r($data);
打印出加密結果是:
Array
(
[sign] => SeZA9+1qK1jsEiPlUC9Rlus8g91Kqm6V8aDV1au5y0Q=
[iv] => 8c30406e5d51d4bc
)
前端解密需要用到CryptoJS,下載地址https://github.com/sytelus/CryptoJS
前端解密代碼:
<!DOCTYPE html>
<html>
<head>
<title></title>
<script src="./CryptoJS-master/rollups/aes.js"></script>
<script src="./CryptoJS-master/components/mode-ecb.js"></script>
<script src="./CryptoJS-master/components/pad-nopadding.js"></script>
<script type="text/javascript">
var sign = "SeZA9+1qK1jsEiPlUC9Rlus8g91Kqm6V8aDV1au5y0Q=";
var iv = "8c30406e5d51d4bc";
iv = CryptoJS.enc.Utf8.parse(iv);
var key = "[email protected])_2o6dpu";
key = CryptoJS.enc.Utf8.parse(key);
var decrypted = CryptoJS.AES.decrypt(sign, key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding : CryptoJS.pad.Pkcs7
});
decrypted = decrypted.toString(CryptoJS.enc.Utf8);
console.log('decrypted', decrypted);
</script>
</head>
<body>
</body>
</html>