JAVA AES-128-CBC加密 PHP7 OpenSSL解密失败?报错 -问答-阿里云开发者社区-阿里云

开发者社区> 问答> 正文

JAVA AES-128-CBC加密 PHP7 OpenSSL解密失败?报错

因为相信,所以看见。 2020-05-27 13:03:20 39

"

这是一段JAVA加密的代码,现在在转化为PHP7中的OpenSSL解密中,总是返回失败,Google之后,感觉问题出现在IV偏移量上,但是不太清楚具体原因,下面贴上JAVA的加密和PHP解密的方法,希望对对称加密比较熟悉的不惜赐教。

Java加密源码:

public class SecurityUtil {
    public static byte[] encrypt(String content, String password) throws Exception {
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
        secureRandom.setSeed(password.getBytes());
        kgen.init(128, secureRandom);

        SecretKey secretKey = kgen.generateKey();
        byte[] enCodeFormat = secretKey.getEncoded();
        SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");

        Cipher cipher = Cipher.getInstance("AES");
        byte[] byteContent = content.getBytes("utf-8");

        cipher.init(Cipher.ENCRYPT_MODE, key);
        return cipher.doFinal(byteContent);
    }

    public static byte[] decrypt(byte[] content, String password) throws Exception {
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
        secureRandom.setSeed(password.getBytes());
        kgen.init(128, secureRandom);
        SecretKey secretKey = kgen.generateKey();
        byte[] enCodeFormat = secretKey.getEncoded();
        SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.DECRYPT_MODE, key);
        return cipher.doFinal(content);
    }

    public static String decrypt(String value, String password) {
        try {
            byte[] raw = password.getBytes();
            SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
            IvParameterSpec iv = new IvParameterSpec(skeySpec.getEncoded());
            Cipher dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            dcipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
            return new String(dcipher.doFinal(asBin(value)));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "";
    }

}

PHP解密代码:

public static function decrypt($plainText, $key){
    $password =  substr(openssl_digest(openssl_digest($key, 'sha1', true), 'sha1', true), 0, 16);
   return openssl_decrypt($plainText, 'AES-128-CBC', $password, OPENSSL_RAW_DATA, $key);
}
"
Java 数据安全/隐私保护
分享到
取消 提交回答
全部回答(1)
  • 因为相信,所以看见。
    2020-05-27 16:26:46

    "

    asBin()这个应该是自定义接口吧,可否贴下源码!?

    ######

    我看JAVA的代码没有使用iv偏移量
    楼主你写错了一个地方喔 openssl_encrypt里的参数
    加密:

     $key = substr(openssl_digest(openssl_digest($key, 'sha1', true), 'sha1', true), 0, 16); $encRaw = openssl_encrypt($data, 'AES-128-ECB', $key, OPENSSL_RAW_DATA); $encHex = $this->strToHex($encRaw);

    return base64_encode($encHex);

    解密:

        $key = substr(openssl_digest(openssl_digest($key, 'sha1', true), 'sha1', true), 0, 16);
        $hex = base64_decode($plainText);
        $enByte = $this->hexToStr($hex);
        $dec = openssl_decrypt($enByte, 'AES-128-ECB', $key, OPENSSL_RAW_DATA, '');
        return $dec;

    这样写就没问题了
    https://segmentfault.com/q/10... 我的帖子 你可以看看

    "
    0 0
+ 订阅

云安全开发者的大本营

推荐文章
相似问题