前提说明
对接口的业务数据进行AES-128-CBC-PKCS5Padding加密,然后做 Base64编码将得到的最终字符串
特别注意
在废弃的 mcrypt加密库中,128实际上指的是块大小而不是密钥大小
但是在 openssl 中的 aes-128-cbc 的128 指的是密钥大小
也就是说,在使用有效的256位密钥时,它们都是aes-256,而如果要把 mcrypt 转为 openssl 的加密方式, mcrypt 的128 需要写成 openssl 的 256
java的 aes-128-cbc , 在php中要写成 aes-256-cbc
java 代码
package xmb.util;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import com.alibaba.fastjson.JSONObject;
import ncd.comm.tools.StringUtil;
import org.apache.commons.codec.binary.Base64;
public class AESUtil {
// mode_key:Cipher
private static final Map<String, Cipher> CIPHERMAP_MAP = new HashMap<String, Cipher>();
// constants
private static final String DEFAULT_CHARSET = "utf-8";
private static final String ALGORITHM_NAME = "AES";
private static final String ALGORITHM_STR = ALGORITHM_NAME + "/CBC/PKCS5Padding";
private static final String IV = "1234567890123456";
/**
* get cipher
*
* @param mode
* @param key
* @param charset
* @return
* @throws Exception
*/
private static Cipher getCipher(int mode, String key, String charset) throws Exception {
Cipher cipher = CIPHERMAP_MAP.get(mode + "_" + key);
if (cipher != null) {
return cipher;
}
// secretKeySpec
SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(charset), ALGORITHM_NAME);
// ivParameterSpec
IvParameterSpec ivParameterSpec = new IvParameterSpec(IV.getBytes(charset));
// cipher
cipher = Cipher.getInstance(ALGORITHM_STR);
cipher.init(mode, secretKeySpec, ivParameterSpec);
// return
CIPHERMAP_MAP.put(mode + "_" + key, cipher);
return cipher;
}
public static String encrypt(String a, String key, String charset) throws Exception {
Cipher cipher = getCipher(Cipher.ENCRYPT_MODE, key, charset);
byte[] resultByte = cipher.doFinal(a.getBytes(charset));
return base64BytesToString(resultByte, charset);
}
public static String encrypt(String a, String key) throws Exception {
return encrypt(a, key, DEFAULT_CHARSET);
}
public static String decrypt(String a, String key, String charset) throws Exception {
Cipher cipher = getCipher(Cipher.DECRYPT_MODE, key, charset);
byte[] inputByte = base64stringToBytes(a, charset);
byte[] resultByte = cipher.doFinal(inputByte);
return new String(resultByte, charset);
}
public static String decrypt(String a, String key) throws Exception {
return decrypt(a, key, DEFAULT_CHARSET);
}
private static String base64BytesToString(byte[] bytes, String charset) throws Exception {
return new String(Base64.encodeBase64(bytes), charset);
}
private static byte[] base64stringToBytes(String string, String charset) throws Exception {
return Base64.decodeBase64(string.getBytes(charset));
}
/**
* 解析参数并转成json返回
* @param paramsStr 加密参数
* @param paramsKey 签名key
* @return 返回json对象结果
*/
public static JSONObject decryptToJsonObject(String paramsStr, String paramsKey) throws Exception {
String params = decrypt(paramsStr, paramsKey);
if (!StringUtil.isEmpty(params)) {
return JSONObject.parseObject(params);
}
return null;
}
public static void main(String[] args) throws Exception {
String a = "123456";
System.out.println(encrypt(a,"vyhnYtwnHExqxbj6kGvjhpl6QQXS6Y13"));
}
}
php 对应代码
$key = "vyhnYtwnHExqxbj6kGvjhpl6QQXS6Y13";
$txt = "123456";
$options = OPENSSL_RAW_DATA;
$iv = "1234567890123456";
// 加密
function encrypt($input, $key, $iv){
return base64_encode(openssl_encrypt($input, 'AES-256-CBC', $key, OPENSSL_RAW_DATA,$iv));
}
// 解密
function decrypt($input, $key, $iv){
return openssl_decrypt(base64_decode($input), 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
}
$str = '123456';
echo "加密结果: ".encrypt($str, $key, $iv);
$encrypt = '6H5HIbnvlq/7fnhNNNw6yg==';
echo "解密结果: ".decrypt($encrypt, $key, $iv);
参考文档: https://www.jianshu.com/p/ae1f955e7a75
加密解密在线工具: http://tool.chacuo.net/cryptaes/
