使用原因:
因为在项目中,需要在与客户端
(IOS,Android)交互的时候,保存一些私有信息,不被别人看到,所以,使用了比较流行的可以反向加解密
的AES。
PHP 源码
<?php
$aes = new aes;
echo $aes->aes128cbcEncrypt("11122222");
echo "\n";
echo $aes->aes128cbcEncrypt("中文aes演示");
echo "\n";
class aes{
const KEY="625202f9149e061d";
const IV ="5efd3f6060e20330";
/**
* pkcs7补码
* @param string $string 明文
* @param int $blocksize Blocksize , 以 byte 为单位
* @return String
*/
private function addPkcs7Padding($string, $blocksize = 32) {
$len = strlen($string); //取得字符串长度
$pad = $blocksize - ($len % $blocksize); //取得补码的长度
$string .= str_repeat(chr($pad), $pad); //用ASCII码为补码长度的字符, 补足最后一段
return $string;
}
/**
* 加密然后base64转码
*
* @param String 明文
* @param 加密的初始向量(IV的长度必须和Blocksize一样, 且加密和解密一定要用相同的IV)
* @param $key 密钥
*/
function aes256cbcEncrypt($str, $iv, $key ) {
return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $this->addPkcs7Padding($str) , MCRYPT_MODE_CBC, $iv));
}
/**
* 除去pkcs7 padding
*
* @param String 解密后的结果
*
* @return String
*/
private function stripPkcs7Padding($string){
$slast = ord(substr($string, -1));
$slastc = chr($slast);
$pcheck = substr($string, -$slast);
if(preg_match("/$slastc{".$slast."}/", $string)){
$string = substr($string, 0, strlen($string)-$slast);
return $string;
} else {
return false;
}
}
/**
* 解密
*
* @param String $encryptedText 二进制的密文
* @param String $iv 加密时候的IV
* @param String $key 密钥
* @return String
*/
function aes256cbcDecrypt($encryptedText, $iv, $key) {
$encryptedText =base64_decode($encryptedText);
return $this->stripPkcs7Padding(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encryptedText, MCRYPT_MODE_CBC, $iv));
}
function aes128cbcDecrypt($encryptedText, $iv=self::IV, $key=self::KEY) {
$encryptedText =base64_decode($encryptedText);
return $this->stripPkcs7Padding(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $encryptedText, MCRYPT_MODE_CBC, $iv));
}
function hexToStr($hex)//十六进制转字符串
{
$string="";
for($i=0;$i<strlen($hex)-1;$i+=2)
$string.=chr(hexdec($hex[$i].$hex[$i+1]));
return $string;
}
function strToHex($string)//字符串转十六进制
{
$hex="";
$tmp="";
for($i=0;$i<strlen($string);$i++)
{
$tmp = dechex(ord($string[$i]));
$hex.= strlen($tmp) == 1 ? "0".$tmp : $tmp;
}
$hex=strtoupper($hex);
return $hex;
}
function aes128cbcHexDecrypt($encryptedText, $iv=self::IV, $key=self::KEY) {
$str = $this->hexToStr($encryptedText);
return $this->stripPkcs7Padding(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $str, MCRYPT_MODE_CBC, $iv));
}
function aes128cbcEncrypt($str, $iv=self::IV, $key=self::KEY ) { // $this->addPkcs7Padding($str,16)
$base = (mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,$this->addPkcs7Padding($str,16) , MCRYPT_MODE_CBC, $iv));
return $this->strToHex($base);
}
}
运行结果
在线验证加解密结果
验证地址http://www.seacha.com/tools/aes.html
IOS 源码
@implementation NSString (AES256)
-(NSString *) aes256_encrypt:(NSString *)key
{
const char *cstr = [self cStringUsingEncoding:NSUTF8StringEncoding];
NSData *data = [NSData dataWithBytes:cstr length:self.length];
//对数据进行加密
NSData *result = [data aes256_encrypt:key];
//转换为2进制字符串
if (result && result.length > 0) {
Byte *datas = (Byte*)[result bytes];
NSMutableString *output = [NSMutableString stringWithCapacity:result.length * 2];
for(int i = 0; i < result.length; i++){
[output appendFormat:@"%02x", datas[i]];
}
return output;
}
return nil;
}
-(NSString *) aes256_decrypt:(NSString *)key
{
//转换为2进制Data
NSMutableData *data = [NSMutableData dataWithCapacity:self.length / 2];
unsigned char whole_byte;
char byte_chars[3] = {'\0','\0','\0'};
int i;
for (i=0; i < [self length] / 2; i++) {
byte_chars[0] = [self characterAtIndex:i*2];
byte_chars[1] = [self characterAtIndex:i*2+1];
whole_byte = strtol(byte_chars, NULL, 16);
[data appendBytes:&whole_byte length:1];
}
//对数据进行解密
NSData* result = [data aes256_decrypt:key];
if (result && result.length > 0) {
return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
}
return nil;
}
@end
@implementation NSData (AES256)
- (NSData *)aes256_encrypt:(NSString *)key //加密
{
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128,
kCCOptionPKCS7Padding ,
keyPtr, kCCBlockSizeAES128,
[AES_IV UTF8String],
[self bytes], dataLength,
buffer, bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer);
return nil;
}
- (NSData *)aes256_decrypt:(NSString *)key //解密
{
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128,
kCCOptionPKCS7Padding ,
keyPtr, kCCBlockSizeAES128,
[AES_IV UTF8String],
[self bytes], dataLength,
buffer, bufferSize,
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}
free(buffer);
return nil;
}
@end
Android
java
import java.io.UnsupportedEncodingException; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; /** * AES加密解密算法 * * @author long */ public class AesEncryptionUtil { // /** 算法/模式/填充 **/ private static final String CipherMode = "AES/CBC/PKCS5Padding"; // /** 创建密钥 **/ private static SecretKeySpec createKey(String key) { byte[] data = null; if (key == null) { key = ""; } StringBuffer sb = new StringBuffer(16); sb.append(key); while (sb.length() < 16) { sb.append("0"); } if (sb.length() > 16) { sb.setLength(16); } try { data = sb.toString().getBytes("UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return new SecretKeySpec(data, "AES"); } private static IvParameterSpec createIV(String password) { byte[] data = null; if (password == null) { password = ""; } StringBuffer sb = new StringBuffer(16); sb.append(password); while (sb.length() < 16) { sb.append("0"); } if (sb.length() > 16) { sb.setLength(16); } try { data = sb.toString().getBytes("UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return new IvParameterSpec(data); } // /** 加密字节数据 **/ public static byte[] encrypt(byte[] content, String password, String iv) { try { SecretKeySpec key = createKey(password); Cipher cipher = Cipher.getInstance(CipherMode); cipher.init(Cipher.ENCRYPT_MODE, key, createIV(iv)); byte[] result = cipher.doFinal(content); return result; } catch (Exception e) { e.printStackTrace(); } return null; } // /** 加密(结果为16进制字符串) **/ public static String encrypt(String content, String password, String iv) { byte[] data = null; try { data = content.getBytes("UTF-8"); } catch (Exception e) { e.printStackTrace(); } data = encrypt(data, password, iv); String result = ToHexUtil.byte2hex(data); return result; } // /** 解密字节数组 **/ public static byte[] decrypt(byte[] content, String password, String iv) { try { SecretKeySpec key = createKey(password); Cipher cipher = Cipher.getInstance(CipherMode); cipher.init(Cipher.DECRYPT_MODE, key, createIV(iv)); byte[] result = cipher.doFinal(content); return result; } catch (Exception e) { e.printStackTrace(); } return null; } // /** 解密 **/ public static String decrypt(String content, String password, String iv) { byte[] data = null; try { data = ToHexUtil.hex2byte(content); } catch (Exception e) { e.printStackTrace(); } data = decrypt(data, password, iv); if (data == null) return null; String result = null; try { result = new String(data, "UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return result; } }