1. 首頁
  2. 問答
  3. AES Encryption Java - > PHP - > Java

AES Encryption Java - > PHP - > Java

2012-03-12 55 views
5

在我的Android應用程序中,我正在與Web服務進行通信,所發送和響應的數據使用AES加密進行加密。AES Encryption Java - > PHP - > Java

所以我做的是以下幾點。我發送一個base64編碼的AES加密JSON字符串share.php

Share.php然後將解密此字符串並將其插入到數據庫中。之後,PHP將加密編碼響應。

我的Android應用程序然後需要解碼en解密此消息。

但PHP解碼的反應不太好。

這是我AES.java

public class AES { 
private final String characterEncoding = "UTF-8"; 
private final String cipherTransformation = "AES/ECB/PKCS5Padding"; 
private final String aesEncryptionAlgorithm = "AES"; 

public byte[] decrypt(byte[] cipherText, byte[] key, byte [] initialVector) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException 
{ 
    Cipher cipher = Cipher.getInstance(cipherTransformation); 
    SecretKeySpec secretKeySpecy = new SecretKeySpec(key, aesEncryptionAlgorithm); 
    //IvParameterSpec ivParameterSpec = new IvParameterSpec(initialVector); 
    //cipher.init(Cipher.DECRYPT_MODE, secretKeySpecy, ivParameterSpec); 
    cipher.init(Cipher.DECRYPT_MODE, secretKeySpecy); 
    System.out.println("Do final: "+cipherText); 

    cipherText = cipher.doFinal(cipherText); 
    return cipherText; 
} 

public byte[] encrypt(byte[] plainText, byte[] key, byte [] initialVector) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException 
{ 
    Cipher cipher = Cipher.getInstance(cipherTransformation); 
    SecretKeySpec secretKeySpec = new SecretKeySpec(key, aesEncryptionAlgorithm); 
    //IvParameterSpec ivParameterSpec = new IvParameterSpec(initialVector); 
    //cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec); 
    cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec); 
    plainText = cipher.doFinal(plainText); 
    return plainText; 
} 

private byte[] getKeyBytes(String key) throws UnsupportedEncodingException{ 
    byte[] keyBytes= new byte[16]; 
    byte[] parameterKeyBytes= key.getBytes(characterEncoding); 
    System.arraycopy(parameterKeyBytes, 0, keyBytes, 0, Math.min(parameterKeyBytes.length, keyBytes.length)); 
    return keyBytes; 
} 

/// <summary> 
/// Encrypts plaintext using AES 128bit key and a Chain Block Cipher and returns a base64 encoded string 
/// </summary> 
/// <param name="plainText">Plain text to encrypt</param> 
/// <param name="key">Secret key</param> 
/// <returns>Base64 encoded string</returns> 
public String encrypt(String plainText, String key) throws UnsupportedEncodingException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException{ 
    byte[] plainTextbytes = plainText.getBytes(characterEncoding); 
    byte[] keyBytes = getKeyBytes(key); 
    //return Base64.encodeToString(encrypt(plainTextbytes,keyBytes, keyBytes), Base64.DEFAULT); 
    return Base64.encodeToString(encrypt(plainTextbytes,keyBytes, new byte[0]), Base64.DEFAULT); 
} 

/// <summary> 
/// Decrypts a base64 encoded string using the given key (AES 128bit key and a Chain Block Cipher) 
/// </summary> 
/// <param name="encryptedText">Base64 Encoded String</param> 
/// <param name="key">Secret Key</param> 
/// <returns>Decrypted String</returns> 
public String decrypt(String encryptedText, String key) throws KeyException, GeneralSecurityException, GeneralSecurityException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException{ 
    byte[] cipheredBytes = Base64.decode(encryptedText, Base64.DEFAULT); 
    byte[] keyBytes = getKeyBytes(key); 
    //return new String(decrypt(cipheredBytes, keyBytes, keyBytes), characterEncoding); 
    return new String(decrypt(cipheredBytes, keyBytes, new byte[0]), characterEncoding); 
}

}

這是編碼加密連接在PHP中的響應代碼:

function mc_encrypt($encrypt, $mc_key) { 
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND); 
    $passcrypt = trim(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $mc_key, trim($encrypt), MCRYPT_MODE_ECB, $iv)); 
    $encode = base64_encode($passcrypt); 
    return $encode; 
} 

function mc_decrypt($decrypt, $mc_key) { 
    $decoded = base64_decode($decrypt); 
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND); 
    $decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $mc_key, trim($decoded), MCRYPT_MODE_ECB, $iv)); 
    return $decrypted; 
}

我猜的設置PHP加密與Java部分的設置不匹配。我可以

我得到了以下錯誤:

03-12 13:44:09.661: W/System.err(15717): javax.crypto.BadPaddingException: pad block corrupted

來源

2012-03-12 sn0ep

+2

爲什麼不只是使用https? – kirilloid 2012-03-12 13:00:51

+1

有一件事是填充模式不匹配,請參閱http://www.php.net/manual/de/ref.mcrypt.php#69782 – Niko 2012-03-12 14:12:57

回答

0

我建議你看一看http://phpaes.com/。這是一個純粹用PHP實現的免費AES加密庫;它使用起來非常快速而且非常簡單。

最起碼,它可以讓你更近一步地隔離問題的真正根源。

來源

2012-03-13 01:08:41 infomaniac

+1

另一個要注意的事情:'base64編碼'有許多不同形狀和大小。當談到在base64中編碼二進制數據時,你必須確保你的客戶端和服務器端代碼都能正常工作。我建議從比加密數據簡單的事情開始,測試你的場所,並確保你已經覆蓋了所有更基本的基礎。 – infomaniac 2012-03-13 01:10:32

-4

這可能不是您正在尋找的答案 - 但是您是否有手動加密此數據而不是使用SSL/HTTPS的特定原因?

在大多數情況下,HTTPS比手動實現對稱密碼更容易實施並且更安全。

來源

2012-03-13 01:22:19

+0

SSL/HTTPS不會取代對稱加密,並且存在即使SSL/HTTPS通道也不可信的情況。 – 2014-06-17 09:16:02

相關問題

 相關問題