[英]Replicating Java's AES/CBC/PKCS5Padding encryption in PHP
下面包含了Java和php代碼以及輸出。 目標是獲取PHP中的Java校驗和值。 可以看出,我在php中的輸入與在Java中相同,盡管我嘗試了php的openssl_encrypt函數中許多參數變體,但無法獲得所需的輸出。 幫助解決此問題將不勝感激! 請注意,Java代碼是權威的,任何需要的更改都只能在php中進行。
Java代碼:
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;
import java.io.ByteArrayOutputStream;
public class ChecksumGen {
public static void main(final String[] args) {
String data = "INPUTDATA";
String secretKey = "0000000000000000000000000000000000000000000000000000000000000000";
byte[] iv = new byte[16];
try {
byte[] hashedData = getDigest(data);
byte[] key = hexStringToByteArray(secretKey);
byte[] checksum = encrypt(key, hashedData, iv);
showB64("key ", key);
showB64("iv ", iv);
showB64("hashedData ", hashedData);
showB64("checksum ", checksum);
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}
public static byte[] getDigest(String checkSumInput) {
try {
MessageDigest localMessageDigest = MessageDigest.getInstance("SHA-256");
byte[] checkSumInputBytes = checkSumInput.getBytes("UTF-8");
localMessageDigest.update(checkSumInputBytes);
byte[] digest = localMessageDigest.digest();
return digest;
} catch (NoSuchAlgorithmException | UnsupportedEncodingException ex) {
throw new RuntimeException(ex);
}
}
public static byte[] hexStringToByteArray(String s) {
byte[] b = new byte[s.length() / 2];
for (int i = 0; i < b.length; i++) {
int index = i * 2;
int v = Integer.parseInt(s.substring(index, index + 2), 16);
b[i] = (byte) v;
}
return b;
}
public static byte[] encrypt(byte[] key,byte[] data, byte[] iv)throws Exception{
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
IvParameterSpec ivSpec = new IvParameterSpec(iv);
Cipher acipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
acipher.init(Cipher.ENCRYPT_MODE, secretKeySpec,ivSpec);
byte[] arrayOfByte1 = acipher.doFinal(data);
return arrayOfByte1;
}
public static void showB64(String label, byte[] rawData) {
System.out.println(label + ":" + Base64.getEncoder().encodeToString(rawData));
}
}
PHP代碼:
<?php
$data = "INPUTDATA";
$hashedData = hash("sha256", $data, true);
$secretKey = "0000000000000000000000000000000000000000000000000000000000000000";
$ivStr = "00000000000000000000000000000000";
$key = pack('H*', $secretKey);
$iv = pack('H*', $ivStr);
$inputData = pkcs5_pad($hashedData, 16);
showB64('key', $key);
showB64('iv', $iv);
showB64('hashedData', $hashedData);
showB64('inputData', $inputData);
$checksum = encrypt($key, $inputData, $iv);
showB64('checksum', $checksum);
function encrypt($key,$data,$iv){
$cipher = 'AES-128-CBC';
$options = OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING;
$raw = openssl_encrypt(
$data,
$cipher,
$key,
$options,
$iv
);
return $raw;
}
function pkcs5_pad($text, $blocksize){
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
function showB64($label, $rawData) {
echo "{$label} :".base64_encode($rawData)."\n";
}
Java輸出:
key :AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
iv :AAAAAAAAAAAAAAAAAAAAAA==
hashedData :ZAgNCUfIbdT9EjdkCb3XDNpMFGV34rXNjcTOQ9cdZ3w=
checksum :9NS/ZKMscpa4V7i2YQQPoycxCwbL1BlK3h9O/1ujoD1iYgjE8tZx+JRGflw5WikH
PHP輸出:
key :AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
iv :AAAAAAAAAAAAAAAAAAAAAA==
hashedData :ZAgNCUfIbdT9EjdkCb3XDNpMFGV34rXNjcTOQ9cdZ3w=
inputData :ZAgNCUfIbdT9EjdkCb3XDNpMFGV34rXNjcTOQ9cdZ3wQEBAQEBAQEBAQEBAQEBAQ
checksum :LtdJzSl9UgEpZrpdg7X5g5CYqE3eXQvijazrvkw0XFNY2bxn8zGp1ea8DrUmw/uu
最后按照以下鏈接找出解決方案:
https://gist.github.com/odan/c1dc2798ef9cedb9fedd09cdfe6e8e76#gistcomment-2743227
MCRYPT_RIJNDAEL_128
與AES-128-CBC
。
在MYCRYT_RIJNDAEL_128
,128實際上是指塊大小,而不是密鑰大小;在AES-128-CBC
,128是指密鑰大小,即當與有效的256位密鑰一起使用時,它們都是AES-256
。
在PHP代碼中,將函數crypto()中的$ cipher從'AES-128-CBC'更改為'AES-256-CBC'幫助我們使用openssl_encrypt獲得所需的輸出。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.