为php和java实现的加密方法? [英] Encryption method that's implemented for both php and java?
问题描述
我想加密java端的字符串,传递给php脚本,然后让php脚本解密它们。
由于我使用的提供商的限制,我无法使用https。
谢谢
希望这可以让你开始。错误处理丢失,秘密密钥是硬编码的。这两个都需要解决生产质量代码。从Java端可以使用 Java加密体系结构(JCA):
import javax。 crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
public final void testTesting()throws异常{
final String plainText =plain text;
final String result = encrypt(plainText);
System.out.println(result);
}
public String encrypt(final String plainText)throws异常{
final byte [] data = plainText.getBytes(UTF-8);
final byte [] encoded = encrypt(data);
final String result = new String(encoded);
返回结果;
}
public byte [] encrypt(final byte [] data)throws异常{
//这只是一个示例键,实际代码应该使用正确生成的共享秘密
final byte [] secret = new byte [] {42,42,42,42,42,42,42,42,42,42,42,42,42,42,42,42};
final SecretKeySpec key = new SecretKeySpec(secret,AES);
final Cipher encryptionCipher = Cipher.getInstance(AES / CBC / PKCS5Padding);
encryptCipher.init(Cipher.ENCRYPT_MODE,key);
final byte [] iv = encryptCipher.getIV();
final byte [] encrypted = encryptCipher.doFinal(data);
final int outputLength = encrypted.length;
final int ivLength = iv.length;
final byte [] results = new byte [outputLength + ivLength];
System.arraycopy(iv,0,results,0,ivLength);
System.arraycopy(encrypted,0,results,ivLength,outputLength);
return DatatypeConverter.printBase64Binary(encoded);
}
从PHP方面,您将需要 Mcrypt 。
<?php
$ key = base64_decode('KioqKioqKioqKioqKioqKg ==');
$ input = base64_decode($ _ GET ['input']);
$ plain_text = substr($ input,16);
$ initialization_vector = substr($ input,0,16);
echo pkcs5_unpad(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$ key,$ plain_text,MCRYPT_MODE_CBC,$ initialization_vector));
函数pkcs5_unpad($ text){
$ pad = ord($ text {strlen($ text)-1});
if($ pad> strlen($ text)){
return false;
}
if(strftn($ text,chr($ pad),strlen($ text) - $ pad)!= $ pad){
return false;
}
return substr($ text,0,-1 * $ pad);
}
?>
功能 pkcs5_unpad
已从这里,因为似乎PHP Mcrypt不包括对PKCS5填充的支持。 Java代码使用用于加密数据的初始化向量对数据进行前缀。随后,PHP代码将其分为两个,初始化向量和加密数据。
此代码使用128位 AES ( Rijndael )in CBC 模式,这对于大多数应用来说应该足够安全。除了简单的加密之外,我建议您使用 HMAC 如此处所述以确保数据不被篡改。要在Java中执行HMAC,请使用 Mac 类。对于PHP,请参阅 Mhash 。
I have to pass some strings from a java servlet to a php script. What options are there for encrypting the strings? I'd need a method that is implemented for both java and php (like..a caesar cipher...). Is there any standard encryption method I should be able to get a library for both java and php?
I want to encrypt the strings on the java side, pass to the php script, then let the php script decrypt them.
I can't use https due to the limitations of the provider I'm using.
Thanks
Hopefully this can get you started. Error handling is missing and the secret key is hard coded. Both of those would need to be addressed for production quality code. From the Java side you can use the Java Cryptography Architecture (JCA):
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
public final void testTesting() throws Exception {
final String plainText = "plain text";
final String result = encrypt(plainText);
System.out.println(result);
}
public String encrypt(final String plainText) throws Exception {
final byte[] data = plainText.getBytes("UTF-8");
final byte[] encoded = encrypt(data);
final String result = new String(encoded);
return result;
}
public byte[] encrypt(final byte[] data) throws Exception {
// this is just an example key, real code should use a properly generated shared secret
final byte[] secret = new byte[] {42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42};
final SecretKeySpec key = new SecretKeySpec(secret, "AES");
final Cipher encryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
encryptCipher.init(Cipher.ENCRYPT_MODE, key);
final byte[] iv = encryptCipher.getIV();
final byte[] encrypted = encryptCipher.doFinal(data);
final int outputLength = encrypted.length;
final int ivLength = iv.length;
final byte[] results = new byte[outputLength + ivLength];
System.arraycopy(iv, 0, results, 0, ivLength);
System.arraycopy(encrypted, 0, results, ivLength, outputLength);
return DatatypeConverter.printBase64Binary(encoded);
}
From the PHP side, you are going to need Mcrypt.
<?php
$key = base64_decode('KioqKioqKioqKioqKioqKg==');
$input = base64_decode($_GET['input']);
$plain_text = substr($input, 16);
$initialization_vector = substr($input, 0, 16);
echo pkcs5_unpad(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $plain_text, MCRYPT_MODE_CBC, $initialization_vector));
function pkcs5_unpad($text) {
$pad = ord($text{strlen($text)-1});
if ($pad > strlen($text)) {
return false;
}
if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) {
return false;
}
return substr($text, 0, -1 * $pad);
}
?>
The function pkcs5_unpad
was copied from here since it seems that PHP Mcrypt doesn't include support for PKCS5 padding. The Java code prefixes the data with the initialization vector used to encrypt it. Subsequently the PHP code splits it into two, the initialization vector and the encrypted data.
This code uses 128 bit AES (Rijndael) in CBC mode which should be secure enough for most uses. In addition to the simple encryption, I recommend using an HMAC as described here to ensure the data isn't tampered with. To perform the HMAC in Java, use the Mac class. For PHP, see Mhash.
这篇关于为php和java实现的加密方法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!