AES CBC PKCS5Padding with SecretKey 从 Java 到 Php
AES CBC PKCS5Padding with SecretKey from Java to Php
我需要将此代码从 Java 转换为 PHP:
我知道我应该将 iv 和 SALT 从字节转换为字符串,因为 PHP 需要
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv_array_string);
String password = "mypass";
String encoding = "UTF-8";
String cleanString = "text to encode";
byte[] salt_array = {(byte) 0x98, (byte) 0x71, (byte) 0x1F, (byte) 0x71, (byte) 0x5D, (byte) 0x71, (byte) 0x28, (byte) 0x8F};
//Key
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt_array, 16, 128);
SecretKey tmp = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(keySpec);
SecretKey key = new SecretKeySpec(tmp.getEncoded(), "AES");
//ciphers
byte[] iv_array = {(byte) 0x98, (byte) 0x71, (byte) 0xF3, (byte) 0x52, (byte) 0x1A, (byte) 0x71, (byte) 0x38, (byte) 0x1F, (byte) 0x75, (byte) 0x1F, (byte) 0x1F, (byte) 0xE0, (byte) 0xEF, (byte) 0x39, (byte) 0x98, (byte) 0x1F};
Cipher encChiper = Cipher.getInstance("AES/CBC/PKCS5Padding");
AlgorithmParameterSpec params = new iv_arrayParameterSpec(iv_array);
encChiper.init(Cipher.ENCRYPT_MODE, key, params);
byte[] crypted = encChiper.doFinal(cleanString.getBytes(encoding));
//output encoded
String base64Crypted = new String(Base64.encodeBase64(crypted), encoding);
这是一个可能的解决方案。在 PHP <5.5 中你必须使用 pbkdf2() 函数(php 框架 api 中没有提供)。 PHP >=5.5 具有函数 hash_pbkdf2(..)
<?php
class CbcCrypt {
private $iterations = 16;
private $key_lenght = 16;
private $password = "password";
//parametro utilizzato da key per generare la chiave
private $salt = array(0xA7, 0x71, 0x1F, 0xF5, 0x5D, 0xD2, 0x28, 0x8F);
//parametro utilizzato dall'algoritmo per il cript
private $iv = array(0xCB, 0x35, 0xF3, 0x52, 0x1A, 0xF7, 0x38, 0x0B, 0x75, 0x03, 0x8E, 0xE0, 0xEF, 0x39, 0x98, 0xC7);
public function encrypt($data) {
$ivStr = implode(array_map("chr", $this->iv));
$saltStr = implode(array_map("chr", $this->salt));
//key generator
//$hash = hash_pbkdf2("sha1", $this->password, $saltStr, $this->iterations, $this->key_lenght, true);
$hash = $this->pbkdf2($this->password, $saltStr, "sha1", $this->iterations, $this->key_lenght, true);
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $ivStr);
//aggiunta del padding
$toEncryptStrPadded = $this->pkcs5_pad($data);
mcrypt_generic_init($td, $hash, $ivStr);
$encrypted = mcrypt_generic($td, $toEncryptStrPadded);
//print_r('base64 enc: ' . base64_encode($encrypted));
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return base64_encode($encrypted);
}
function pbkdf2($password, $salt, $algorithm = 'sha512', $count = 20000, $key_length = 128, $raw_output = false) {
if (!in_array($algorithm, hash_algos(), true)) {
exit;
}
if ($count <= 0 || $key_length <= 0) {
$count = 20000;
$key_length = 128;
}
$hash_length = strlen(hash($algorithm, "", true));
$block_count = ceil($key_length / $hash_length);
$output = "";
for ($i = 1; $i <= $block_count; $i++) {
$last = $salt . pack("N", $i);
$last = $xorsum = hash_hmac($algorithm, $last, $password, true);
for ($j = 1; $j < $count; $j++) {
$xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));
}
$output .= $xorsum;
}
if ($raw_output) {
return substr( $output, 0, $key_length );
} else {
return base64_encode(substr( $output, 0, $key_length ));
}
}
function pkcs5_pad($text) {
$blocksize = 16;
$pad = $blocksize - (strlen( $text ) % $blocksize);
}
}
?>
让我知道是否可以。
我需要将此代码从 Java 转换为 PHP:
我知道我应该将 iv 和 SALT 从字节转换为字符串,因为 PHP 需要
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv_array_string);
String password = "mypass";
String encoding = "UTF-8";
String cleanString = "text to encode";
byte[] salt_array = {(byte) 0x98, (byte) 0x71, (byte) 0x1F, (byte) 0x71, (byte) 0x5D, (byte) 0x71, (byte) 0x28, (byte) 0x8F};
//Key
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt_array, 16, 128);
SecretKey tmp = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(keySpec);
SecretKey key = new SecretKeySpec(tmp.getEncoded(), "AES");
//ciphers
byte[] iv_array = {(byte) 0x98, (byte) 0x71, (byte) 0xF3, (byte) 0x52, (byte) 0x1A, (byte) 0x71, (byte) 0x38, (byte) 0x1F, (byte) 0x75, (byte) 0x1F, (byte) 0x1F, (byte) 0xE0, (byte) 0xEF, (byte) 0x39, (byte) 0x98, (byte) 0x1F};
Cipher encChiper = Cipher.getInstance("AES/CBC/PKCS5Padding");
AlgorithmParameterSpec params = new iv_arrayParameterSpec(iv_array);
encChiper.init(Cipher.ENCRYPT_MODE, key, params);
byte[] crypted = encChiper.doFinal(cleanString.getBytes(encoding));
//output encoded
String base64Crypted = new String(Base64.encodeBase64(crypted), encoding);
这是一个可能的解决方案。在 PHP <5.5 中你必须使用 pbkdf2() 函数(php 框架 api 中没有提供)。 PHP >=5.5 具有函数 hash_pbkdf2(..)
<?php
class CbcCrypt {
private $iterations = 16;
private $key_lenght = 16;
private $password = "password";
//parametro utilizzato da key per generare la chiave
private $salt = array(0xA7, 0x71, 0x1F, 0xF5, 0x5D, 0xD2, 0x28, 0x8F);
//parametro utilizzato dall'algoritmo per il cript
private $iv = array(0xCB, 0x35, 0xF3, 0x52, 0x1A, 0xF7, 0x38, 0x0B, 0x75, 0x03, 0x8E, 0xE0, 0xEF, 0x39, 0x98, 0xC7);
public function encrypt($data) {
$ivStr = implode(array_map("chr", $this->iv));
$saltStr = implode(array_map("chr", $this->salt));
//key generator
//$hash = hash_pbkdf2("sha1", $this->password, $saltStr, $this->iterations, $this->key_lenght, true);
$hash = $this->pbkdf2($this->password, $saltStr, "sha1", $this->iterations, $this->key_lenght, true);
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $ivStr);
//aggiunta del padding
$toEncryptStrPadded = $this->pkcs5_pad($data);
mcrypt_generic_init($td, $hash, $ivStr);
$encrypted = mcrypt_generic($td, $toEncryptStrPadded);
//print_r('base64 enc: ' . base64_encode($encrypted));
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return base64_encode($encrypted);
}
function pbkdf2($password, $salt, $algorithm = 'sha512', $count = 20000, $key_length = 128, $raw_output = false) {
if (!in_array($algorithm, hash_algos(), true)) {
exit;
}
if ($count <= 0 || $key_length <= 0) {
$count = 20000;
$key_length = 128;
}
$hash_length = strlen(hash($algorithm, "", true));
$block_count = ceil($key_length / $hash_length);
$output = "";
for ($i = 1; $i <= $block_count; $i++) {
$last = $salt . pack("N", $i);
$last = $xorsum = hash_hmac($algorithm, $last, $password, true);
for ($j = 1; $j < $count; $j++) {
$xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));
}
$output .= $xorsum;
}
if ($raw_output) {
return substr( $output, 0, $key_length );
} else {
return base64_encode(substr( $output, 0, $key_length ));
}
}
function pkcs5_pad($text) {
$blocksize = 16;
$pad = $blocksize - (strlen( $text ) % $blocksize);
}
}
?>
让我知道是否可以。