Bash OpenSSL 不等于 php openssl_encrypt 值

Bash OpenSSL is not equal to php openssl_encrypt value

我试图在 bash 中达到与 php 相同的加密值,但没有成功。

这是我的 php 脚本







$message ='{"coupon_key":"011205358365345679","location_id":"288","device_key":"test_1234"}';

$key = "password";

$iv = base64_decode("dU+AyWweQYhAlGKLaxoS9w==");




    $base64_iv = base64_encode($iv);
    
    $base64_ev = base64_encode($encrypted_value);
 


    $encrypted_value = openssl_encrypt(
        $message,
        'AES-256-CBC',
        $key,
        OPENSSL_RAW_DATA|OPENSSL_NO_PADDING,
        $iv
    );


    $encode = base64_encode($encrypted_value);

//Zi7UcBwqM+gKZC9iZPgF3UHBXLUg1+Age/1+kRIfcstYBgGfYm7N1qCIFnm6jGn4AGQph/Q6hKjR1hYBT0wkJv8c8qFrHHZNUuraMfSRH3s=

   
    $mac = hash_hmac('sha256', $base64_iv . $encode, $key);
    



    echo '{"iv":"'.$base64_iv.'","value":"'.$encode.'","mac":"'.$mac.'"}'."<br>";

    //{"iv":"dU+AyWweQYhAlGKLaxoS9w==","value":"Zi7UcBwqM+gKZC9iZPgF3UHBXLUg1+Age/1+kRIfcstYBgGfYm7N1qCIFnm6jGn4AGQph/Q6hKjR1hYBT0wkJv8c8qFrHHZNUuraMfSRH3s=","mac":"97fb6f4226a917322c7361af1d9b2949ad96691c1fc1a7f1c8379c71ae19f356"}
   
    $retString2 =  base64_encode('{"iv":"'.$base64_iv.'","value":"'.$encode.'","mac":"'.$mac.'"}');
    echo $retString2;
    //eyJpdiI6ImRVK0F5V3dlUVloQWxHS0xheG9TOXc9PSIsInZhbHVlIjoiWmk3VWNCd3FNK2dLWkM5aVpQZ0YzVUhCWExVZzErQWdlLzEra1JJZmNzdFlCZ0dmWW03TjFxQ0lGbm02akduNEFHUXBoL1E2aEtqUjFoWUJUMHdrSnY4YzhxRnJISFpOVXVyYU1mU1JIM3M9IiwibWFjIjoiOTdmYjZmNDIyNmE5MTczMjJjNzM2MWFmMWQ5YjI5NDlhZDk2NjkxYzFmYzFhN2YxYzgzNzljNzFhZTE5ZjM1NiJ9


这是我的 bash 版本

password="password";
passwordhex=$(echo "$password" | xxd  -c 256 -ps) ;

# iv2=$(hexdump -n 16 -e '4/4 "%08X" 1 "\n"' /dev/random) ;

iv=$(printf  'dU+AyWweQYhAlGKLaxoS9w==' | base64 -d )



biv=$(printf "$iv" | base64) ;
hexiv=$(printf  "$iv" | xxd  -c 256 -ps) ;
eString=$(printf '{"coupon_key":"011205358365345678","location_id":"288","device_key":"test_1234"}');
tttw=$(printf "$eString" | openssl aes-256-cbc -e   -nosalt -a -A -K   "$passwordhex"  -iv "$hexiv") ;
echo "$tttw" ;

printf "${biv}${tttw}" |openssl dgst -sha256 -hmac abc -macopt hexkey:"$passwordhex" | sed 's/^.* //';

macopt2=$(printf "${biv}${tttw}" |openssl dgst -sha256 -hmac abc -macopt hexkey:"$passwordhex" | sed 's/^.* //');

echo "$macopt2"

finalString="{'iv':'$biv','value':'$tttw','mac':'$macopt2'}";
echo "$finalString";
sendHash=$(printf "$finalString" | base64 -w 0)
echo "$sendHash"


从 tttw=$(echo -n $eString | openssl aes-256-cbc -e -nosalt -a -A -K $passwordhex -iv $hexiv);

它出错了,因为 $tttw 正在返回

bKG5quB9/YQUsmlFvDHq2H+AfNGQuDfVztyi0dd5hCY7hLfaACnjD8SWlwqy0yy4hXUZSA2YcTXej/xtMg9vqEpoO6CDw9hk7+tUcYOOV5aOdVBnSLowmEllHt0JfjdE 而不是 Zi7UcBwqM+gKZC9iZPgF3UHBXLUg1+Age/1+kRIfcstYBgGfYm7N1qCIFnm6jGn4AGQph/Q6hKjR1hYBT0wkJv8c8qFrHHZNUuraMfSRH3s=

有人能看出这里哪里出了问题吗?

注意 1:我已更新 bash 脚本以使用 prinf 而不是 echo -n

注意 2:似乎在我的新机器上,我从行

得到“十六进制字符串太短,长度为零字节”
 tttw=$(printf $eString | openssl aes-256-cbc -e   -nosalt -a -A -K   $passwordhex  -iv $hexiv) ;

看起来问题就在最前面:

passwordhex=$(echo "$password" | xxd  -c 256 -ps) ;

所以基本上 echo "$password" 的输出是 password\n.

像这样使用 echo 将在 xxd 的输入中附加一个换行符,我假设您已经知道,因为原始脚本包含 echo -n。我在评论中提到 printf 更便携。将 printf 与变量一起使用的公认方式是这样的:

passwordhex=$(printf '%s' "$password" | xxd  -c 256 -ps) ;

原因是如果你的变量有一个格式标识符(比如%s),它会意外地改变输出。这也会出现在 shellcheck 上。

经过这一更改,输出如下:

Zi7UcBwqM+gKZC9iZPgF3UHBXLUg1+Age/1+kRIfcssepjJ8+wUjTDAjPUMkGA+eF9EL284iD5UIzA+REyhMWLWbUJpPltHFk1+lhQyVlUXXVTw0FFV1G+iQfEWhbyg4
484123c33b54e446c61120112955cd15f3592f42e737c9fa24db266cdec954a2
484123c33b54e446c61120112955cd15f3592f42e737c9fa24db266cdec954a2
{'iv':'dU+AyWweQYhAlGKLaxoS9w==','value':'Zi7UcBwqM+gKZC9iZPgF3UHBXLUg1+Age/1+kRIfcssepjJ8+wUjTDAjPUMkGA+eF9EL284iD5UIzA+REyhMWLWbUJpPltHFk1+lhQyVlUXXVTw0FFV1G+iQfEWhbyg4','mac':'484123c33b54e446c61120112955cd15f3592f42e737c9fa24db266cdec954a2'}
eydpdic6J2RVK0F5V3dlUVloQWxHS0xheG9TOXc9PScsJ3ZhbHVlJzonWmk3VWNCd3FNK2dLWkM5aVpQZ0YzVUhCWExVZzErQWdlLzEra1JJZmNzc2Vwako4K3dValREQWpQVU1rR0ErZUY5RUwyODRpRDVVSXpBK1JFeWhNV0xXYlVKcFBsdEhGazErbGhReVZsVVhYVlR3MEZGVjFHK2lRZkVXaGJ5ZzQnLCdtYWMnOic0ODQxMjNjMzNiNTRlNDQ2YzYxMTIwMTEyOTU1Y2QxNWYzNTkyZjQyZTczN2M5ZmEyNGRiMjY2Y2RlYzk1NGEyJ30=