Java(Android)、Golang、Node.js三种语言AES加密互通
16lz
2021-01-23
java(Android)版的AES加密
public String encryptWithAES(String key, String message) { try { // Use md5 value as the real key byte[] b = key.getBytes(); MessageDigest md = MessageDigest.getInstance("MD5"); byte[] keyData = md.digest(b); SecretKeySpec skey = new SecretKeySpec(keyData), "AES"); // Create an 8-byte initialization vector byte[] iv = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv); Cipher ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); // CBC requires an initialization vector ecipher.init(Cipher.ENCRYPT_MODE, skey, paramSpec); byte[] plaintext = message.getBytes(); byte[] result = ecipher.doFinal(plaintext, 0, plaintext.length); return Base64.encodeToString(result, Base64.DEFAULT); } catch (Exception e) { e.printStackTrace(); } return null;}public String decryptWithAES(String key, String message) { try { // Use md5 value as the real key byte[] b = key.getBytes(); MessageDigest md = MessageDigest.getInstance("MD5"); byte[] keyData = md.digest(b); SecretKeySpec skey = new SecretKeySpec(keyData), "AES"); // Create an 8-byte initialization vector byte[] iv = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv); Cipher dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); // CBC requires an initialization vector dcipher.init(Cipher.DECRYPT_MODE, skey, paramSpec); byte[] messageData = Base64.decode(message, Base64.DEFAULT); byte[] result = dcipher.doFinal(messageData, 0, messageData.length); return new String(result); } catch (Exception e) { e.printStackTrace(); } return null;}
Node.js版AES加密
let iv = [0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f];function encrypt_with_aes(key, message) { let md5 = crypto.createHash('md5').update(key).digest('hex'); const cipher = crypto.createCipheriv( 'aes-128-cbc', new Buffer(md5, 'hex'), new Buffer(iv) ); // cipher.setAutoPadding(true); var encrypted = cipher.update(message, 'utf8', 'base64'); encrypted += cipher.final('base64'); console.log('encode message: ' + encrypted); return encrypted;}function decrypt_with_aes(key, message) { let md5 = crypto.createHash('md5').update(key).digest('hex'); const decipher = crypto.createDecipheriv( 'aes-128-cbc', new Buffer(md5, 'hex'), new Buffer(iv) ); var decrypted = decipher.update(message, 'base64', 'utf8'); decrypted += decipher.final('utf8'); console.log('decode message: ' + decrypted); return decrypted;}
Golang版AES加密
func EncryptWithAES(key, message string) string { hash := md5.New() hash.Write([]byte(key)) keyData := hash.Sum(nil) block, err := aes.NewCipher(keyData) if err != nil { panic(err) } iv := []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f} enc := cipher.NewCBCEncrypter(block, iv) content := PKCS5Padding([]byte(message), block.BlockSize()) crypted := make([]byte, len(content)) enc.CryptBlocks(crypted, content) return base64.StdEncoding.EncodeToString(crypted)}func DecryptWithAES(key, message string) string { hash := md5.New() hash.Write([]byte(key)) keyData := hash.Sum(nil) block, err := aes.NewCipher(keyData) if err != nil { panic(err) } iv := []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f} messageData, _ := base64.StdEncoding.DecodeString(message) dec := cipher.NewCBCDecrypter(block, iv) decrypted := make([]byte, len(messageData)) dec.CryptBlocks(decrypted, messageData) return string(PKCS5Unpadding(decrypted))}func PKCS5Padding(ciphertext []byte, blockSize int) []byte { padding := blockSize - len(ciphertext)%blockSize padtext := bytes.Repeat([]byte{byte(padding)}, padding) return append(ciphertext, padtext...)}func PKCS5Unpadding(encrypt []byte) []byte { padding := encrypt[len(encrypt)-1] return encrypt[:len(encrypt)-int(padding)]}
Java版本和Node.js版本好久以前就已经在用了,所以相互之间加解密肯定没问题,但是这两天在弄的这个Golang版本的死活就是不通,还以为是Padding的时候算法不一样,后来几乎把网络上的Padding算法全部查遍了,都是一样的,也就是说Padding肯定是不会错的,最后一点点的排查才发现原来是key弄错了,加密时key的长度没有限制,但是AES128加密时key需要16位,所以这里就直接取key的MD5值,但是这个过程一不留心就出问题了。
MD5算法是这样的
func Md5(buf []byte) string { hash := md5.New() hash.Write(buf) return fmt.Sprintf("%x", hash.Sum(nil))}
在key生成MD5后直接输出了hex后的字符串,然后对这个字符串直接转[]byte
keyData := []byte(MD5([]byte(key)))
这样就导致了key出错,搞了一下午才查出问题所在,看来以后敲代码还是得细心才行。
更多相关文章
- 应用内版本更新库UpdateVersion
- Android 获取未安装的APK图标、版本号、包名等信息
- [掌眼]iOS / Android / java / node.js 通用的 AES256 加解密算
- Android版本检测/自动更新
- Rockchip查看Android SDK版本
- Android 深入研究SQLite实例(一) 之 业务类 sqlite版本管理类
- Android和Linux版本对应
- android 计算字符串长度,高度
- Android 版本及别名