本文采取128位AES-CBC模式加密和解密
1.首先对服务端安装mcrypt:
sudo apt-get install php5-mcrypt php5-dev
sudo php5enmod mcrypt
sudo service apache2 restart
2.PHP服务端AES加密类代码
class MCrypt
{
private $iv = 'fedcba9876543210'; //初始化向量iv
public $key;//AES加密的密钥key
//将密钥$key传进本类
function __construct($key)
{
$this->key=$key;
}
//加密
function encrypt($str) {
//$key = $this->hex2bin($key);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$encrypted = mcrypt_generic($td, $str);
OCPUtil::writeLog('***MCrypt $key***', $this->key, OCPUtil::ERROR);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return bin2hex($encrypted);
}
//解密
function decrypt($code) {
//$key = $this->hex2bin($key);
$code = $this->hex2bin($code);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return utf8_encode(trim($decrypted));
}
protected function hex2bin($hexdata) {
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2) {
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
}
return $bindata;
}
}
4.PHP服务端调用ASE加密类代码:
$key="";//自己添加AES密钥 //将加密的key传进AES类 $mcrypt = new MCrypt($key); //对数据库中的密码进行AES加密 $psw = $mcrypt->encrypt();
5.Android服务端AES解密代码:
在Android中创建一个AESUtil类,需要用时调用
/** * AES解密: * 对服务器发回来的密码进行解密 * */ import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import com.pcloud.android.ui.activity.FirstAuthenActivity; public class AESUtil { private String iv = "fedcba9876543210";//虚拟的 iv。和服务端要保持一致 private IvParameterSpec ivspec; private SecretKeySpec keyspec; private Cipher cipher; // private String SecretKey = "";//虚拟的 密钥 String msgToken=FirstAuthenActivity.msgToken; //String msgUrl=FirstAuthenActivity.msgUrl; String msgRandom=FirstAuthenActivity.msgRandom; //把随机数和tokenid进行MD5操作来作为AES密钥,和服务端的AES加密密钥要保持一致 String SecretKey=stringToMD5(msgToken+msgRandom); public AESUtil() { ivspec = new IvParameterSpec(iv.getBytes()); keyspec = new SecretKeySpec(SecretKey.getBytes(), "AES"); try { cipher = Cipher.getInstance("AES/CBC/NoPadding"); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (NoSuchPaddingException e) { // TODO Auto-generated catch block e.printStackTrace(); } } public byte[] encrypt(String text) throws Exception { if(text == null || text.length() == 0) throw new Exception("Empty string"); byte[] encrypted = null; try { cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec); encrypted = cipher.doFinal(padString(text).getBytes()); } catch (Exception e) { throw new Exception("[encrypt] " + e.getMessage()); } return encrypted; } public byte[] decrypt(String code) throws Exception { if(code == null || code.length() == 0) throw new Exception("Empty string"); byte[] decrypted = null; try { cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec); decrypted = cipher.doFinal(hexToBytes(code)); } catch (Exception e) { throw new Exception("[decrypt] " + e.getMessage()); } return decrypted; } public static String bytesToHex(byte[] data) { if (data==null) { return null; } int len = data.length; String str = ""; for (int i=0; i<len; i++) { if ((data[i]&0xFF)<16) str = str + "0" + java.lang.Integer.toHexString(data[i]&0xFF); else str = str + java.lang.Integer.toHexString(data[i]&0xFF); } return str; } public static byte[] hexToBytes(String str) { if (str==null) { return null; } else if (str.length() < 2) { return null; } else { int len = str.length() / 2; byte[] buffer = new byte[len]; for (int i=0; i<len; i++) { buffer[i] = (byte) Integer.parseInt(str.substring(i*2,i*2+2),16); } return buffer; } } private static String padString(String source) { char paddingChar = ' '; int size = 16; int x = source.length() % size; int padLength = size - x; for (int i = 0; i < padLength; i++) { source += paddingChar; } return source; }
6.Android客户端调用AES类进行解密:
//调用AES解密 AESUtil mcrypt; mcrypt = new AESUtil(); try { //对收到的密码进行AES解密 String decrypted = new String( mcrypt.decrypt( rec[1]) ); Log.d("解密的:",decrypted); } catch (Exception e) { // TODO 自动生成的 catch 块 e.printStackTrace(); }