erlang的token值加解密

     对于加解密，需客户端和服务器制定好对应的规则（如：加密算法（aes，des等）、加密模式（cbc，cfb）)，去加密，再按逆序列解密。这里的key是根据数字、大小写字母、符合组合的，每次请求获取一个动态key，暂且叫做”一次一密钥“；

而也可以设计为：前后端一开始定义好一个固定key，这样好处是：就不需获取随机key，也不需要在最后把加密内容和Key穿插起来发送，只需给需加密的内容加密即可。

但这样的坏处是：如果拿到固定的key，就可以模拟前端报文连续给server端发消息，key的级别不强；而每次随机获取key相对就好了很多。

   下面附erlang做客户端加密部分代码及服务端解密部分代码：

-module(cc).

-compile(export_all).

-define(TOKEN_IVEC, <<"Egl63xPQYEcIY0RJ">>).
 
%%client加密部分
aes_encode() ->
   Time = list_to_binary(integer_to_list(unixtime1()) ++"000" ),
   io:format("Time...client...~p~n",[Time]),
   Key  = list_to_binary(random()),
   io:format("Key...client...~p~n",[Key]),
   AES = crypto:aes_cbc_128_encrypt(Key, ?TOKEN_IVEC, Time),
   Text = base64:encode(AES),
   Text1 = binary_to_list(Text),
   End =  foldl(lists:sublist(Text1,1,16),binary_to_list(Key)) ++ lists:sublist(Text1,17,8),
   End.

%随机生成16位Key值
 random() ->
  Str = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_",
  %%一次随机取多个，再分别取出对应值
  N = [random:uniform(length(Str)) || _Elem <- lists:seq(1,16)],
  RandomKey = [lists:nth(X,Str) || X<- N ],
  RandomKey.     

unixtime1() ->
    {MegaSecs, Secs, _MicroSecs} = erlang:now(),
    MegaSecs * 1000000000 + Secs * 100000 .

foldl(A, B) ->
    foldl(A, B, []).
foldl([H|T], [H1|T1], Acc) ->
    foldl(T, T1, Acc++[H|[H1]]);
foldl([], [], Acc) ->
    Acc.




%%server解密部分
verify_token( Token ) ->
    case Token of
        "" ->
            {error, "token error"};
        TokenStr ->
            {CryptoStr, Key} = verify_token_scan(TokenStr, <<>>, <<>>, 16),
  io:format("Key...server...~p~n",[Key]),
            Cipher = base64:decode(CryptoStr),
            TimestampStr = binary_to_list(crypto:aes_cbc_128_decrypt(Key, ?TOKEN_IVEC, Cipher)),
            Timestamp = list_to_integer(lists:sublist(TimestampStr, 13)),

io:format("Timestamp ...server...~p~n",[Timestamp]),
            Now = now_time(),
            if
                Timestamp > (Now - 691200) * 1000 ->
                    ok;
                true ->  
                    {error, "1token error"}
            end
    end.
    
now_time() ->
     {X, Y, _} = now(),
     X * 1000000 + Y.    
    
verify_token_scan(TokenStr, CryptoStr, Key, 0) ->
    {iolist_to_binary([CryptoStr, TokenStr]), Key};
verify_token_scan([C, K|TokenStr], CryptoStr, Key, KeyLength) ->            
    verify_token_scan(TokenStr, <<CryptoStr/binary, C>>, <<Key/binary, K>>, KeyLength - 1);
verify_token_scan([], CryptoStr, Key, _KeyLength) -> 
    {CryptoStr, Key}.

运行结果如下：

涉及了随机数的取法，加解密及base64转码以及反序列化的解密等东西.