Android、PHP和node.js之间的加解密
Posted
技术标签:
【中文标题】Android、PHP和node.js之间的加解密【英文标题】:Encryption and Decryption between Android, PHP & node.js 【发布时间】:2012-06-26 18:06:29 【问题描述】:我正在尝试在 android 上用 Java 加密字符串,然后使用 php 和/或 node.js 对其进行解密
我试过http://www.androidsnippets.com/encrypt-decrypt-between-android-and-php,但返回的十六进制字符串只有前半部分有效。
我希望使用 128 位密钥的 AES 加密类型(如果可能更高)。
加密密钥也需要可配置,所以我的问题可能与我如何填充字符串有关。
Java
String.format("%1$-" + n + "s", s)
PHP
$key = str_pad($key,16);
完整的 Java 代码:
package com.giggsey.test;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import android.util.Log;
public class SimpleCrypto
private String iv = "fedcba9876543210";//Dummy iv (CHANGE IT!)
private IvParameterSpec ivspec;
private SecretKeySpec keyspec;
private Cipher cipher;
private String SecretKey = "0123456789abcdef";//Dummy secretKey (CHANGE IT!)
public void doKey(String key)
ivspec = new IvParameterSpec(iv.getBytes());
key = padRight(key,16);
Log.d("hi",key);
keyspec = new SecretKeySpec(key.getBytes(), "AES");
try
cipher = Cipher.getInstance("AES/CBC/NoPadding");
catch (NoSuchAlgorithmException e)
// TODO Auto-generated catch block
e.printStackTrace();
catch (NoSuchPaddingException e)
// TODO Auto-generated catch block
e.printStackTrace();
public byte[] encrypt(String text,String key) throws Exception
if(text == null || text.length() == 0)
throw new Exception("Empty string");
doKey(key);
byte[] encrypted = null;
try
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
encrypted = cipher.doFinal(padString(text).getBytes());
catch (Exception e)
throw new Exception("[encrypt] " + e.getMessage());
return encrypted;
public byte[] decrypt(String code,String key) throws Exception
if(code == null || code.length() == 0)
throw new Exception("Empty string");
byte[] decrypted = null;
doKey(key);
try
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
decrypted = cipher.doFinal(hexToBytes(code));
catch (Exception e)
throw new Exception("[decrypt] " + e.getMessage());
return decrypted;
public static String bytesToHex(byte[] data)
if (data==null)
return null;
int len = data.length;
String str = "";
for (int i=0; i<len; i++)
if ((data[i]&0xFF)<16)
str = str + "0" + java.lang.Integer.toHexString(data[i]&0xFF);
else
str = str + java.lang.Integer.toHexString(data[i]&0xFF);
return str;
public static byte[] hexToBytes(String str)
if (str==null)
return null;
else if (str.length() < 2)
return null;
else
int len = str.length() / 2;
byte[] buffer = new byte[len];
for (int i=0; i<len; i++)
buffer[i] = (byte) Integer.parseInt(str.substring(i*2,i*2+2),16);
return buffer;
private static String padString(String source)
char paddingChar = ' ';
int size = 16;
int x = source.length() % size;
int padLength = size - x;
for (int i = 0; i < padLength; i++)
source += paddingChar;
return source;
public static String padRight(String s, int n)
return String.format("%1$-" + n + "s", s);
PHP
<?php
class MCrypt
private $iv = 'fedcba9876543210'; #Same as in JAVA
private $key = '0123456789abcdef'; #Same as in JAVA
function encrypt($str,$key)
$key = str_pad($key,16);
//$key = $this->hex2bin($key);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $key, $iv);
$encrypted = mcrypt_generic($td, $str);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return bin2hex($encrypted);
function decrypt($code,$key)
//$key = $this->hex2bin($key);
$code = $this->hex2bin($code);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $key, $iv);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return utf8_encode(trim($decrypted));
protected function hex2bin($hexdata)
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2)
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
return $bindata;
$e = new MCrypt();
$p = $e->encrypt("This is a sample text message","password");
echo "Encrypted: $p" . PHP_EOL;
echo "Decrypted: ";
echo $e->decrypt($p,"password") . PHP_EOL;
echo "Java Decryption: ";
echo $e->decrypt("9cf46d007aeff7c0c3cf880c76762037278269ac508aecd55010ce68e9fd980f","password");
echo PHP_EOL;
Java 调用脚本:
String key = "password";
String message = "This is a sample text message";
String encrypted;
try
SimpleCrypto s = new SimpleCrypto();
encrypted = SimpleCrypto.bytesToHex(s.encrypt(message, key));
Log.d("giggsey-test",encrypted);
catch (Exception e)
// TODO Auto-generated catch block
e.printStackTrace();
加密字符串的输出:
Java:9cf46d007aeff7c0c3cf880c76762037278269ac508aecd55010ce68e9fd980f
PHP:9cf46d007aeff7c0c3cf880c76762037a1778e93dd596e4ce745e1f3b0ba9062
完整的 PHP 输出:
加密:9cf46d007aeff7c0c3cf880c76762037a1778e93dd596e4ce745e1f3b0ba9062
解密:'ýA==)nÿ|ä¨
xÃæÃ,ÃÃÂasV8gE
Java 解密:'ýA==)nÿ|ä¨
xÃ1)òÃîÃÃA½Ã
雷
【问题讨论】:
几个需要澄清的问题:在 java 示例中,“n”代表什么,“s”代表什么,以及您要加密的消息有多长(字节)?当您说返回的十六进制字符串的前半部分有效时,您的意思是只有前半部分消息正确解密还是其他什么?此消息的前半部分有多少字节。您使用的是什么 AES 模式(ECB、CBC 等)? @OlenGarn 我已经添加了 Java 源代码。除了将密钥传递给加密函数而不是类构造函数之外,PHP 与我帖子中的链接相同。我还没试过解密。 啊……这个问题……你在节点中使用openssl吗?如果不是,您应该尝试一下,可能会有所帮助,特别是如果您尝试使用 java(encrypt) -> node(decrypt/re-encrypt) -> php (decrypt) 连接。但是,您似乎遇到的是加密文本的编码问题,请尝试在两端将其设置为 UTF-8,例如“Nik ....”在他的回答中说。 @GoncaloVieira 我什至还没来得及将节点添加到等式中。我正在寻找的是一些通过 AES 加密的方法,它可以在 Java、PHP 和节点中工作并给出相同的结果。 【参考方案1】:填充是 PHP 的问题。
<?php
function hex2bin($hexdata)
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2)
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
return $bindata;
$key = "password";
$data = "This is a sample text message";
$key = str_pad($key,16);
$blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$padding = $blockSize - (strlen($data) % $blockSize);
$data .= str_repeat(chr($padding), $padding);
$c = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, 'fedcba9876543210');
$c = bin2hex($c);
echo $c;
echo PHP_EOL;
$c = hex2bin($c);
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'',MCRYPT_MODE_CBC, '');
mcrypt_generic_init($td, $key, 'fedcba9876543210');
$decrypted = mdecrypt_generic($td, $c);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
echo $decrypted;
现在加密时返回的和Java一样,我可以很好地解密消息。
【讨论】:
您似乎在上面使用了 PKCS 填充,而您的 Java 代码显示没有填充。如果你在 PHP 加密中填充,我看不出你如何在没有填充的情况下在 java 中解密?【参考方案2】:您好,请查看link.
在这里查看最后一条评论说“这不适用于 UNICODE 字符”
这是UTF-8 characters的工作
这是我在加密之前对字符串所做的:
myUtf8String = new String(myString.getBytes("UTF-8"));
【讨论】:
在 Java 中加密时执行 text.getBytes("UTF-8") 时得到相同的输出。【参考方案3】:// PHP
echo base64_encode('something...')
//java
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import sun.misc.BASE64Decoder;
public class Decrypt_test
public static void main(String[] args)
BASE64Decoder decode = new BASE64Decoder();
try
// sample of string to decode: NTI2cWV5d3RkJV4mKg==
String result = new String(decode.decodeBuffer("string-to-decode"));
System.out.println(result);
catch (IOException ex)
Logger.getLogger(Decrypt_test.class.getName()).log(Level.SEVERE, null, ex);
简单但不好
【讨论】:
以上是关于Android、PHP和node.js之间的加解密的主要内容,如果未能解决你的问题,请参考以下文章
跪求 DES跨(C# Android IOS)三个平台通用的加解密方法