请原谅我英语不好。 我使用mcrypt,我从这里得到它MCrypt for php and java。在我的Android应用程序中,我需要php和java安全通信所以我得到上面提到的AES。 问题是当php发送加密数据时,java可以解密它,但包含一些额外的字符。
JAVA代码
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public class MCrypt {
private String iv = "fedcba9876543210";//Dummy iv (CHANGE IT!)
private IvParameterSpec ivspec;
private SecretKeySpec keyspec;
private Cipher cipher;
private String SecretKey = "0123456789abcdef";//Dummy secretKey (CHANGE IT!)
public MCrypt()
{
ivspec = new IvParameterSpec(iv.getBytes());
keyspec = new SecretKeySpec(SecretKey.getBytes(), "AES");
try {
cipher = Cipher.getInstance("AES/CBC/NoPadding");
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public byte[] encrypt(String text) throws Exception
{
if(text == null || text.length() == 0)
throw new Exception("Empty string");
byte[] encrypted = null;
try {
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
encrypted = cipher.doFinal(padString(text).getBytes());
} catch (Exception e)
{
throw new Exception("[encrypt] " + e.getMessage());
}
return encrypted;
}
public byte[] decrypt(String code) throws Exception
{
if(code == null || code.length() == 0)
throw new Exception("Empty string");
byte[] decrypted = null;
try {
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
decrypted = cipher.doFinal(hexToBytes(code));
} catch (Exception e)
{
throw new Exception("[decrypt] " + e.getMessage());
}
return decrypted;
}
public static String bytesToHex(byte[] data)
{
if (data==null)
{
return null;
}
int len = data.length;
String str = "";
for (int i=0; i<len; i++) {
if ((data[i]&0xFF)<16)
str = str + "0" + java.lang.Integer.toHexString(data[i]&0xFF);
else
str = str + java.lang.Integer.toHexString(data[i]&0xFF);
}
return str;
}
public static byte[] hexToBytes(String str) {
if (str==null) {
return null;
} else if (str.length() < 2) {
return null;
} else {
int len = str.length() / 2;
byte[] buffer = new byte[len];
for (int i=0; i<len; i++) {
buffer[i] = (byte) Integer.parseInt(str.substring(i*2,i*2+2),16);
}
return buffer;
}
}
private static String padString(String source)
{
char paddingChar = ' ';
int size = 16;
int x = source.length() % size;
int padLength = size - x;
for (int i = 0; i < padLength; i++)
{
source += paddingChar;
}
return source;
}
}
PHP代码
<?php
class MCrypt
{
private $iv = 'fedcba9876543210'; #Same as in JAVA
private $key = '0123456789abcdef'; #Same as in JAVA
function __construct()
{
}
function encrypt($str) {
//$key = $this->hex2bin($key);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$encrypted = mcrypt_generic($td, $str);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return bin2hex($encrypted);
}
function decrypt($code) {
//$key = $this->hex2bin($key);
$code = $this->hex2bin($code);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return utf8_encode(trim($decrypted));
}
protected function hex2bin($hexdata) {
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2) {
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
}
return $bindata;
}
}
所以场景是java以JSON格式发送数据(简单文本)到PHP,php提取数据,加密它,最后以JSON格式回显它
PHP电话:
<?php
$data =json_decode(file_get_contents('php://input'), true);
$data=$data["request"];
require_once "encryption.php";
$etool=new MCrypt();
$data=$etool->encrypt($data);
$array=array('data'=>$data);
echo json_encode($array);
JAVA代码:
//sb is StringBuilder
JSONObject j=new JSONObject(sb.toString());
encryption etool=new encryption();
result=j.get("data").toString();
result= new String(etool.decrypt( result ));
Log.d("success remote ",result );
结果是:
例如
如果我使用波斯语/阿拉伯语单词会变得更糟
像这样 - &gt; درود此外,我检查了其他问题,但我无法得到答案。
AES encryption, got extra trash characters in decrypted file和
PHP MCRYPT encrypt/decrypt returns invisible strange characters?
提前谢谢你!
答案 0 :(得分:3)
AES 以16字节为单位进行加密。如果输入不是16字节的倍数,则需要填充方案。由于您没有为 Mcrypt 指定任何填充选项,因此它使用“零填充”。
在 Java 代码中,在实例化密码时指定“NoPadding”:
cipher = Cipher.getInstance("AES/CBC/NoPadding");
所以 Java 认为 php 完成的填充是加密数据的一部分。
您只需要确保 php 和 Java 代码使用相同的填充方案。
答案 1 :(得分:1)
我认为这是无法显示的二进制数据。 您是否尝试使用base64将其转换为常规字符串,然后再将其发送到php脚本?
在php脚本中,您可以执行以下操作来解码base64字符串。
$data=base64_decode($data["request"])