最近有个项目需要和php进行接口对接,讨论到了接口加密相关的内容,最后定下来使用AES-128-CBC的加密方式。
but,在和php端进行加密解密验证的时候踩坑无数,特此记录。
php端代码:
/**
* AES 加密
*/
public static function encrypt($input) {
$key = key;
$method = "AES-128-CBC";
$iv = iv;
$output = openssl_encrypt($input, $method, $key, 1, $iv);
return base64_encode($output);
}
/**
* AES 解密
*
*/
public static function secured_decrypt($input) {
$key = key;
$method = "AES-128-CBC";
$iv = iv;
$input = base64_decode($input);
$output = openssl_decrypt($input, $method, $key, 1, $iv);
return $output;
}
对应C#端代码:
//AES加密 public static string Encrypt(string toEncrypt) { byte[] keyArray = Encoding.Default.GetBytes(key); byte[] ivArray = Encoding.Default.GetBytes(iv); byte[] toEncryptArray = Encoding.Default.GetBytes(toEncrypt); RijndaelManaged rDel = new RijndaelManaged { Key = keyArray, IV = ivArray, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = rDel.CreateEncryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Convert.ToBase64String(resultArray, 0, resultArray.Length); } //AES解密 public static string Decrypt(string toDecrypt) { byte[] keyArray = Encoding.Default.GetBytes(key); byte[] ivArray = Encoding.Default.GetBytes(iv); byte[] toEncryptArray = Convert.FromBase64String(toDecrypt); RijndaelManaged rDel = new RijndaelManaged { Key = keyArray, IV = ivArray, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = rDel.CreateDecryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Encoding.Default.GetString(resultArray); }
其中:key和iv是双方约定好的密钥和初始化向量。