最近有個項目需要和php進行接口對接,討論到了接口加密相關的內容,最后定下來使用AES-128-CBC的加密方式。
but,在和php端進行加密解密驗證的時候踩坑無數,特此記錄。
php端代碼:
/**
* AES 加密
*/
public static function encrypt($input) {
$key = key;
$method = "AES-128-CBC";
$iv = iv;
$output = openssl_encrypt($input, $method, $key, 1, $iv);
return base64_encode($output);
}
/**
* AES 解密
*
*/
public static function secured_decrypt($input) {
$key = key;
$method = "AES-128-CBC";
$iv = iv;
$input = base64_decode($input);
$output = openssl_decrypt($input, $method, $key, 1, $iv);
return $output;
}
對應C#端代碼:
//AES加密 public static string Encrypt(string toEncrypt) { byte[] keyArray = Encoding.Default.GetBytes(key); byte[] ivArray = Encoding.Default.GetBytes(iv); byte[] toEncryptArray = Encoding.Default.GetBytes(toEncrypt); RijndaelManaged rDel = new RijndaelManaged { Key = keyArray, IV = ivArray, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = rDel.CreateEncryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Convert.ToBase64String(resultArray, 0, resultArray.Length); } //AES解密 public static string Decrypt(string toDecrypt) { byte[] keyArray = Encoding.Default.GetBytes(key); byte[] ivArray = Encoding.Default.GetBytes(iv); byte[] toEncryptArray = Convert.FromBase64String(toDecrypt); RijndaelManaged rDel = new RijndaelManaged { Key = keyArray, IV = ivArray, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = rDel.CreateDecryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Encoding.Default.GetString(resultArray); }
其中:key和iv是雙方約定好的密鑰和初始化向量。