最近有个项目需要和php进行接口对接,讨论到了接口加密相关的内容,最后定下来使用AES-128-CBC的加密方式。
but,在和php端进行加密解密验证的时候踩坑无数,特此记录。
php端代码:
/** * AES 加密 */ public static function encrypt($input) { $key = key; $method = "AES-128-CBC"; $iv = iv; $output = openssl_encrypt($input, $method, $key, 1, $iv); return base64_encode($output); } /** * AES 解密 * */ public static function secured_decrypt($input) { $key = key; $method = "AES-128-CBC"; $iv = iv; $input = base64_decode($input); $output = openssl_decrypt($input, $method, $key, 1, $iv); return $output; }
对应C#端代码:
//AES加密 public static string Encrypt(string toEncrypt) { byte[] keyArray = Encoding.Default.GetBytes(key); byte[] ivArray = Encoding.Default.GetBytes(iv); byte[] toEncryptArray = Encoding.Default.GetBytes(toEncrypt); RijndaelManaged rDel = new RijndaelManaged { Key = keyArray, IV = ivArray, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = rDel.CreateEncryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Convert.ToBase64String(resultArray, 0, resultArray.Length); } //AES解密 public static string Decrypt(string toDecrypt) { byte[] keyArray = Encoding.Default.GetBytes(key); byte[] ivArray = Encoding.Default.GetBytes(iv); byte[] toEncryptArray = Convert.FromBase64String(toDecrypt); RijndaelManaged rDel = new RijndaelManaged { Key = keyArray, IV = ivArray, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }; ICryptoTransform cTransform = rDel.CreateDecryptor(); byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Encoding.Default.GetString(resultArray); }
其中:key和iv是双方约定好的密钥和初始化向量。