使用 Go 和 PHP 进行 AES 加密

【问题标题】:AES encryption with Go and PHP使用 Go 和 PHP 进行 AES 加密
【发布时间】:2016-07-20 02:20:16
【问题描述】:

我在 Go 和 PHP 中使用 AES 加密。但是这两种语言都不加密/解密彼此的密文。以下我在php中尝试过

       class Crypto {
    private $encryptKey = "keyforencryption";
    private $iv = 'ivusedforencrypt';
    private $blocksize = 16;
    public function encrypt($toEncrypt){
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CFB);
        //$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        return base64_encode($this->iv . mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $this->encryptKey, $toEncrypt, MCRYPT_MODE_CFB, $this->iv));
    }

    public function decrypt($toDecrypt){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CFB);//$this->blocksize;
       $toDecrypt = base64_decode($toDecrypt);
       return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->encryptKey, substr($toDecrypt, $iv_size), MCRYPT_MODE_CFB, substr($toDecrypt, 0, $iv_size)));
    }

}

$c = new Crypto();
echo "Encrypted : ".$e =  $c->encrypt("test");
echo "<br/>Decrypted : ".$c->decrypt($e);

输出:aXZ1c2VkZm9yZW5jcnlwdDpdZEinU2rB

还有这个在 Go with AES 中

    package main

import (
    "crypto/aes"
    "crypto/cipher"
    "crypto/rand"
    "encoding/base64"
    "errors"
    "fmt"
    "io"
    "log"
)

func main() {
    key := []byte("keyforencryption")
    plaintext := []byte("test")
    fmt.Printf("%s\n", plaintext)
    ciphertext, err := encrypt(key, plaintext)
    if err != nil {
        log.Fatal(err)
    }
    b := base64.StdEncoding.EncodeToString(ciphertext)
    fmt.Printf("Encrypted text : %s\n", b)
    result, err := decrypt(key, b)
    if err != nil {
        log.Fatal(err)
    }
    fmt.Printf("Decrypted Text : %s\n", result)
}

func encrypt(key, text []byte) ([]byte, error) {
    block, err := aes.NewCipher(key)
    if err != nil {
        return nil, err
    }
    //b := base64.StdEncoding.EncodeToString(text)
    ciphertext := make([]byte, aes.BlockSize+len(text))
    iv := ciphertext[:aes.BlockSize]
    if _, err := io.ReadFull(rand.Reader, iv); err != nil {
        return nil, err
    }
    cfb := cipher.NewCFBEncrypter(block, iv)
    cfb.XORKeyStream(ciphertext[aes.BlockSize:], []byte(text))
    return ciphertext, nil
}

func decrypt(key []byte, text1 string) ([]byte, error) {
    text, _ := base64.StdEncoding.DecodeString(string(text1))
    block, err := aes.NewCipher(key)
    if err != nil {
        return nil, err
    }
    if len(text) < aes.BlockSize {
        return nil, errors.New("ciphertext too short")
    }
    iv := text[:aes.BlockSize]
    text = text[aes.BlockSize:]
    cfb := cipher.NewCFBDecrypter(block, iv)
    cfb.XORKeyStream(text, text)
    b := base64.StdEncoding.EncodeToString(text)
    data, err := base64.StdEncoding.DecodeString(string(b))
    if err != nil {
        return nil, err
    }
    return data, nil
}

输出:ZVnhCXjIvtGKBdqvjwHRZKcVy34=

任何帮助都会很重要。

【问题讨论】:

  • “但是两种语言都不会相互加密/解密密文。” - 请给出一些示例输入和输出。我可以看到至少有一个区别:Go 中有 base64 编码/解码,而 PHP 中有 hex 解码。
  • 更新了代码,修复了 hex 和 base64 的差异和输出。
  • 好吧,还有更多问题:Go 中的 IV 是 \0 填充的,但 PHP 中是 ivusedforencrypt
  • 在两个 iv 中都给出了 16 的长度。
  • mcrypt 的错误。

标签: php encryption go aes rijndael


【解决方案1】:

CFB 模式有问题,这将在 CBC 模式下工作

class Crypto {
    private $encryptKey = "keyforencryption";
    public function encrypt($toEncrypt){
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        return base64_encode($iv . mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $this->encryptKey, $toEncrypt, MCRYPT_MODE_CBC, $iv));
    }

    public function decrypt($toDecrypt){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
       echo "<br/>".$toDecrypt = base64_decode($toDecrypt);
       return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->encryptKey, substr($toDecrypt, $iv_size), MCRYPT_MODE_CBC, substr($toDecrypt, 0, $iv_size)));
    }
}

$c = new Crypto();
echo "Encrypted : ".$e =  $c->encrypt("test123");
echo "<br/>Decrypted : ".$c->decrypt($e);

还有这个在 golang 中

package main

import (
    "crypto/aes"
    "crypto/cipher"
    "crypto/rand"
    "encoding/base64"
    "fmt"
    "io"
    "bytes"
)

func main() {
    e:= cbcEncrypt()
    fmt.Printf("Encrypted String : %s\n", e)

    d:= cbcDecrypt(e)
    fmt.Printf("Decrypted String : %s\n", d)
}

func cbcDecrypt(text1 string) []byte{
    key := []byte("keyforencryption")
    ciphertext, _ := base64.StdEncoding.DecodeString(string(text1))
    block, err := aes.NewCipher(key)
    if err != nil {
        panic(err)
    }

    // include it at the beginning of the ciphertext.
    if len(ciphertext) < aes.BlockSize {
        panic("ciphertext too short")
    }
    iv := ciphertext[:aes.BlockSize]
    ciphertext = ciphertext[aes.BlockSize:]

    // CBC mode always works in whole blocks.
    if len(ciphertext)%aes.BlockSize != 0 {
        panic("ciphertext is not a multiple of the block size")
    }

    mode := cipher.NewCBCDecrypter(block, iv)

    // CryptBlocks can work in-place if the two arguments are the same.
    mode.CryptBlocks(ciphertext, ciphertext)
    ciphertext = PKCS5UnPadding(ciphertext)
    return ciphertext
}

func cbcEncrypt() string{
    key := []byte("keyforencryption")
    plaintext := []byte("testssssss")
    plaintext = PKCS5Padding(plaintext, 16)
    // CBC mode works on blocks so plaintexts may need to be padded to the
    // next whole block. For an example of such padding, see
    // https://tools.ietf.org/html/rfc5246#section-6.2.3.2. Here we'll
    // assume that the plaintext is already of the correct length.
    if len(plaintext)%aes.BlockSize != 0 {
        panic("plaintext is not a multiple of the block size")
    }

    block, err := aes.NewCipher(key)
    if err != nil {
        panic(err)
    }

    // The IV needs to be unique, but not secure. Therefore it's common to
    // include it at the beginning of the ciphertext.
    ciphertext := make([]byte, aes.BlockSize+len(plaintext))
    iv := ciphertext[:aes.BlockSize]
    if _, err := io.ReadFull(rand.Reader, iv); err != nil {
        panic(err)
    }

    mode := cipher.NewCBCEncrypter(block, iv)
    mode.CryptBlocks(ciphertext[aes.BlockSize:], plaintext)

    // It's important to remember that ciphertexts must be authenticated
    // (i.e. by using crypto/hmac) as well as being encrypted in order to
    // be secure.

    return base64.StdEncoding.EncodeToString(ciphertext)
}

func PKCS5Padding(src []byte, blockSize int) []byte {
    padding := blockSize - len(src)%blockSize
    padtext := bytes.Repeat([]byte{byte(padding)}, padding)
    return append(src, padtext...)
}

func PKCS5UnPadding(src []byte) []byte {
    length := len(src)
    unpadding := int(src[length-1])
    return src[:(length - unpadding)]
}

这应该可以工作

【讨论】:

  • 这在我的情况下仍然给出不同的结果。我正在尝试将其用于 Go 中的 PayTM 网关集成。你有什么线索吗?
  • 这个例子给你不同的结果,因为 $iv 是一个随机值(更好的安全性)。但是解码器功能可以解码 PHP 和 GO 编码的文本。
【解决方案2】:

在 php 中也使用 padding 进行编码和 unpadding 进行解码。

function pkcs5_pad($text)
{
    $blocksize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
    $pad = $blocksize - (strlen($text) % $blocksize);
    return $text . str_repeat(chr($pad), $pad);
}

function pkcs5_unpad($text)
{
    $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
    $pad = ord($text[($len = strlen($text)) - 1]);
    $len = strlen($text);
    $pad = ord($text[$len-1]);
    return substr($text, 0, strlen($text) - $pad);
}

【讨论】:

    猜你喜欢
    • 2012-11-06
    • 2014-01-14
    • 2016-03-15
    • 1970-01-01
    • 2021-04-27
    • 2014-09-14
    • 1970-01-01
    • 1970-01-01
    • 2011-04-26
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode