ahxxx 2019-06-21
因为自己开发的接口希望在传递的工程中可以保证参数是密文的形式,主要是前端使用js加密,后端使用php解密
在网络上搜索了很多的方法,但是大部分的都是使用mcrypt_decrypt和mcrypt_encrypt进行php端的加解密,但是众所周知的问题,这两个方法在php7.1以后将会被废弃,故而采用。
php使用mcrypt_decrypt和mcrypt_encrypt的组合方式,以及openssl_decrypt和openssl_encrypt的组合方式
js端使用Crypto-js
为了说明两种方式的区别,在使用mcrypt_decrypt和mcrypt_encrypt方式的时候,使用crypto-helper-zeropadding.js来命名自定义的js加密帮助类,使用test_crypto_zeropadding.html来命令对应的测试html文件;在使用openssl_decrypt和openssl_encrypt的组合方式的时候,使用crypto-helper-pkcs7.js来命名自定义的js加密帮助类,使用test_crypto_pcks7.html来命名测试页面 ,详细的区别可以参见 帖子
https://segmentfault.com/q/10...
<?php class AesJs { /**向量 * @var string */ const IV = "1234567890123412";//16位 /** * 默认秘钥 */ const KEY = '201707eggplant99';//16位 public static function init($iv = '') { self::$iv = $iv; } /** * 加密字符串 * @param string $data 字符串 * @param string $key 加密key * @return string */ public static function encrypt($data = '', $key = self::KEY) { $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, self::$iv); return base64_encode($encrypted); } /** * 解密字符串 * @param string $data 字符串 * @param string $key 加密key * @return string */ public static function decrypt($data = '', $key = self::KEY) { $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($data), MCRYPT_MODE_CBC, self::$iv); return rtrim($decrypted, "\0"); } public static function pkcs7_pad($str){ $len = mb_strlen($str, '8bit'); $c = 16 - ($len % 16); $str .= str_repeat(chr($c), $c); return $str; } }
var IV = '1234567890123412'; var KEY = '201707eggplant99' /** * 加密 */ function encrypt(str) { key = CryptoJS.enc.Utf8.parse(KEY);// 秘钥 var iv= CryptoJS.enc.Utf8.parse(IV);//向量iv var encrypted = CryptoJS.AES.encrypt(str, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.ZeroPadding }); return encrypted.toString(); } /** * 解密 * @param str */ function decrypt(str) { var key = CryptoJS.enc.Utf8.parse(KEY);// 秘钥 var iv= CryptoJS.enc.Utf8.parse(IV);//向量iv var decrypted = CryptoJS.AES.decrypt(str,key,{iv:iv,padding:CryptoJS.pad.ZeroPadding}); return decrypted.toString(CryptoJS.enc.Utf8); }
<html> <head>test crypto-js</head> <script src="crypto-js/aes.js" type="text/javascript"></script> <script src="crypto-js/md5.js" type="text/javascript"></script> <script src="crypto-js/components/pad-zeropadding-min.js" type="text/javascript"></script> <script src="crypto-helper-zeropadding.js" type="text/javascript"></script> <script type="text/javascript"> var data = '111111'; var encode = encrypt(data); console.log('encode is =======>'+encode); var decode = decrypt(encode); console.log('decode is =======>'+decode); alert('encode is ====>'+encode+',decode is ====>'+decode); </script> </html>
<?php /* +-------------------------------------------------------------------------- | 由于在php7.1之后mcrypt_encrypt会被废弃,因此使用openssl_encrypt方法来替换 | ======================================== | by Focus | ======================================== | | +--------------------------------------------------------------------------- */ class OpensslEncryptHelper { /**向量 * @var string */ const IV = "1234567890123412";//16位 /** * 默认秘钥 */ const KEY = '201707eggplant99';//16位 /** * 解密字符串 * @param string $data 字符串 * @param string $key 加密key * @return string */ public static function decryptWithOpenssl($data,$key = self::KEY,$iv = self::IV){ return openssl_decrypt(base64_decode($data),"AES-128-CBC",$key,OPENSSL_RAW_DATA,$iv); } /** * 加密字符串 * 参考网站: https://segmentfault.com/q/1010000009624263 * @param string $data 字符串 * @param string $key 加密key * @return string */ public static function encryptWithOpenssl($data,$key = self::KEY,$iv = self::IV){ // echo base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, "1234567890123456", pkcs7_pad("123456"), MCRYPT_MODE_CBC, "1234567890123456")); // echo base64_encode(openssl_encrypt("123456","AES-128-CBC","1234567890123456",OPENSSL_RAW_DATA,"1234567890123456")); // $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, self::$iv); // return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, "1234567890123456", pkcs7_pad("123456"), MCRYPT_MODE_CBC, "1234567890123456")); return base64_encode(openssl_encrypt($data,"AES-128-CBC",$key,OPENSSL_RAW_DATA,$iv)); } }
var IV = '1234567890123412'; var KEY = '201707eggplant99' /** * 加密 */ function encrypt(str) { key = CryptoJS.enc.Utf8.parse(KEY);// 秘钥 var iv= CryptoJS.enc.Utf8.parse(IV);//向量iv var encrypted = CryptoJS.AES.encrypt(str, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7}); return encrypted.toString(); } /** * 解密 * @param str */ function decrypt(str) { var key = CryptoJS.enc.Utf8.parse(KEY);// 秘钥 var iv= CryptoJS.enc.Utf8.parse(IV);//向量iv var decrypted = CryptoJS.AES.decrypt(str,key,{iv:iv,padding:CryptoJS.pad.Pkcs7}); return decrypted.toString(CryptoJS.enc.Utf8); }
<html> <head>test crypto-js</head> <script src="crypto-js/aes.js" type="text/javascript"></script> <script src="crypto-js/md5.js" type="text/javascript"></script> <script src="crypto-js/components/pad-zeropadding-min.js" type="text/javascript"></script> <script src="crypto-helper-pkcs7.js" type="text/javascript"></script> <script type="text/javascript"> var data = '111111'; var encode = encrypt(data); console.log('encode is =======>'+encode); var decode = decrypt(encode); console.log('decode is =======>'+decode); alert('encode is ====>'+encode+',decode is ====>'+decode); </script> </html>
前端基于jsencrypt、php基于openssl的rsa非对称加密的实现
<?php. if (!empty($_POST)) {. $data1 = $_POST["data1"];$data2 = $_POST["data2"];$fuhao = $_POST["fuh