在php和vb.net中加密和解密AES 256
在php和vb.net中加密和解密AES 256
提问于 2021-06-17 18:02:31
我需要能够对php和vb.net中的字符串进行加密和解密。php需要能够解密在vb.net中加密的字符串,而vb.net需要能够解密在PHP中加密的字符串。
我在这两个环境中都有工作代码,但它们并不相互作用。
我已经对此进行了大量的搜索,并且我相信这与AES256的openssl实现以及它与IV或类似的东西之间的关系有关。
vb实现正在为IV生成一个随机GUID,并在base64编码它之前将其预先添加到加密的字符串中。
我的vb.net代码就像.
Imports System.IO
Imports System.Text
Imports System.Security.Cryptography
Public Class tbSecurity
Public Shared enckey = "00000000000000000000000000000000"
Public Shared Function AESEncryptStringToBase64(strPlainText As String) As String
Dim Algo As RijndaelManaged = RijndaelManaged.Create()
With Algo
.BlockSize = 128
.FeedbackSize = 128
.KeySize = 256
.Mode = CipherMode.CBC
.IV = Guid.NewGuid().ToByteArray()
.Key = Encoding.ASCII.GetBytes(enckey)
End With
Using Encryptor As ICryptoTransform = Algo.CreateEncryptor()
Using MemStream As New MemoryStream
Using CryptStream As New CryptoStream(MemStream, Encryptor, CryptoStreamMode.Write)
Using Writer As New StreamWriter(CryptStream)
Writer.Write(strPlainText)
End Using
AESEncryptStringToBase64 = Convert.ToBase64String(Algo.IV.Concat(MemStream.ToArray()).ToArray())
End Using
End Using
End Using
End Function
Public Shared Function AESDecryptBase64ToString(strCipherText As String) As String
Dim arrSaltAndCipherText As Byte() = Convert.FromBase64String(strCipherText)
Dim Algo As RijndaelManaged = RijndaelManaged.Create()
With Algo
.BlockSize = 128
.FeedbackSize = 128
.KeySize = 256
.Mode = CipherMode.CBC
.IV = arrSaltAndCipherText.Take(16).ToArray()
.Key = Encoding.ASCII.GetBytes(enckey)
End With
Using Decryptor As ICryptoTransform = Algo.CreateDecryptor()
Using MemStream As New MemoryStream(arrSaltAndCipherText.Skip(16).ToArray())
Using CryptStream As New CryptoStream(MemStream, Decryptor, CryptoStreamMode.Read)
Using Reader As New StreamReader(CryptStream)
AESDecryptBase64ToString = Reader.ReadToEnd()
End Using
End Using
End Using
End Using
End Function
End ClassPHP代码就像..。
<?php
$inputstr = $_GET['str'];
$ky = '00000000000000000000000000000000'; // 32 * 8 = 256 bit key
$iv = '1234567890123456'; // 32 * 8 = 256 bit iv
echo "<hr>";
echo "Input Str = " . $inputstr;
echo "<hr>";
echo "Decrypted Str = " . decryptRJ256($ky,$iv,$inputstr);
function decryptRJ256($key,$iv,$string_to_decrypt)
{
$string_to_decrypt = base64_decode($string_to_decrypt);
$rtn = openssl_decrypt($string_to_decrypt, "aes-256-cbc", $key,0,$iv);
$rtn = rtrim($rtn, "\0\4");
return($rtn);
}
function encryptRJ256($key,$iv,$string_to_encrypt)
{
$rtn = openssl_decrypt($string_to_encrypt, "aes-256-cbc", $key,0,$iv);
$rtn = base64_encode($rtn);
return($rtn);
}
?>我遇到了一个使用AES128和PHP8的mcrypt扩展的代码的“工作”示例,但是我使用的是PHP8,而且Mcrypt是不受支持的,所以我真的不想走这条路。
有人能为我指出一个正确的方向吗?要么使用AES256在vb.net中解密的openssl实现在PHP中加密字符串,要么以相反的方式进行加密?我不在乎我要修改哪种环境,即使两者兼而有之。
事先非常感谢
回答 1
Stack Overflow用户
回答已采纳
发布于 2021-06-17 19:48:55
VB代码中的AESEncryptStringToBase64()在PKCS7填充模式下用AES加密明文。键大小决定AES变体,例如AES-256的32字节。在加密过程中,生成一个GUID,该GUID充当IV。加密后,IV和密文被连在一起,Base64被编码。
PHP中一种可能的实现是:
function encrypt($key, $plaintext){
$iv = random_bytes(16);
$ciphertext = openssl_encrypt($plaintext, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
$ivCiphertext = $iv . $ciphertext;
$ivCiphertextB64 = base64_encode($ivCiphertext);
return $ivCiphertextB64;
}注意:
- 在PHP代码中,将生成一个密码安全的IV (参见CSPRNG ),而不是GUID。这至少和VB代码中使用的GUID一样安全,参见微软的GUID生成器密码安全吗?。
- 在PHP代码中,指定了AES-256,因此需要一个32字节的密钥。因此,在VB代码中,为了兼容性,还必须使用32字节键。如果VB代码中的密钥大小不同,则必须相应地调整PHP代码中的AES变体,例如,对于一个16字节的键,可以使用
aes-128-cbc。
AESDecryptBase64ToString()在VB代码中是对应的,因此采用相同的算法、模式和填充方式。首先对加密的数据进行Base64解码。前16个字节是IV,其余的是密文,然后解密。
PHP中一种可能的实现是:
function decrypt($key, $ivCiphertextB64){
$ivCiphertext = base64_decode($ivCiphertextB64);
$iv = substr($ivCiphertext, 0, 16);
$ciphertext = substr($ivCiphertext, 16);
$decryptedData = openssl_decrypt($ciphertext, "aes-256-cbc", $key, OPENSSL_RAW_DATA, $iv);
return $decryptedData;
}测试:
// Test 1:
$key = '00000000000000000000000000000000';
$plaintext = 'The quick brown fox jumps over the lazy dog';
$ivCiphertextB64 = encrypt($key, $plaintext);
$decrypted = decrypt($key, $ivCiphertextB64);
print("Test 1 - Ciphertext: " . $ivCiphertextB64 . PHP_EOL);
print("Test 1 - Decrypted: " . $decrypted . PHP_EOL);
// Test 2: Decrypt ciphertext from VB
$ivCiphertextB64 = '6z4IGlnv5UOd+MWUOfP5m4ymJ/XUp+VijU0D4xBLRr/T1JWAsxRApW6aJgptmN4q2f0seibD/2jktvkDydz33g==';
$decrypted = decrypt($key, $ivCiphertextB64);
print("Test 2 - Decrypted: " . $decrypted . PHP_EOL);
// Test 3: Encrypt plaintext for VB
$plaintext = 'The quick brown fox jumps over the lazy dog';
$ivCiphertextB64 = encrypt($key, $plaintext);
print("Test 3 - Encrypted: " . $ivCiphertextB64 . PHP_EOL);具有以下可能的输出:
Test 1 - Ciphertext: cadDJ82W94xKz4MQlvZ4IPBYvytpJezgbAY+ZYi76Z/zcGieUFDZLzEsjenolbEP2pR9JTHOHnG+ylJCXZd45g==
Test 1 - Decrypted: The quick brown fox jumps over the lazy dog
Test 2 - Decrypted: The quick brown fox jumps over the lazy dog
Test 3 - Encrypted: Teo0qUA553EJ9y9O0lb0gjVzWHE8+EQyklnbq6v8ziK5SXNAhX6HdyfdtHkyQUKAWXmFazWx2bEkIDwqjM+aQA==测试1显示,用encrypt()加密的密文可以用decrypt()解密。测试2解密用VB代码加密的密文。测试3生成一个可以用VB代码解密的密文。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/68024433
复制相关文章
相似问题
腾讯云开发者
