JAVA、Python、PHP一致的任意长度secret秘钥加解密AES/ECB/PKCS5Padding算法实现代码

近期遇到一个需要在 java、python、php 中实现一直的aes 加密算法,其实本质上倒不是很复杂,但是其中的参数调整是比较麻烦的事儿。
找了一些参考资料,最终搞定了,实际代码如下:

主要特性

JAVA、Python、PHP三种语言统一

统一一致的对AES/ECB/PKCS5Padding 算法的加解密实现;

任意长度秘钥

网上很多代码实现,都是基于指定的16位长度秘钥实现,而很多企业场景里,都是自定义长度的秘钥,所以要做特定的处理。这里实现了支持 任意长度秘钥, 跨三种语言做了统一。

支持utf-8 编码

不再赘述;

代码实现

Java代码实现

CryptUtilPublic.java

/**
 * @author: https://www.baihezi.com
 */
package com.baihezi.www.utils;

import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;

/*
 *
 *
 * AES 加密解密工具类
 * 秘钥长度:  支持任意长度
 * 算法:  AES/ECB/PKCS5Padding
 * 字符编码: utf-8
 * 多语言统一: java,  python, php 统一
 * 开放范围: open api 对外场景
 *
 * @notice: 由于对外,所以以下代码中任何一个配置参数都不要随意改,要考虑好兼容性
 *
 * @description: 对外开放的class 名字为: EncryptUtil, 位于 com.amap.wia.openapi.test.lib.EncryptUtil
 *
 *
 */
public class CryptUtilPublic {

    /** 密钥长度: 128, 192 or 256,默认128,不要随意改 */
    private static final int KEY_SIZE = 128;

    private static final Base64 base64 = new Base64();

    /** 加密/解密算法名称 */
    private static final String ALGORITHM = "AES"; // AES = AES/ECB/PKCS5Padding

    /** 随机数生成器(RNG)算法名称 */
    private static final String RNG_ALGORITHM = "SHA1PRNG";

    /**
     * 生成密钥对象
     */
    private static SecretKey generateKey(String key) throws Exception {

        // 创建安全随机数生成器
        SecureRandom random = SecureRandom.getInstance(RNG_ALGORITHM);
        // 设置 密钥key的字节数组 作为安全随机数生成器的种子
        random.setSeed(key.getBytes());
        // 创建 AES算法生成器
        KeyGenerator gen = KeyGenerator.getInstance(ALGORITHM);
        // 初始化算法生成器
        gen.init(KEY_SIZE, random);
        return gen.generateKey();
    }
    /**
     *
     * @param originalData 原始文本
     * @param key
     * @return
     * @throws Exception
     */

    public static String encrypt(String originalData, String key) throws Exception {
        byte[] plainBytes = originalData.getBytes(StandardCharsets.UTF_8);
        if (plainBytes.length == 0) {
            return "";
        }
        if (key == null || key.length()== 0) {
            return "";
        }

        SecretKey secKey = generateKey(key);
        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, secKey);
        byte[] cipherBytes = cipher.doFinal(plainBytes);

        return base64encode(cipherBytes);
    }

    protected static byte[] base64decode(String str) {
        return base64.decode(str);
    }

    protected static String base64encode(byte[] bytes) {
        return base64.encodeToString(bytes);
    }
    /**
     * 将二进制转换成16进制
     *
     * @param buf
     * @return
     */
    public static String parseByte2HexStr(byte buf[]) {

        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < buf.length; i++) {
            String hex = Integer.toHexString(buf[i] & 0xFF);
            if (hex.length() == 1) {
                hex = '0' + hex;
            }
            sb.append(hex.toUpperCase());
        }
        return sb.toString();
    }

    /**
     * 将16进制转换为二进制
     *
     * @param hexStr
     * @return
     */
    public static byte[] parseHexStr2Byte(String hexStr) {
        if (hexStr.length() < 1) {
            return null;
        }
        byte[] result = new byte[hexStr.length() / 2];
        for (int i = 0; i < hexStr.length() / 2; i++) {
            int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
            int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
            result[i] = (byte) (high * 16 + low);
        }
        return result;
    }

    public static String decrypt(String encrypedData, String key) throws Exception {

        byte[] cipherBytes = base64decode(encrypedData);
        SecretKey secKey = generateKey(key);

        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.DECRYPT_MODE, secKey);

        byte[] plainBytes = cipher.doFinal(cipherBytes);
        return new String(plainBytes, StandardCharsets.UTF_8);
    }

//    public static void main(String[] args) {
//        try {
//            String originalData = "14464614210中文的001";
//            String key = "asdfasdasdfsdfasdf23434tgsdfhxcvau4IKf";
//            String encrypedData = encrypt(originalData, key);
//
//            String decryptedText = decrypt(encrypedData, key);
//            System.out.println("original value: " + originalData);
//            System.out.println("encrypted value: " + encrypedData);
//            System.out.println("original value: " + decryptedText);
//        } catch (Exception e) {
//            e.printStackTrace();
//        }
//    }

}

Java 代码运行结果输出:

original value: 14464614210中文的001
encrypted value: 7C7F99DFC543F6E2DD18BAA96E6E889D6C690C860DC959E5CD91E47E8F6F2B69
original value: 14464614210中文的001

python 代码实现

CryptUtilPublic.py (python3)

# AES-ECB加密
# by https://www.baihezi.com
import hashlib
import base64
from crypto.Cipher import AES

class EncryptUtil:
    def __init__(self, key):
        self.key = self.get_sha1prng_key(key) # 初始化密钥
        self.length = AES.block_size  # 初始化数据块大小
        self.aes = AES.new(self.key, AES.MODE_ECB)  # 初始化AES,ECB模式的实例
        # 截断函数,去除填充的字符
        self.unpad = lambda date: date[0:-ord(date[-1])]
    # 使用SHA1方法生成的随机数,对key做处理
    def get_sha1prng_key(self, key):
        signature = hashlib.sha1(key.encode("utf-8")).digest()
        signature = hashlib.sha1(signature).digest()

        return signature[:16]

    def pad(self, text):
        """
        #填充函数,使被加密数据的字节码长度是block_size的整数倍
        """
        count = len(text.encode('utf-8'))
        add = self.length - (count % self.length)
        entext = text + (chr(add) * add)
        return entext

    def encrypt(self, originalData):  # 加密函数
        res = self.aes.encrypt(self.pad(originalData).encode("utf8"))
        encryptString = base64.b64encode(res).decode("utf8")
        return encryptString

    def decrypt(self, encrypedData):  # 解密函数
        res = base64.b64decode(encrypedData.encode("utf8"))
        msg = self.aes.decrypt(res).decode("utf8")
        return self.unpad(msg)

# 秘钥
secret = 'asdfasdasdfsdfasdf23434tgsdfhxcvau4IKf'
eg = EncryptUtil(secret)  # 这里密钥的长度可以是任意长度

data = "14464614210中文的001"
encryptData = eg.encrypt(data)
decryptData = "fH+Z38VD9uLdGLqpbm6InWxpDIYNyVnlzZHkfo9vK2k="
print("original value: " + data)
print("encrypted value: " + encryptData)
print("decrypted value: "+ eg.decrypt(decryptData))

python 代码运行结果输出:

original value: 14464614210中文的001
encrypted value: 7C7F99DFC543F6E2DD18BAA96E6E889D6C690C860DC959E5CD91E47E8F6F2B69
decrypted value: 14464614210中文的001

PHP代码实现

EncryptUtil.php

<?php
/**
 * EncryptUtil  对称加密
 * 对齐 Java的 AES/ECB/PKCS5Padding
 */
class EncryptUtil{
    /**
     * encrypt aes加密
     * @param    $originalData 要加密的数据
     * @param    $secretKey   加密的秘钥 
     * @return   
     */
    public static function encrypt($originalData, $secretKey){
        $secretKey = self::_sha1prng($secretKey);
        $iv = '';
        $data = openssl_encrypt($originalData, 'AES-128-ECB', $secretKey, OPENSSL_RAW_DATA, $iv);
        $data = base64_encode($data);
        return $data;
    }

    /**
     * decrypt aes解密
     * @param $encrypedData 要解密的数据
     * @param $secretKey 加密的秘钥 
     * @return  
     */
    public static function decrypt($encrypedData, $secretKey){
        $secretKey = self::_sha1prng($secretKey);
        $iv = '';
        $decrypted = openssl_decrypt(base64_decode($encrypedData), 'AES-128-ECB', $secretKey, OPENSSL_RAW_DATA, $iv);
        return $decrypted;
    }

    /**
     * SHA1PRNG算法
     * @param  $secretKey  加密的秘钥 
     * @return 
     */
    private static function _sha1prng($secretKey){
        return substr(openssl_digest(openssl_digest($secretKey, 'sha1', true), 'sha1', true), 0, 16);
    }
}

$aesModel = new EncryptUtil();
$data = '14464614210中文的001';
$secret = "asdfasdasdfsdfasdf23434tgsdfhxcvau4IKf";
//加密
$encryptData = EncryptUtil::encrypt($data, $secret);
//解密
$decryptData = EncryptUtil::decrypt($encryptData, $secret);
print_r("original value: " . $data."n");
print("encrypted value: " . $encryptData."n");
print("decrypted value: ". $decryptData."n");

$encrypted = 'fH+Z38VD9uLdGLqpbm6InWxpDIYNyVnlzZHkfo9vK2k=';

$secret = 'asdfasdasdfsdfasdf23434tgsdfhxcvau4IKf';

var_dump(EncryptUtil::decrypt($encrypted, $secret));

PHP代码运行结果输出:

original value: 14464614210中文的001
encrypted value: 7C7F99DFC543F6E2DD18BAA96E6E889D6C690C860DC959E5CD91E47E8F6F2B69
decrypted value: 14464614210中文的001