关于aes:AESjs加密解密与C的相互转换

125次阅读

共计 3590 个字符,预计需要花费 9 分钟才能阅读完成。

AES 简介

AES, Advanced Encryption Standard,其实是一套规范:FIPS 197,而咱们所说的 AES 算法其实是 Rijndael 算法。

NIST (National INstitute of Standards and Technology) 在 1997 年 9 月 12 日公开征集更高效更平安的代替 DES 加密算法,第一轮共有 15 种算法入选,其中 5 种算法入围了决赛,别离是 MARS,RC6,Rijndael,Serpent 和 Twofish。又通过 3 年的验证、评测及公众探讨之后 Rijndael 算法最终入选。

Rijndael 算法

Rijndael 算法是由比利时学者 Joan Daemen 和 Vincent Rijmen 所提出的,算法的名字就由两位作者的名字组合而成。Rijndael 的劣势在于集安全性、性能、效率、可实现性及灵活性与一体。

背景

因为在 HTTP 中参数都是通过 URL 或者 Body 进行传输的,那么就存在信息的裸露问题,这时候很多敏感的信息就须要进行加密,避免敏感信息泄露。

具体实现

1、服务端加密 / 解密

public class DecryptStringAES
{
      /// <summary>  
      /// AES 加密算法  
      /// </summary>  
      /// <param name="input"> 明文字符串 </param>  
      /// <returns> 字符串 </returns>  
      public static string EncryptByAES(string input)
      {if (string.IsNullOrWhiteSpace(input))
          {return input;}
          using (RijndaelManaged rijndaelManaged = new RijndaelManaged())
          {
              rijndaelManaged.Mode = CipherMode.CBC;
              rijndaelManaged.Padding = PaddingMode.PKCS7;
              rijndaelManaged.FeedbackSize = 128;

              rijndaelManaged.Key = Encoding.UTF8.GetBytes(Decrypt.Key);
              rijndaelManaged.IV = Encoding.UTF8.GetBytes(Decrypt.AES_IV);

              ICryptoTransform encryptor = rijndaelManaged.CreateEncryptor(rijndaelManaged.Key, rijndaelManaged.IV);
              using (MemoryStream msEncrypt = new MemoryStream())
              {using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                  {using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                      {swEncrypt.Write(input);
                      }
                      byte[] bytes = msEncrypt.ToArray();
                      return Convert.ToBase64String(bytes);
                  }
              }
          }
      }

      /// <summary>  
      /// AES 解密  
      /// </summary>  
      /// <param name="input"> 密文字节数组 </param>  
      /// <returns> 返回解密后的字符串 </returns>  
      public static string DecryptByAES(string input)
      {if (string.IsNullOrWhiteSpace(input))
          {return input;}
          var buffer = Convert.FromBase64String(input);
          using (RijndaelManaged rijndaelManaged = new RijndaelManaged())
          {
              rijndaelManaged.Mode = CipherMode.CBC;
              rijndaelManaged.Padding = PaddingMode.PKCS7;
              rijndaelManaged.FeedbackSize = 128;

              rijndaelManaged.Key = Encoding.UTF8.GetBytes(Decrypt.Key);
              rijndaelManaged.IV = Encoding.UTF8.GetBytes(Decrypt.AES_IV);

              ICryptoTransform decryptor = rijndaelManaged.CreateDecryptor(rijndaelManaged.Key, rijndaelManaged.IV);
              using (MemoryStream msEncrypt = new MemoryStream(buffer))
              {using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, decryptor, CryptoStreamMode.Read))
                  {using (StreamReader srEncrypt = new StreamReader(csEncrypt))
                      {return srEncrypt.ReadToEnd();
                      }
                  }
              }
          }
      }        
  }

2、客户端 (JS)

  • 应用包

    npm install crypto-js
  • 定义 Key/IV

    const key = CryptoJS.enc.Utf8.parse("1234567890000000");
    const iv = CryptoJS.enc.Utf8.parse("1234567890000000");

    留神:客户端和服务端的 KEY/IV 必须保持一致

  • 加密办法

    //**************************************************************
    //* 字符串 / 对象加密
    //*   0:须要解密的字符串或对象
    //****************************************************************/
    function Encrypt(o) {if (typeof (o) === "string") {if (o) {var srcs = CryptoJS.enc.Utf8.parse(o);
              return CryptoJS.AES.encrypt(srcs, key, {
                  keySize: 128 / 8,
                  iv: iv,
                  mode: CryptoJS.mode.CBC,
                  padding: CryptoJS.pad.Pkcs7
              }).toString();}
      }
      else if (typeof (o) === "object") {for (var _o in o) {if (o[_o]) {var srcs = CryptoJS.enc.Utf8.parse(o[_o]);
                  o[_o] = CryptoJS.AES.encrypt(srcs, key, {
                      keySize: 128 / 8,
                      iv: iv,
                      mode: CryptoJS.mode.CBC,
                      padding: CryptoJS.pad.Pkcs7
                  }).toString();}
          };
    
      }
      return o;
    }
  • 解密办法

    //**************************************************************
    //* 字符串解密
    //*   str:须要解密的字符串
    //****************************************************************/
    function Decrypt(str) {
     var decrypt = CryptoJS.AES.decrypt(str, key, {
          keySize: 128 / 8,
          iv: iv,
          mode: CryptoJS.mode.CBC,
          padding: CryptoJS.pad.Pkcs7
      });
      var decryptedStr = decrypt.toString(CryptoJS.enc.Utf8);
      return decryptedStr;
    }

3、展现成果

  • 采纳简略的注册信息进行测试
  • Js 进行加密后的值
  • 服务端解密的值与注册的验证码统一

参考资料

  • https://www.c-sharpcorner.com…
  • https://stackoverflow.com/que…
  • crypto npm https://www.npmjs.com/package…
  • Aes 文档 https://github.com/matt-wu/AES

demo 下载地址:https://download.csdn.net/dow…

————————————————
原文链接:https://blog.csdn.net/xhl_jam…

正文完
 0