AES加密Android / AES解密PHP

Question

我试图在Android和PHP端使用AES加密/解密数据，但收到的答案为空。

首先，我在Android中生成了对称密钥：

public static  SecretKeySpec generateSymmetric() {

    // Set up secret key spec for 128-bit AES encryption and decryption
    SecretKeySpec sks = null;
    try {
        SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
        sr.setSeed("any data used as random seed".getBytes());
        KeyGenerator kg = KeyGenerator.getInstance("AES");
        kg.init(128, sr);
        sks = new SecretKeySpec((kg.generateKey()).getEncoded(), "AES");

        System.out.println("AES KEY: " + sks);
    } catch (Exception e) {
        Log.e(TAG, "AES secret key spec error");
    }
    return sks;
}

然后我将SecretKeySpec转换为Base64字符串格式：

public static String ConvertSymmetricKeyToString(SecretKeySpec key) {

    String symmetric_key = null;

    symmetric_key = Base64.encodeToString(key.getEncoded(), Base64.DEFAULT);
    return symmetric_key;
}

调用以下函数：

    SecretKeySpec symmKey = generateSymmetric();


    newSymmetricKeyString = CreateEncryptedXml.ConvertSymmetricKeyToString(symmKey);

然后我使用SecretKeySpec对数据进行加密：

    private static String encryptDataWithSymmetricKey (SecretKeySpec symmKey, String data) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {


    // encryption
    byte[] toBeCiphred = data.getBytes("UTF-8");
    String encryptedData = null;

    try {
        Cipher c = Cipher.getInstance("AES");
        c.init(Cipher.ENCRYPT_MODE, symmKey);
        byte[] encodedBytes = c.doFinal(toBeCiphred);
        System.out.println("BYTE STRING (ASYMM): " + encodedBytes);
        encryptedData = Base64.encodeToString(encodedBytes, Base64.DEFAULT);

    } catch (Exception e) {
        Log.e(TAG, "AES encryption error");
        throw new RuntimeException(e);
    }


    return encryptedData;
}
    encryptedData = encryptDataWithSymmetricKey(symmKey, text);

然后，我将字符串密钥、AES密钥和加密数据(用这个AES密钥加密)打包在XML中，并使用okhttp向php服务器发出POST请求。字符串密钥使用RSA加密。

在服务器端，我尝试解密数据。我可以解密(从RSA) AES密钥，并得到它的字符串表示。在客户端(Android)和服务器端(PHP)是一样的。但是如何使用这个字符串AES密钥来解密数据呢？我试过这个(PHP)：

   $encryptionMethod = "AES-128-CBC";  

  //$decryptedAESKey is an Android AES SecretKeySpec converted  to string
  //in Android the string key was base64_encoded, so i decode it
  $secretHash = base64_decode($decryptedAESKey);


 // Decrypt
  $decryptedMessage = openssl_decrypt(base64_decode($encryptedData),  $encryptionMethod, $secretHash);

  //Result
  echo "Encrypted: $encryptedData   ";
  echo " Decrypted: $decryptedMessage";

php中的结果：

Encrypted:      s/00eZdv6sMq1hIgPUMMknb1w8d03t+R5KHn5FkHqhNJyDlBZlbm8t+t4RWh9tg/7LD9R2VbihGG
                                                                 Boz9ydMEszYGgTanE2TII+OOSFZIYgCU7ekKkRLax+F2yoMvSB52LDxQ9b9ZOTxy0Zn+hH6jbVdl
                                                               HVffbk+DJTJ1PVgeRfTaG4yC6cmXh5oFx7vDxM2u+8FWc3rNTt9zKUiu0FGLn3pWpA4wyCZfoCnA
                                                               rSJWrtaPLWxPEqipJCafTc1wRof9PqkDmIQJLOr84FpsnhH0JqjwXRmyDp5K8jKe+UzvE/B1B5Sj
                                                               QiTgK1Z2wPXzQClXimX2U9AQYc33FsYQMATHNw==
                                                                   Decrypted: 

怎么啦？

Answer 1

当使用CBC模式时，需要块大小(AES为16字节) iv (初始化向量)，这在代码中是缺失的。此外，还不清楚安卓代码中的ENCRYPT_MODE是什么。