加密字段解密方法
收藏解密方法
- 1.根据ClientKey找到ClientSecret,将ClientSecret向左右使用字符补齐32位/裁剪至32位,补齐:补位字符:#, 先补左侧再补右侧再补左侧······直到补满32位。裁剪:先裁剪左侧再裁右侧再裁左侧······直到剩余32位。(正常不需要补齐,secret默认为32位,此举是为了以防万一)
- 2.将ClientSecret作为Key, 右侧16位为向量IV
- 3.将密文进行base64解码。
- 4.使用AES-256-CBC模式解密解码后的密文,对齐使用PKCS5Padding方式
SDK
Golang SDK
package utils import ( "bytes" "crypto/aes" "crypto/cipher" "encoding/base64" ) // AesDecrypt 解密函数 // encryptedStr:base64后的密文 // secret:appid/client_key对应的client_secret // return: []byte 明文 func AesDecrypt(encryptedStr string, secret string) ([]byte, error) { // 加密字符串进行base64解码 decodeBytes, err := base64.StdEncoding.DecodeString(encryptedStr) if err != nil { return nil, err } key, iv := parseSecret(secret) block, err := aes.NewCipher(key) if err != nil { return nil, err } blockSize := block.BlockSize() blockMode := cipher.NewCBCDecrypter(block, iv[:blockSize]) origData := make([]byte, len(decodeBytes)) blockMode.CryptBlocks(origData, decodeBytes) origData = PKCS5UnPadding(origData) return origData, nil } // parseSecret 将secret解析为key和iv func parseSecret(secret string) ([]byte, []byte) { // secret对齐为32位 secret = cutSecret(secret) secret = fillSecret(secret) key, iv := secret, secret[16:] return []byte(key), []byte(iv) } func fillSecret(secret string) string { if len(secret) >= 32 { return secret } rightCnt := (32 - len(secret)) / 2 leftCnt := 32 - len(secret) - rightCnt var byt bytes.Buffer byt.Write(bytes.Repeat([]byte("#"), leftCnt)) byt.WriteString(secret) byt.Write(bytes.Repeat([]byte("#"), rightCnt)) return byt.String() } func cutSecret(secret string) string { if len(secret) <= 32 { return secret } rightCnt := (len(secret) - 32) / 2 leftCnt := len(secret) - 32 - rightCnt return secret[leftCnt: 32+leftCnt] } func PKCS5UnPadding(origData []byte) []byte { length := len(origData) unpadding := int(origData[length-1]) return origData[:(length - unpadding)] }
Java SDK
package com.douyin.open.goodlife; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.util.Base64; public class SignUtil { /* * appid/client_key对应的client_secret TODO 这里换成服务商的appsecret */ private static final String secret = "12345678901234566543210987654321"; private static final String key; private static final String iv; static { key = parseSecret(secret); iv =key.substring(16); } /** * @Description AES解密 * @param data base64后的密文 * @return 明文 */ public static String decryptAES(String data) throws Exception { try { byte[] encrypted1 = decode(data);//先用base64解密 Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES"); IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes()); cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec); byte[] original = cipher.doFinal(encrypted1); String originalString = new String(original); return originalString.trim(); } catch (Exception e) { e.printStackTrace(); return null; } } /** * base64编码 */ public static String encode(byte[] byteArray) { return new String(Base64.getEncoder().encode(byteArray)); } /** * base64解码 */ public static byte[] decode(String base64EncodedString) { return Base64.getDecoder().decode(base64EncodedString); } private static String parseSecret(String secret) { secret = fillSecret(secret); secret = cutSecret(secret); return secret; } private static String cutSecret(String secret) { if (secret.length() <= 32) { return secret; } int rightCnt = (secret.length() - 32) / 2; int leftCnt = secret.length() - 32 - rightCnt; return secret.substring(leftCnt, 32 + leftCnt); } private static String fillSecret(String secret) { if (secret.length() >= 32) { return secret; } int rightCnt = (32 - secret.length()) / 2; int leftCnt = 32 - secret.length() - rightCnt; StringBuilder sb = new StringBuilder(""); for (int i = 0; i < leftCnt; i++) { sb.append('#'); } sb.append(secret); for (int i = 0; i < rightCnt; i++) { sb.append('#'); } return sb.toString(); } }
PHP SDK
<?php class SignUtil { /* * appid/client_key对应的client_secret TODO 这里换成服务商的appsecret */ private static $secret = "12345678901234566543210987654321"; private static $key; private static $iv; public static function init() { self::$key = self::parseSecret(self::$secret); self::$iv = substr(self::$key, 16); } /** * @Description AES解密 * @param string $data base64后的密文 * @return string 明文 */ public static function decryptAES($data) { try { $encrypted = self::decode($data); // 先用base64解密 $decrypted = openssl_decrypt( $encrypted, 'AES-256-CBC', self::$key, OPENSSL_RAW_DATA, self::$iv ); return $decrypted; } catch (Exception $e) { error_log($e->getMessage()); return null; } } /** * base64编码 */ public static function encode($data) { return base64_encode($data); } /** * base64解码 */ public static function decode($data) { return base64_decode($data); } private static function parseSecret($secret) { $secret = self::fillSecret($secret); $secret = self::cutSecret($secret); return $secret; } private static function cutSecret($secret) { if (strlen($secret) <= 32) { return $secret; } $rightCnt = (int)((strlen($secret) - 32) / 2); $leftCnt = strlen($secret) - 32 - $rightCnt; return substr($secret, $leftCnt, 32); } private static function fillSecret($secret) { if (strlen($secret) >= 32) { return $secret; } $rightCnt = (int)((32 - strlen($secret)) / 2); $leftCnt = 32 - strlen($secret) - $rightCnt; $sb = str_repeat('#', $leftCnt); $sb .= $secret; $sb .= str_repeat('#', $rightCnt); return $sb; } } // 初始化静态变量 SignUtil::init(); // 使用示例 $decrypted = SignUtil::decryptAES("加密字符串"); echo $decrypted; ?>
