現(xiàn)在大部分的客戶端和服務端都是用不同編程語言開發(fā)的,例如java編寫android客戶端入篮,python編寫服務端陈瘦。因為語言的不同,RSA和AES在加密和解密的實現(xiàn)細節(jié)上可能會存在出入潮售,導致用java加密的密文用python解密會亂碼痊项,或者用python加密的密文用java解密會亂碼。這里記錄一下我在實現(xiàn)RSA+AES跨語言加密解密時踩過的那些坑酥诽。
對java和python實現(xiàn)RSA+AES混合加密解密不熟悉的同學可以看我之前的文章:
python實現(xiàn)RSA與AES混合加密
java實現(xiàn)RSA與AES混合加密
- java在進行RSA加密解密的時候鞍泉,私鑰必須用PKCS#8格式的,用PKCS#1格式的私鑰會拋出異常肮帐,不知道怎么進行PKCS#1和PKCS#8格式轉(zhuǎn)換的可以看我之前的文章
RSA公鑰和私鑰的生成以及PKCS#1與PKCE#8格式的轉(zhuǎn)換
- java在初始化RSA Cipher實例的時候少傳了參數(shù)咖驮,網(wǎng)上很多代碼在初始化RSA Cipher實例的時候是這樣寫的:
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
cipher.init(Cipher.DECRYPT_MODE, key);
但我的python代碼中初始化 RSA Cipher時是這樣寫的:
private_key = RSA.importKey(base64.b64decode(key))
cipher = PKCS1_OAEP.new(private_key, hashAlgo=SHA256)
指定了hashAlgo=SHA256,所以java在初始化RSA Cipher的時候要加一個參數(shù)
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
cipher.init(Cipher.DECRYPT_MODE, key, new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT));
- java在初始化AES Cipher時候我指定了CBC模式和PKCS5Padding填充模式
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
在python中我也指定了CBC模式训枢,但是在實現(xiàn)填充的時候?qū)崿F(xiàn)的是NoPadding模式托修,導致亂碼的出現(xiàn),應該寫成下面這樣:
def __pad(self, text):
# 填充方法恒界,加密內(nèi)容必須為16字節(jié)的倍數(shù)
text_length = len(text)
amount_to_pad = AES.block_size - (text_length % AES.block_size)
if amount_to_pad == 0:
amount_to_pad = AES.block_size
pad = chr(amount_to_pad)
return text + pad * amount_to_pad
def __unpad(self, text):
# 截取填充的字符
pad = ord(text[-1])
return text[:-pad]
- java對Base64編碼解碼的支持并不友好睦刃,經(jīng)常會出現(xiàn)各種各樣的問題,所以我后面換成別人實現(xiàn)的Base64編解碼了十酣,python就沒有這樣的問題
下面附上跨語言實現(xiàn)RSA+AES混合加密解密的代碼
java客戶端模擬發(fā)送加密信息給python服務器
java代碼
//明文
String text = "hello server!";
//隨機生成16位aes密鑰
byte[] aesKey = SecureRandomUtil.getRandom(16).getBytes();
System.out.println("生成的aes密鑰:\n" + new String(aesKey));
//使用aes密鑰對數(shù)據(jù)進行加密
String encryptText = AESCipher.encrypt(aesKey, text);
System.out.println("經(jīng)過aes加密后的數(shù)據(jù):\n" + encryptText);
//使用客戶端私鑰對aes密鑰簽名
String signature = RSACipher.sign(Config.CLIENT_PRIVATE_KEY, aesKey);
System.out.println("簽名:\n" + signature);
//使用服務端公鑰加密aes密鑰
byte[] encryptKey = RSACipher.encrypt(Config.SERVER_PUBLIC_KEY, aesKey);
System.out.println("加密后的aes密鑰:\n" + new String(encryptKey));
運行結(jié)果:
生成的aes密鑰:
qB986f4890CBl9ZU
經(jīng)過aes加密后的數(shù)據(jù):
JYhBn/AGsfRhuf/x2tvtkw==
簽名:
3mHEuVWjAPytInJsC41dprKTAMAJ5mbct4Tv1nzltfC4mxGxOH1B55a9qjkZ0hkUyBw/aukmUNcikSNB27g7kZ+WG3DQMr799fVmX9YA6G8xj3yjM8zvIo13agBtkiZ9Da1tmYC0yynU9CY/6VUYpUYnrs2Ci9Ttir0fDNkhSF8=
加密后的aes密鑰:
u+j5z9A7YrUFFf5UJ4PhynyKVx8/irC1/oFl7xpq0PzQtWxi0RzlrT/OY2L1nqlCOAAFj8Q6JDvrxV66nl/oEhrwvcETr3kcehqZmYJs6xr7ROf6b80UfibifoL7TOs2GhQOdMm0vlRb8vgBEKqc9uX4NN73M4FCH6zzf86mNAI=
python代碼
首先把java生成的加密的aes密鑰和簽名和加密的密文復制過來涩拙,模擬收到客戶端的參數(shù)
# 服務端代碼
# 模擬接收到客戶端的加密aes密鑰、簽名耸采、加密的密文
encrypt_key = 'u+j5z9A7YrUFFf5UJ4PhynyKVx8/irC1/oFl7xpq0PzQtWxi0RzlrT/OY2L1nqlCOAAFj8Q6JDvrxV66nl/oEhrwvcETr3kcehqZmYJs6xr7ROf6b80UfibifoL7TOs2GhQOdMm0vlRb8vgBEKqc9uX4NN73M4FCH6zzf86mNAI='
signature = '3mHEuVWjAPytInJsC41dprKTAMAJ5mbct4Tv1nzltfC4mxGxOH1B55a9qjkZ0hkUyBw/aukmUNcikSNB27g7kZ+WG3DQMr799fVmX9YA6G8xj3yjM8zvIo13agBtkiZ9Da1tmYC0yynU9CY/6VUYpUYnrs2Ci9Ttir0fDNkhSF8='
encrypt_text = 'JYhBn/AGsfRhuf/x2tvtkw=='
# 使用服務端私鑰對加密后的aes密鑰解密
aes_key = rsa_cipher.decrypt(Config.SERVER_PRIVATE_KEY, encrypt_key)
print('解密后的aes密鑰:\n%s' % aes_key)
# 使用客戶端公鑰驗簽
result = rsa_cipher.verify(Config.CLIENT_PUBLIC_KEY, aes_key, signature)
print('驗簽結(jié)果:\n%s' % result)
# 使用aes私鑰解密密文
aes_cipher = AESCipher(aes_key)
decrypt_text = aes_cipher.decrypt(encrypt_text)
print('經(jīng)過aes解密后的數(shù)據(jù):\n%s' % decrypt_text)
運行結(jié)果:
解密后的aes密鑰:
b'qB986f4890CBl9ZU'
驗簽結(jié)果:
True
經(jīng)過aes解密后的數(shù)據(jù):
hello server!
python服務器模擬發(fā)送加密信息給java客戶端
python代碼
# 明文
text = 'hello client!'
# 隨機生成aes的密鑰
aes_key = get_random_bytes(16)
print('隨機生成的aes密鑰:\n%s' % aes_key)
aes_cipher = AESCipher(aes_key)
rsa_cipher = RSACipher()
# 使用aes密鑰對數(shù)據(jù)進行加密
encrypt_text = aes_cipher.encrypt(text)
print('經(jīng)過aes加密后的數(shù)據(jù):\n%s' % encrypt_text)
# 使用客戶端私鑰對aes密鑰簽名
signature = rsa_cipher.sign(Config.CLIENT_PRIVATE_KEY, aes_key)
print('簽名:\n%s' % signature)
# 使用服務端公鑰加密aes密鑰
encrypt_key = rsa_cipher.encrypt(Config.SERVER_PUBLIC_KEY, aes_key)
print('加密后的aes密鑰:\n%s' % encrypt_key)
運行結(jié)果:
隨機生成的aes密鑰:
b'\x99\x89\xad\x1b\xf4>6\xc27N8\xec\x85\xc00\x89'
經(jīng)過aes加密后的數(shù)據(jù):
9VpY0ZHvCSbfapOn/obRvg==
簽名:
b'Cbcrf/WrmXMovWyueuDwfQtCRIY9PUDBZOf9npnuCj3tBlzZe2OJdZzlvXC2b5C4EC90eRR/NUTGFu5/HZ0n3+p/PtQBWMjEuuIDCC7+xraCG7MlcQPgpHOxyuZJRlRz8nNND8j4C6t/GJ6p5U80nTz3QD4QXHh2m3CKeNmt/B4='
加密后的aes密鑰:
b'bJT8chyoHaFNG+Cvrc11sPSYzO0WeiiO/UJTHp44On7sfTOxmfard7z0GHPqp3HDT1qFkILUUPQqF7NZSys2VwgYHFxWgisif/CPHWAJ2t7zWSTunOChd6OGqH+n4pbzIsJjYJLFgNYPCNA6IB3Qlcm7DYDjDCVbvttVjHxSyRU='
java代碼
//服務端代碼
//模擬接收到客戶端的加密的aes密鑰和簽名和加密的密文
byte[] encryptKey = "bJT8chyoHaFNG+Cvrc11sPSYzO0WeiiO/UJTHp44On7sfTOxmfard7z0GHPqp3HDT1qFkILUUPQqF7NZSys2VwgYHFxWgisif/CPHWAJ2t7zWSTunOChd6OGqH+n4pbzIsJjYJLFgNYPCNA6IB3Qlcm7DYDjDCVbvttVjHxSyRU=".getBytes();
String signature = "Cbcrf/WrmXMovWyueuDwfQtCRIY9PUDBZOf9npnuCj3tBlzZe2OJdZzlvXC2b5C4EC90eRR/NUTGFu5/HZ0n3+p/PtQBWMjEuuIDCC7+xraCG7MlcQPgpHOxyuZJRlRz8nNND8j4C6t/GJ6p5U80nTz3QD4QXHh2m3CKeNmt/B4=";
String encryptText = "9VpY0ZHvCSbfapOn/obRvg==";
//使用服務端私鑰對加密后的aes密鑰解密
byte[] aesKey = RSACipher.decrypt(Config.SERVER_PRIVATE_KEY, encryptKey);
System.out.println("解密后的aes密鑰:\n" + Arrays.toString(aesKey));
//使用客戶端公鑰驗簽
Boolean result = RSACipher.checkSign(Config.CLIENT_PUBLIC_KEY, aesKey, signature);
System.out.println("驗簽結(jié)果:\n" + result);
//使用aes私鑰解密密文
String decryptText = AESCipher.decrypt(aesKey, encryptText);
System.out.println("經(jīng)過aes解密后的數(shù)據(jù):\n" + decryptText);
運行結(jié)果:
解密后的aes密鑰:
[-103, -119, -83, 27, -12, 62, 54, -62, 55, 78, 56, -20, -123, -64, 48, -119]
驗簽結(jié)果:
true
經(jīng)過aes解密后的數(shù)據(jù):
hello client!
附上源碼:
https://github.com/taoyimin/rsa-aes-python
https://github.com/taoyimin/rsa-aes-java
