昨天接到一个需求,需要对一个系统中的数据库敏感字段进行加解密,由于该项目的特殊性,需要同时支持java和python之间的密文互通。
上网搜了一波,大家的代码多多少少有点问题,不是解密不了就是加密报错。于是自己摸索一番,供大家参考
java 代码实现
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class AesEncryptUtils {
public final static Logger logger = Logger.getLogger(AesEncryptUtils.class);
public static String aesSecretKey="AESENCRYPTKEYSSA";
/**
* 加密方法
* @param sSrc
* @return
*/
public static String encrypt(String sSrc){
try {
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
byte[] raw =aesSecretKey.getBytes();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8"));
return new BASE64Encoder().encode(encrypted);//此处使用BASE64做转码。
}catch (Exception e){
logger.error("AesEncryptUtils:encrypt key error====>字段加密出错",e);
return null;
}
}
/**
* 解密方法
* @param sSrc
* @return
*/
public static String decrypt(String sSrc) {
try {
byte[] raw = aesSecretKey.getBytes("ASCII");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] encrypted1 = new BASE64Decoder().decodeBuffer(sSrc);//先用base64解密
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, "utf-8");
return originalString;
} catch (Exception e) {
logger.error("AesEncryptUtils:decrypt key error====>字段解密出错",e);
return null;
}
}
public static void main(String[] args) {
String user=AesEncryptUtils.encrypt("中文无敌13");
System.out.println(user);
System.out.println(AesEncryptUtils.decrypt("eXrG47v01GXfdKE5NjhRdn5aEmrJn/jsMPZyHAuwW0A="));
}
}
python代码实现
import base64
from Crypto.Cipher import AES
# test variable key
AES_SECRET_KEY = 'AESENCRYPTKEYSSA'
# java and python universal aes_encrypt util_tools
class AES_ENCRYPT(object):
def __init__(self):
self.mode = AES.MODE_ECB
self.length = AES.block_size
self.AES_SECRET_KEY = AES_SECRET_KEY
self.cryptor = AES.new(self.AES_SECRET_KEY, self.mode)
# if encrypt value is not 16 multiple then add to 16 multiple
self.pad = lambda s: s + (self.length - len(s.encode('utf-8')) % self.length) * chr(self.length - len(s.encode('utf-8')) % self.length)
# delete padding empty char
self.unpad = lambda s: s[0:-ord(s[-1:])]
# encrypt function
def encrypt(self, text):
en_text = text if text is not None else ''
ciphertext = self.cryptor.encrypt(self.pad(en_text))
encrypted_text = str(base64.encodebytes(ciphertext), encoding='utf-8') # 执行加密并转码返回bytes
return encrypted_text
# decrypt function
def decrypt(self, text):
base64_decrypted = base64.decodebytes(text.encode(encoding='utf-8'))
decrypted_text = str(self.cryptor.decrypt(base64_decrypted), encoding='utf-8')
return self.unpad(decrypted_text)
if __name__ == '__main__':
aesencrypt = AES_ENCRYPT()
user = aesencrypt.encrypt('股公司电视动画没有啊asds')
print(user)
print(aesencrypt.decrypt('eXrG47v01GXfdKE5NjhRdn5aEmrJn/jsMPZyHAuwW0A='))