app接口传输加密,AES+签名,php实现
2018年01月23日 15:07:24
阅读数:607
一、说明
数据在传输层加密,app端:生成签名,并且对数据对接加密,服务端:解密数据,校验签名
通过抓包获取的效果
http://127.0.0.1/test_server.php?sign_c=55d714ddd874ee29462f00e6c3173450&send_u_e=RKt80FF4BvBwOUk7HRxWvUlpuUNtg30HGIX3AFfNOqKTv3lacOUcImXPXvUSaToTs8ju1sw/WtGUxw5vWUrGUZcBkB5q9mkwuo/MuDuRQivclvsX5NBMXNUP3rcEjj3Z3kvAq/ivCBWQH0MPZKXj2GGWZnuqia4fL00azVlJrMgB+bcbziaNKvZjpQebQZd3
这样安全性会很高,前提是app端反编译后得不到秘钥以及其算法
服务端解密:
二、代码如下:
-
<?php
-
//模拟app端
-
header("Content-type:text/html;charset=utf-8");
-
require 'encryption.class.php';
-
require 'sign.class.php';
-
//---------------very important------------
-
$signkey = 'asdfghjkl123trher65465er4m'; //签名秘钥
-
$contentkey = 'qwertyuiop123hewfti6545edrg'; //内容秘钥
-
//---------------------------------------
-
//修改资料
-
$send_data['uname'] = 'zhangsan';
-
$send_data['password'] = '1234567890';
-
$send_data['sex'] = '1';
-
$send_data['qianming'] = '这是我的blog:http://blog.csdn.net/qq43599939';
-
$send_data['deviceid'] = '821565464562154';
-
$send_data['time'] = time();
-
//第一步生成签名
-
$sign_c = SignatureClass::getSignature($send_data, $signkey);
-
//对内容进行加密 AES后base64
-
$send_u = SignatureClass::getStr($send_data);
-
$send_u_e = (EncryClass::encrypt($send_u,$contentkey));
-
//$send_u_e = trim(str_replace('+','%2B', (EncryClass::encrypt($send_u,$contentkey))));
-
//走get
-
//$url = 'http://127.0.0.1/test_server.php?sign_c='.$sign_c.'&send_u_e='.$send_u_e;
-
//走post
-
$curl = curl_init();
-
curl_setopt($curl, CURLOPT_URL, 'http://127.0.0.1/test_server.php');
-
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
-
curl_setopt($curl, CURLOPT_POST, 1);
-
$post_data = array(
-
"sign_c" => $sign_c,
-
"send_u_e" => $send_u_e
-
);
-
curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data);
-
$data = curl_exec($curl);
-
curl_close($curl);
-
print_r($data);
-
<?php
-
//服务端,接受数据处理
-
header("Content-type:text/html;charset=utf-8");
-
require 'encryption.class.php';
-
require 'sign.class.php';
-
//---------------very important------------
-
$signkey = 'asdfghjkl123trher65465er4m'; //签名秘钥
-
$contentkey = 'qwertyuiop123hewfti6545edrg'; //内容秘钥
-
//---------------------------------------
-
$send_u_e = $_POST['send_u_e'];
-
$sign_c = $_POST['sign_c'];
-
$send_u = EncryClass::decrypt($send_u_e,$contentkey);
-
$send_data_t = explode('&',$send_u);
-
$send_data = array();
-
foreach($send_data_t as $k=>$v)
-
{
-
$v_t = explode('=', $v);
-
$send_data[$v_t[0]] = trim($v_t[1]);
-
}
-
$sign_c_s = SignatureClass::getSignature($send_data, $signkey);
-
echo $sign_c_s;
-
echo '----';
-
echo $sign_c;
-
echo '<br>';
-
var_dump($send_data);
-
<?php
-
//加密算法,可替换
-
class EncryClass
-
{
-
private static $iv = "0126779521026546";//密钥偏移量IV,可自定义
-
//加密
-
public static function encrypt($encryptStr,$encryptKey) {
-
$localIV = self::$iv;
-
//Open module
-
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, $localIV);
-
//print "module = $module <br/>" ;
-
mcrypt_generic_init($module, $encryptKey, $localIV);
-
//Padding
-
$block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
-
$pad = $block - (strlen($encryptStr) % $block); //Compute how many characters need to pad
-
$encryptStr .= str_repeat(chr($pad), $pad); // After pad, the str length must be equal to block or its integer multiples
-
//encrypt
-
$encrypted = mcrypt_generic($module, $encryptStr);
-
//Close
-
mcrypt_generic_deinit($module);
-
mcrypt_module_close($module);
-
return base64_encode($encrypted);
-
}
-
//解密
-
public static function decrypt($encryptStr,$encryptKey) {
-
$localIV = self::$iv;
-
//Open module
-
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, $localIV);
-
//print "module = $module <br/>" ;
-
mcrypt_generic_init($module, $encryptKey, $localIV);
-
$encryptedData = base64_decode($encryptStr);
-
$encryptedData = mdecrypt_generic($module, $encryptedData);
-
return $encryptedData;
-
}
-
}
-
<?php
-
class SignatureClass
-
{
-
public static function getSignature($params, $secret)
-
{
-
$str = '';
-
ksort($params);
-
foreach ($params as $k => $v) {
-
$str .= "$k=$v&";
-
}
-
$str .= $secret;
-
return md5($str);
-
}
-
public static function getStr($params)
-
{
-
$str = '';
-
ksort($params);
-
foreach ($params as $k => $v) {
-
$str .= "$k=$v&";
-
}
-
$str = rtrim($str,'&');
-
return $str;
-
}
-
}