目前想使用aes,客户端传过来一个加密之后的字符串,然后在nginx中使用 lua aes解密,进行对称验证
使用同样的key, iv和mode,用python代码生成的机密字符串,在lua中无法解密,导致无法对接
lua代码:
local aes = require "resty.aes"
local str = require "resty.string"
local iv = "78afc8512559b62f"
local key = "78afc8512559b62f"
local text = "c6d1965bf800d5f7682636826c9a097e"
local aes_128_cbc_with_iv = assert(aes:new(key, nil, aes.cipher(128, "cbc"), {iv=iv, method=nil})
local encrypted = ngx.encode_base64(aes_128_cbc_with_iv:encrypt(text))
ngx.log(ngx.ERR, "#####encrypted: " .. encrypted)
ngx.log(ngx.ERR, "#####decrypted: " .. aes_128_cbc_with_iv:decrypt(ngx.decode_base64(encrypted)))
输出:
#####encrypted: zzZ15s2DIzkebVl47TLaMEwbwcznOg4HVsDGC1h8q4AE1qDglp6P3seQF1jyJXAl
#####decrypted: c6d1965bf800d5f7682636826c9a097e
python代码:
from Crypto.Cipher import AES
import base64
def pad_text16(s):
return s + (16 - len(s) % 16) * '\0'
def encryptByKey(key, orgtext, iv):
encryptor = AES.new(key, AES.MODE_CBC, iv)
result = encryptor.encrypt(pad_text16(orgtext))
return base64.b64encode(result)
def decryptByKey(key, orgtext, iv):
orgtext = orgtext.replace(' ', '+')
orgtext = base64.b64decode(orgtext)
decryptor = AES.new(key, AES.MODE_CBC, iv)
result = decryptor.decrypt(orgtext)
return result.rstrip('\0')
if __name__ == "__main__":
iv = "78afc8512559b62f"
orgtext = "c6d1965bf800d5f7682636826c9a097e"
encrypted = encryptByKey(iv, orgtext, iv)
print '#####encrypted: ', encrypted
print '#####decrypted: ', decryptByKey(iv, encrypted, iv)
输出:
#####encrypted: zzZ15s2DIzkebVl47TLaMEwbwcznOg4HVsDGC1h8q4Cawc/553a+CyHEUSGABK26
#####decrypted: c6d1965bf800d5f7682636826c9a097e
两种语言加密出来的字符串再使用base64之后,不一样,有特地请公司的ios小伙伴使用OC去进行同样规则的加密,得到的结果是和python的结果相同,
所以想请教一下大家,是什么地方使用错误