百度地图服务生态

敏感信息加密规范

更新时间2022-05-12

敏感信息加密规范

描述

对手机号、用户名等敏感信息进行AES加密,确保数据安全。采用AES加密,加密算法:MCRYPT_RIJNDAEL_128,算法模式:MCRYPT_MODE_ECB,补码方式:PKCS5Padding,密钥长度32个字符。

php

<?php
class AESUtil {

        var $key = "1234567812345678";

        public function __set($key, $value){
            $this->$key = $value;
        }

        public function __get($key) {
            return $this->$key;
        }

        public function encrypt($input) {
            $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
            $input = $this->pkcs5_pad($input, $size);
            $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
            $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
            mcrypt_generic_init($td, $this->key, $iv);
            $data = mcrypt_generic($td, $input);
            mcrypt_generic_deinit($td);
            mcrypt_module_close($td);
            $data = $this->base64url_encode($data);
            return $data;
        }

        private function pkcs5_pad ($text, $blocksize) {
            $pad = $blocksize - (strlen($text) % $blocksize);
            return $text . str_repeat(chr($pad), $pad);
        }

        public function strToHex($string)  
        {  
            $hex="";  
            for ($i=0;$i<strlen($string);$i++){
                $hex.=dechex(ord($string[$i]));
            }
            $hex=strtoupper($hex);  
            return  $hex;  
        }  
        public function hexToStr($hex)  
        {  
            $string="";  
            for($i=0;$i<strlen($hex)-1;$i+=2){
                $string.=chr(hexdec($hex[$i].$hex[$i+1]));  
            }
            return $string;  
        }

        public function decrypt($sStr) {
            $decrypted= mcrypt_decrypt(
                MCRYPT_RIJNDAEL_128,
                $this->key,
                $this->base64url_decode($sStr),
                MCRYPT_MODE_ECB
            );
            $dec_s = strlen($decrypted);
            $padding = ord($decrypted[$dec_s-1]);
            $decrypted = substr($decrypted, 0, -$padding);
            return $decrypted;
        }

        public function base64url_encode($data) {
            return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
        }
        
        public function base64url_decode($data) {
            return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
        } 
}

$aes = new AESUtil();

//设置密钥
$aes->__set("key", "12345678123456781234567812345678");

echo $aes->encrypt("test_text");

echo "\r\n";

echo $aes->decrypt("XMTnr_1GLnQzmaV_8TTKJg");

?>

java

public class AESUtil {

    public static String decryptByAes(String sSrc, String reqKey) {
        try {
            byte[] raw;
            if (reqKey != null) {
                raw = reqKey[0].getBytes("ASCII");
            } else {
                raw = sKey.getBytes("ASCII");
            }

            SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(Cipher.DECRYPT_MODE, skeySpec);
            byte[] encrypted1 = decryptUrlSafe(sSrc);
            try {
                byte[] original = cipher.doFinal(encrypted1);
                String originalString = new String(original);
                return originalString;
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        } catch (Exception ex) {
            ex.printStackTrace();
            return null;
        }
    }


    public static String encryptByAes(String sSrc, String...reqKey) throws Exception {
        byte[] raw;
        if (reqKey != null) {
            raw = reqKey[0].getBytes("ASCII");
        } else {
            raw = sKey.getBytes("ASCII");
        }
        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
        byte[] encrypted = cipher.doFinal(sSrc.getBytes());
        return encryptUrlSalf(encrypted);
    }

    public static byte[] decryptUrlSafe(String key) throws Exception {
        String decodeStr = key.replaceAll("-", "+").replaceAll("_", "/");
        String qualsStr = "";
        if ((key.length() % 4) != 0){
            for (int i = 0; i < 4- (key.length() % 4); i++) {
                qualsStr += "=";    
            }
        }
        return Base64.decode(decodeStr + qualsStr);
    }

    public static String encryptUrlSalf(byte[] key) {
        String str = Base64.encode(key);
        str = str.replaceAll("\\+", "-").replaceAll("/", "_").replaceAll("=+$", "");
        return str;
    }

}

python

# -*- coding=utf-8-*-

    from Crypto.Cipher import AES
    import os
    from Crypto import Random
    import base64

"""
aes加密算法
padding : PKCS5
"""

    class AESUtil:
        __BLOCK_SIZE_16 = BLOCK_SIZE_16 = AES.block_size

        @staticmethod
        def encryt(str, key):
            cipher = AES.new(key, AES.MODE_ECB)
            x = AESUtil.__BLOCK_SIZE_16 - (len(str) % AESUtil.__BLOCK_SIZE_16)
            if x != 0:
                 str = str + chr(x)*x
            msg = cipher.encrypt(str)
            msg = base64.urlsafe_b64encode(msg).replace('=', '')
            return msg

        @staticmethod
        def decrypt(enStr, key):
            cipher = AES.new(key, AES.MODE_ECB)
            enStr += (len(enStr) % 4)*"="
            decryptByts = base64.urlsafe_b64decode(enStr)
            msg = cipher.decrypt(decryptByts)
            paddingLen = ord(msg[len(msg)-1])
            return msg[0:-paddingLen]

    if __name__ == "__main__":
        key = "12345678123456781234567812345678"
        print AESUtil.encryt("test_text", key)
        print AESUtil.decrypt("XMTnr_1GLnQzmaV_8TTKJg", key)
发票回传请求 | 百度->商户联运填单 | 商户实现的H5