分析某客户端协议,发现如下代码:
|
1 2 3 4 |
SecretKey localSecretKey = SecretKeySpec(paramArrayOfByte, "AES"); Cipher localCipher = Cipher.getInstance("AES"); localCipher.init(2, localSecretKey); byte[] arrayOfByte = localCipher.doFinal(paramArrayOfByte); |
这个和之前分析航旅纵横客户端时的代码类似,都是128位ECB。
当时只是用openssl看了看请求:
|
1 |
openssl aes-128-ecb -d -in packet.aes -out packet.txt -a -K KEY_IN_HEX |
于是参考mcrypt的文档,写了简单的代码实现上边Java代码里的AES 128 ECB加密解密
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
<?php class aes_128_ecb { protected function prepare_key($key) { $new_key = array_fill(0, 16, 0); for ($i=0; isset($key[$i]); $i++) { $new_key[$i % 16] ^= ord($key[$i]); } $key_text = ''; foreach ($new_key as $c) { $key_text .= chr($c); } return $key_text; } public function decrypt($key, $cipher) { $key = $this->prepare_key($key); return rtrim( mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $cipher, MCRYPT_MODE_ECB, '' ), "\x00..\x1F" ); } public function encrypt($key, $plain) { $key = $this->prepare_key($key); $pad_value = 16 - strlen($plain) % 16; if ($pad_value != 16) { $plain .= str_repeat(chr($pad_value), $pad_value); } return mcrypt_encrypt( MCRYPT_RIJNDAEL_128, $key, $plain, MCRYPT_MODE_ECB, mcrypt_create_iv( mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_DEV_URANDOM ) ); } } |
PHP解密AES by @sskaje: https://sskaje.me/2015/02/php-aes-encrypt-decrypt/
Link to this post!