PHP, C# ve Java AES-256 Şifreleme ve Şifre Çözme

PHP

PHP, C# ve Java AES-256 Şifreleme ve Şifre Çözme

Savaş Dersim Çelik | Çarşamba Nisan 17th, 2019 | Yorum Yok | 2.199 Görüntülenme | 0 Like

<?php $plaintext = 'Merhaba webinyo.com Hoş geldiniz.'; $password = '3sc3RLrpd17'; $method = 'aes-256-cbc'; $key = substr(hash('sha256', $password, true), 0, 32); echo "Password:" . $password . "\n"; $iv = chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0); // $ivlen = openssl_cipher_iv_length($method); // $iv = openssl_random_pseudo_bytes($ivlen); $encrypted = base64_encode(openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv)); $decrypted = openssl_decrypt(base64_decode($encrypted), $method, $key, OPENSSL_RAW_DATA, $iv); echo 'Metin=' . $plaintext . "\n"; echo 'cipher=' . $method . "\n"; echo 'Şifreli Metin: ' . $encrypted . "\n"; echo 'Çözülmüş Şifre: ' . $decrypted . "\n\n";

import android.util.Base64; import android.util.Log; import com.google.firebase.auth.FirebaseAuth; import com.google.firebase.auth.FirebaseUser; import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; /** * Encrypt and decrypt messages using AES 256 bit encryption that are compatible with AESCrypt-ObjC and AESCrypt Ruby. * <p/> * Created by scottab on 04/10/2014. */ public final class AESCrypt { private static final String TAG = "AESCrypt"; private String PACKAGENAME = "Test"; //AESCrypt-ObjC uses CBC and PKCS7Padding private static final String AES_MODE = "AES/CBC/PKCS7Padding"; private static final String CHARSET = "UTF-8"; private static FirebaseUser firebaseUser; //AESCrypt-ObjC uses SHA-256 (and so a 256-bit key) private static final String HASH_ALGORITHM = "SHA-256"; //AESCrypt-ObjC uses blank IV (not the best security, but the aim here is compatibility) private static final byte[] ivBytes = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; //togglable log option (please turn off in live!) public static boolean DEBUG_LOG_ENABLED = false; /** * Generates SHA256 hash of the password which is used as key * * @param password used to generated key * @return SHA256 of the password */ private static SecretKeySpec generateKey(final String password) throws NoSuchAlgorithmException, UnsupportedEncodingException { final MessageDigest digest = MessageDigest.getInstance(HASH_ALGORITHM); byte[] bytes = password.getBytes("UTF-8"); digest.update(bytes, 0, bytes.length); byte[] key = digest.digest(); log("SHA-256 key ", key); SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES"); return secretKeySpec; } /** * Encrypt and encode message using 256-bit AES with key generated from password. * * * @param password used to generated key * @param message the thing you want to encrypt assumed String UTF-8 * @return Base64 encoded CipherText * @throws GeneralSecurityException if problems occur during encryption */ public static String encrypt(final String password, String message) throws GeneralSecurityException { try { final SecretKeySpec key = generateKey(password); log("message", message); byte[] cipherText = encrypt(key, ivBytes, message.getBytes(CHARSET)); //NO_WRAP is important as was getting \n at the end String encoded = Base64.encodeToString(cipherText, Base64.NO_WRAP); log("Base64.NO_WRAP", encoded); return encoded; } catch (UnsupportedEncodingException e) { if (DEBUG_LOG_ENABLED) Log.e(TAG, "UnsupportedEncodingException ", e); throw new GeneralSecurityException(e); } } /** * More flexible AES encrypt that doesn't encode * @param key AES key typically 128, 192 or 256 bit * @param iv Initiation Vector * @param message in bytes (assumed it's already been decoded) * @return Encrypted cipher text (not encoded) * @throws GeneralSecurityException if something goes wrong during encryption */ public static byte[] encrypt(final SecretKeySpec key, final byte[] iv, final byte[] message) throws GeneralSecurityException { final Cipher cipher = Cipher.getInstance(AES_MODE); IvParameterSpec ivSpec = new IvParameterSpec(iv); cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec); byte[] cipherText = cipher.doFinal(message); log("cipherText", cipherText); return cipherText; } /** * Decrypt and decode ciphertext using 256-bit AES with key generated from password * * @param password used to generated key * @param base64EncodedCipherText the encrpyted message encoded with base64 * @return message in Plain text (String UTF-8) * @throws GeneralSecurityException if there's an issue decrypting */ public static String decrypt(final String password, String base64EncodedCipherText) throws GeneralSecurityException { try { final SecretKeySpec key = generateKey(password); log("base64EncodedCipherText", base64EncodedCipherText); byte[] decodedCipherText = Base64.decode(base64EncodedCipherText, Base64.NO_WRAP); log("decodedCipherText", decodedCipherText); byte[] decryptedBytes = decrypt(key, ivBytes, decodedCipherText); log("decryptedBytes", decryptedBytes); String message = new String(decryptedBytes, CHARSET); log("message", message); return message; } catch (UnsupportedEncodingException e) { if (DEBUG_LOG_ENABLED) Log.e(TAG, "UnsupportedEncodingException ", e); throw new GeneralSecurityException(e); } } /** * More flexible AES decrypt that doesn't encode * * @param key AES key typically 128, 192 or 256 bit * @param iv Initiation Vector * @param decodedCipherText in bytes (assumed it's already been decoded) * @return Decrypted message cipher text (not encoded) * @throws GeneralSecurityException if something goes wrong during encryption */ public static byte[] decrypt(final SecretKeySpec key, final byte[] iv, final byte[] decodedCipherText) throws GeneralSecurityException { final Cipher cipher = Cipher.getInstance(AES_MODE); IvParameterSpec ivSpec = new IvParameterSpec(iv); cipher.init(Cipher.DECRYPT_MODE, key, ivSpec); byte[] decryptedBytes = cipher.doFinal(decodedCipherText); log("decryptedBytes", decryptedBytes); return decryptedBytes; } private static void log(String what, byte[] bytes) { if (DEBUG_LOG_ENABLED) Log.d(TAG, what + "[" + bytes.length + "] [" + bytesToHex(bytes) + "]"); } private static void log(String what, String value) { if (DEBUG_LOG_ENABLED) Log.d(TAG, what + "[" + value.length() + "] [" + value + "]"); } /** * Converts byte array to hexidecimal useful for logging and fault finding * @param bytes * @return */ private static String bytesToHex(byte[] bytes) { final char[] hexArray = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'}; char[] hexChars = new char[bytes.length * 2]; int v; for (int j = 0; j < bytes.length; j++) { v = bytes[j] & 0xFF; hexChars[j * 2] = hexArray[v >>> 4]; hexChars[j * 2 + 1] = hexArray[v & 0x0F]; } return new String(hexChars); } private AESCrypt() { } public String md5(String s) { try { MessageDigest digest = java.security.MessageDigest.getInstance("MD5"); digest.update(s.getBytes()); byte messageDigest[] = digest.digest(); StringBuffer hexString = new StringBuffer(); for (int i=0; i<messageDigest.length; i++) hexString.append(Integer.toHexString(0xFF & messageDigest[i])); return hexString.toString(); }catch (NoSuchAlgorithmException e) { e.printStackTrace(); } return ""; } }

using System.Security.Cryptography; using System.IO; using System.Text; using System; public string EncryptString(string plainText, byte[] key, byte[] iv) { Aes encryptor = Aes.Create(); encryptor.Mode = CipherMode.CBC; byte[] aesKey = new byte[32]; Array.Copy(key, 0, aesKey, 0, 32); encryptor.Key = aesKey; encryptor.IV = iv; MemoryStream memoryStream = new MemoryStream(); ICryptoTransform aesEncryptor = encryptor.CreateEncryptor(); CryptoStream cryptoStream = new CryptoStream(memoryStream, aesEncryptor, CryptoStreamMode.Write); byte[] plainBytes = Encoding.ASCII.GetBytes(plainText); cryptoStream.Write(plainBytes, 0, plainBytes.Length); cryptoStream.FlushFinalBlock(); byte[] cipherBytes = memoryStream.ToArray(); memoryStream.Close(); cryptoStream.Close(); string cipherText = Convert.ToBase64String(cipherBytes, 0, cipherBytes.Length); return cipherText; } public string DecryptString(string cipherText, byte[] key, byte[] iv) { Aes encryptor = Aes.Create(); encryptor.Mode = CipherMode.CBC; byte[] aesKey = new byte[32]; Array.Copy(key, 0, aesKey, 0, 32); encryptor.Key = aesKey; encryptor.IV = iv; MemoryStream memoryStream = new MemoryStream(); ICryptoTransform aesDecryptor = encryptor.CreateDecryptor(); CryptoStream cryptoStream = new CryptoStream(memoryStream, aesDecryptor, CryptoStreamMode.Write); string plainText = String.Empty; try { byte[] cipherBytes = Convert.FromBase64String(cipherText); cryptoStream.Write(cipherBytes, 0, cipherBytes . Length); cryptoStream.FlushFinalBlock(); byte[] plainBytes = memoryStream.ToArray(); plainText = Encoding.ASCII.GetString(plainBytes, 0, plainBytes.Length); } finally { memoryStream.Close(); cryptoStream.Close(); } return plainText; }

string message = "My secret message 1234"; string password = "3sc3RLrpd17"; SHA256 mySHA256 = SHA256Managed.Create(); byte[] key = mySHA256.ComputeHash(Encoding.ASCII.GetBytes(password)); byte[] iv = new byte[16] { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 }; string encrypted = this.EncryptString(message, key, iv); string decrypted = this.DecryptString(encrypted, key, iv); Console.WriteLine(encrypted); Console.WriteLine(decrypted);