java(Android)版的AES加密

public String encryptWithAES(String key, String message) {
    try {
        // Use md5 value as the real key
        byte[] b = key.getBytes();
        MessageDigest md = MessageDigest.getInstance("MD5");
        byte[] keyData = md.digest(b);

        SecretKeySpec skey = new SecretKeySpec(keyData), "AES");
        // Create an 8-byte initialization vector
        byte[] iv = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d,
                0x0e, 0x0f };
        AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
        
        Cipher ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        // CBC requires an initialization vector
        ecipher.init(Cipher.ENCRYPT_MODE, skey, paramSpec);

        byte[] plaintext = message.getBytes();
        byte[] result = ecipher.doFinal(plaintext, 0, plaintext.length);
        
        return Base64.encodeToString(result, Base64.DEFAULT);
    } catch (Exception e) {
        e.printStackTrace();
    }
    return null;
}

public String decryptWithAES(String key, String message) {
    try {
        // Use md5 value as the real key
        byte[] b = key.getBytes();
        MessageDigest md = MessageDigest.getInstance("MD5");
        byte[] keyData = md.digest(b);

        SecretKeySpec skey = new SecretKeySpec(keyData), "AES");
        // Create an 8-byte initialization vector
        byte[] iv = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d,
                0x0e, 0x0f };
        AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
        
        Cipher dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        // CBC requires an initialization vector
        dcipher.init(Cipher.DECRYPT_MODE, skey, paramSpec);

        byte[] messageData = Base64.decode(message, Base64.DEFAULT);
        byte[] result = dcipher.doFinal(messageData, 0, messageData.length);
        
        return new String(result);
    } catch (Exception e) {
        e.printStackTrace();
    }
    return null;
}

Node.js版AES加密

let iv = [0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d,
    0x0e, 0x0f];

function encrypt_with_aes(key, message) {
    let md5 = crypto.createHash('md5').update(key).digest('hex');
    const cipher = crypto.createCipheriv(
        'aes-128-cbc',
        new Buffer(md5, 'hex'),
        new Buffer(iv)
    );
    // cipher.setAutoPadding(true);
    var encrypted = cipher.update(message, 'utf8', 'base64');
    encrypted += cipher.final('base64');
    console.log('encode message: ' + encrypted);
    return encrypted;
}

function decrypt_with_aes(key, message) {
    let md5 = crypto.createHash('md5').update(key).digest('hex');
    const decipher = crypto.createDecipheriv(
        'aes-128-cbc',
        new Buffer(md5, 'hex'),
        new Buffer(iv)
    );
    var decrypted = decipher.update(message, 'base64', 'utf8');
    decrypted += decipher.final('utf8');
    console.log('decode message: ' + decrypted);
    return decrypted;
}

Golang版AES加密

func EncryptWithAES(key, message string) string {

    hash := md5.New()
    hash.Write([]byte(key))
    keyData := hash.Sum(nil)

    block, err := aes.NewCipher(keyData)
    if err != nil {
        panic(err)
    }

    iv := []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}

    enc := cipher.NewCBCEncrypter(block, iv)
    content := PKCS5Padding([]byte(message), block.BlockSize())
    crypted := make([]byte, len(content))
    enc.CryptBlocks(crypted, content)
    return base64.StdEncoding.EncodeToString(crypted)
}

func DecryptWithAES(key, message string) string {

    hash := md5.New()
    hash.Write([]byte(key))
    keyData := hash.Sum(nil)

    block, err := aes.NewCipher(keyData)
    if err != nil {
        panic(err)
    }

    iv := []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}
    
    messageData, _ := base64.StdEncoding.DecodeString(message)
    dec := cipher.NewCBCDecrypter(block, iv)
    decrypted := make([]byte, len(messageData))
    dec.CryptBlocks(decrypted, messageData)
    return string(PKCS5Unpadding(decrypted))
}

func PKCS5Padding(ciphertext []byte, blockSize int) []byte {
    padding := blockSize - len(ciphertext)%blockSize
    padtext := bytes.Repeat([]byte{byte(padding)}, padding)
    return append(ciphertext, padtext...)
}

func PKCS5Unpadding(encrypt []byte) []byte {
    padding := encrypt[len(encrypt)-1]
    return encrypt[:len(encrypt)-int(padding)]
}

Java版本和Node.js版本好久以前就已經(jīng)在用了，所以相互之間加解密肯定沒問題，但是這兩天在弄的這個Golang版本的死活就是不通，還以為是Padding的時候算法不一樣，后來幾乎把網(wǎng)絡上的Padding算法全部查遍了，都是一樣的，也就是說Padding肯定是不會錯的，最后一點點的排查才發(fā)現(xiàn)原來是key弄錯了，加密時key的長度沒有限制，但是AES128加密時key需要16位，所以這里就直接取key的MD5值，但是這個過程一不留心就出問題了。

MD5算法是這樣的

func Md5(buf []byte) string {
    hash := md5.New()
    hash.Write(buf)
    return fmt.Sprintf("%x", hash.Sum(nil))
}

在key生成MD5后直接輸出了hex后的字符串，然后對這個字符串直接轉[]byte

keyData := []byte(MD5([]byte(key)))

這樣就導致了key出錯，搞了一下午才查出問題所在，看來以后敲代碼還是得細心才行。