标签:des style blog http color io os ar for
对于加解密,需客户端和服务器制定好对应的规则(如:加密算法(aes,des等)、加密模式(cbc,cfb)),去加密,再按逆序列解密。这里的key是根据数字、大小写字母、符合组合的,每次请求获取一个动态key,暂且叫做”一次一密钥“;
而也可以设计为:前后端一开始定义好一个固定key,这样好处是:就不需获取随机key,也不需要在最后把加密内容和Key穿插起来发送,只需给需加密的内容加密即可。
但这样的坏处是:如果拿到固定的key,就可以模拟前端报文连续给server端发消息,key的级别不强;而每次随机获取key相对就好了很多。
下面附erlang做客户端加密部分代码及服务端解密部分代码:
1 -module(cc). 2 3 -compile(export_all). 4 5 -define(TOKEN_IVEC, <<"Egl63xPQYEcIY0RJ">>). 6 7 %%client加密部分 8 aes_encode() -> 9 Time = list_to_binary(integer_to_list(unixtime1()) ++"000" ), 10 io:format("Time...client...~p~n",[Time]), 11 Key = list_to_binary(random()), 12 io:format("Key...client...~p~n",[Key]), 13 AES = crypto:aes_cbc_128_encrypt(Key, ?TOKEN_IVEC, Time), 14 Text = base64:encode(AES), 15 Text1 = binary_to_list(Text), 16 End = foldl(lists:sublist(Text1,1,16),binary_to_list(Key)) ++ lists:sublist(Text1,17,8), 17 End. 18 19 %随机生成16位Key值 20 random() -> 21 Str = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_", 22 %%一次随机取多个,再分别取出对应值 23 N = [random:uniform(length(Str)) || _Elem <- lists:seq(1,16)], 24 RandomKey = [lists:nth(X,Str) || X<- N ], 25 RandomKey. 26 27 unixtime1() -> 28 {MegaSecs, Secs, _MicroSecs} = erlang:now(), 29 MegaSecs * 1000000000 + Secs * 100000 . 30 31 foldl(A, B) -> 32 foldl(A, B, []). 33 foldl([H|T], [H1|T1], Acc) -> 34 foldl(T, T1, Acc++[H|[H1]]); 35 foldl([], [], Acc) -> 36 Acc. 37 38 39 40 41 %%server解密部分 42 verify_token( Token ) -> 43 case Token of 44 "" -> 45 {error, "token error"}; 46 TokenStr -> 47 {CryptoStr, Key} = verify_token_scan(TokenStr, <<>>, <<>>, 16), 48 io:format("Key...server...~p~n",[Key]), 49 Cipher = base64:decode(CryptoStr), 50 TimestampStr = binary_to_list(crypto:aes_cbc_128_decrypt(Key, ?TOKEN_IVEC, Cipher)), 51 Timestamp = list_to_integer(lists:sublist(TimestampStr, 13)), 52 53 io:format("Timestamp ...server...~p~n",[Timestamp]), 54 Now = now_time(), 55 if 56 Timestamp > (Now - 691200) * 1000 -> 57 ok; 58 true -> 59 {error, "1token error"} 60 end 61 end. 62 63 now_time() -> 64 {X, Y, _} = now(), 65 X * 1000000 + Y. 66 67 verify_token_scan(TokenStr, CryptoStr, Key, 0) -> 68 {iolist_to_binary([CryptoStr, TokenStr]), Key}; 69 verify_token_scan([C, K|TokenStr], CryptoStr, Key, KeyLength) -> 70 verify_token_scan(TokenStr, <<CryptoStr/binary, C>>, <<Key/binary, K>>, KeyLength - 1); 71 verify_token_scan([], CryptoStr, Key, _KeyLength) -> 72 {CryptoStr, Key}.
运行结果如下:
涉及了随机数的取法,加解密及base64转码以及反序列化的解密等东西.
标签:des style blog http color io os ar for
原文地址:http://www.cnblogs.com/unqiang/p/4021754.html