AES profiles

AES, Advanced Encryption Standard, is actually a set of standards: FIPS 197, and what we call AES algorithm is actually Rijndael algorithm.

NIST (National Institute of Standards and Technology) in September 12, 1997, the public collection of more efficient and more secure alternatives to DES encryption algorithm, the first round of a total of 15 algorithms were selected, of which 5 algorithms were finalists, MARS, RC6, Rijndael, Serpent and Twofish. The Rijndael algorithm was selected after three years of validation, evaluation and public discussion.

Rijndael algorithm

The Rijndael algorithm was proposed by Belgian scholars Joan Daemen and Vincent Rijmen, and the name of the algorithm is a combination of the names of the two authors. Rijndael’s strengths lie in its combination of security, performance, efficiency, implementability, and flexibility.

background

Since parameters are transmitted through URL or Body in HTTP, there is a problem of information exposure. At this time, a lot of sensitive information needs to be encrypted to prevent sensitive information from leaking.

The specific implementation

1. Server-side encryption/decryption

Public class DecryPtStringaes {/// <summary> // </summary> // <param name="input"> plaintext </param> /// < returns > string < / returns > public static string EncryptByAES (string input) {if (string. IsNullOrWhiteSpace (input)) {return input; } using (RijndaelManaged rijndaelManaged = new RijndaelManaged()) { rijndaelManaged.Mode = CipherMode.CBC; rijndaelManaged.Padding = PaddingMode.PKCS7; rijndaelManaged.FeedbackSize = 128; rijndaelManaged.Key = Encoding.UTF8.GetBytes(Decrypt.Key); rijndaelManaged.IV = Encoding.UTF8.GetBytes(Decrypt.AES_IV); ICryptoTransform encryptor = rijndaelManaged.CreateEncryptor(rijndaelManaged.Key, rijndaelManaged.IV); using (MemoryStream msEncrypt = new MemoryStream()) { using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)) { using (StreamWriter swEncrypt = new StreamWriter(csEncrypt)) { swEncrypt.Write(input); } byte[] bytes = msEncrypt.ToArray(); return Convert.ToBase64String(bytes); }}}} / / / < summary > / / / AES decryption / / / < summary > / / / < param name = "input" > cipher byte array < param > / / / < returns > the decrypted string < / returns > public static string DecryptByAES(string input) { if (string.IsNullOrWhiteSpace(input)) { return input; } var buffer = Convert.FromBase64String(input); using (RijndaelManaged rijndaelManaged = new RijndaelManaged()) { rijndaelManaged.Mode = CipherMode.CBC; rijndaelManaged.Padding = PaddingMode.PKCS7; rijndaelManaged.FeedbackSize = 128; rijndaelManaged.Key = Encoding.UTF8.GetBytes(Decrypt.Key); rijndaelManaged.IV = Encoding.UTF8.GetBytes(Decrypt.AES_IV); ICryptoTransform decryptor = rijndaelManaged.CreateDecryptor(rijndaelManaged.Key, rijndaelManaged.IV); using (MemoryStream msEncrypt = new MemoryStream(buffer)) { using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, decryptor, CryptoStreamMode.Read)) { using (StreamReader srEncrypt = new StreamReader(csEncrypt)) { return srEncrypt.ReadToEnd(); } } } } } }

2. Client (JS)

  • Use the package

    npm install crypto-js

  • Define Key/IV

    const key = CryptoJS.enc.Utf8.parse("1234567890000000");
const iv = CryptoJS.enc.Utf8.parse("1234567890000000");

    Note: The KEY/IV of the client and server must be the same

  • Encryption methods

    / / * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * / / * / object string encryption / / * 0: Need to decrypt a string or object / / * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * / function Encrypt (o) {if (typeof (o) = = =  "string") { if (o) { var srcs = CryptoJS.enc.Utf8.parse(o); return CryptoJS.AES.encrypt(srcs, key, { keySize: 128 / 8, iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }).toString(); } } else if (typeof (o) === "object") { for (var _o in o) { if (o[_o]) { var srcs = CryptoJS.enc.Utf8.parse(o[_o]); o[_o] = CryptoJS.AES.encrypt(srcs, key, { keySize: 128 / 8, iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }).toString(); }}; } return o; }

  • Decryption method

    / / * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * to decrypt the string / / / / * * STR: Need to Decrypt the string / / * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * / function Decrypt (STR) {var Decrypt = CryptoJS.AES.decrypt(str, key, { keySize: 128 / 8, iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }); var decryptedStr = decrypt.toString(CryptoJS.enc.Utf8); return decryptedStr; }

3. Display effect

  • Test with simple registration information
  • Js to encrypt the value
  • The value decrypted by the server is the same as the registered CAPTCHA

The resources

  • https://www.c-sharpcorner.com…
  • https://stackoverflow.com/que…
  • crypto npm https://www.npmjs.com/package…
  • Aes documents https://github.com/matt-wu/AES

Demo Download Address:
https://download.csdn.net/dow…

— — — — — — — — the original link: https://blog.csdn.net/xhl_jam…