首页 > 代码库 > erlang的token值加解密

erlang的token值加解密

2024-07-26 21:46:22   218人阅读

     对于加解密,需客户端和服务器制定好对应的规则(如:加密算法(aes,des等)、加密模式(cbc,cfb)),去加密,再按逆序列解密。这里的key是根据数字、大小写字母、符合组合的,每次请求获取一个动态key,暂且叫做”一次一密钥“;

而也可以设计为:前后端一开始定义好一个固定key,这样好处是:就不需获取随机key,也不需要在最后把加密内容和Key穿插起来发送,只需给需加密的内容加密即可。

但这样的坏处是:如果拿到固定的key,就可以模拟前端报文连续给server端发消息,key的级别不强;而每次随机获取key相对就好了很多。

   下面附erlang做客户端加密部分代码及服务端解密部分代码:

 1 -module(cc). 2  3 -compile(export_all). 4  5 -define(TOKEN_IVEC, <<"Egl63xPQYEcIY0RJ">>). 6   7 %%client加密部分 8 aes_encode() -> 9    Time = list_to_binary(integer_to_list(unixtime1()) ++"000" ),10    io:format("Time...client...~p~n",[Time]),11    Key  = list_to_binary(random()),12    io:format("Key...client...~p~n",[Key]),13    AES = crypto:aes_cbc_128_encrypt(Key, ?TOKEN_IVEC, Time),14    Text = base64:encode(AES),15    Text1 = binary_to_list(Text),16    End =  foldl(lists:sublist(Text1,1,16),binary_to_list(Key)) ++ lists:sublist(Text1,17,8),17    End.18 19 %随机生成16位Key值20  random() ->21   Str = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_",22   %%一次随机取多个,再分别取出对应值23   N = [random:uniform(length(Str)) || _Elem <- lists:seq(1,16)],24   RandomKey = [lists:nth(X,Str) || X<- N ],25   RandomKey.     26 27 unixtime1() ->28     {MegaSecs, Secs, _MicroSecs} = erlang:now(),29     MegaSecs * 1000000000 + Secs * 100000 .30 31 foldl(A, B) ->32     foldl(A, B, []).33 foldl([H|T], [H1|T1], Acc) ->34     foldl(T, T1, Acc++[H|[H1]]);35 foldl([], [], Acc) ->36     Acc.37 38 39 40 41 %%server解密部分42 verify_token( Token ) ->43     case Token of44         "" ->45             {error, "token error"};46         TokenStr ->47             {CryptoStr, Key} = verify_token_scan(TokenStr, <<>>, <<>>, 16),48   io:format("Key...server...~p~n",[Key]),49             Cipher = base64:decode(CryptoStr),50             TimestampStr = binary_to_list(crypto:aes_cbc_128_decrypt(Key, ?TOKEN_IVEC, Cipher)),51             Timestamp = list_to_integer(lists:sublist(TimestampStr, 13)),52 53 io:format("Timestamp ...server...~p~n",[Timestamp]),54             Now = now_time(),55             if56                 Timestamp > (Now - 691200) * 1000 ->57                     ok;58                 true ->  59                     {error, "1token error"}60             end61     end.62     63 now_time() ->64      {X, Y, _} = now(),65      X * 1000000 + Y.    66     67 verify_token_scan(TokenStr, CryptoStr, Key, 0) ->68     {iolist_to_binary([CryptoStr, TokenStr]), Key};69 verify_token_scan([C, K|TokenStr], CryptoStr, Key, KeyLength) ->            70     verify_token_scan(TokenStr, <<CryptoStr/binary, C>>, <<Key/binary, K>>, KeyLength - 1);71 verify_token_scan([], CryptoStr, Key, _KeyLength) -> 72     {CryptoStr, Key}.
View Code

 

运行结果如下:

 

涉及了随机数的取法,加解密及base64转码以及反序列化的解密等东西.

 

erlang的token值加解密


联系
我们