PHP AES 加密/解密

PHP AES encrypt / decrypt(PHP AES 加密/解密)
本文介绍了PHP AES 加密/解密的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我找到了一个在 PHP 中编码/解码字符串的示例.起初它看起来很好,但它不起作用:-(

I found an example for en/decoding strings in PHP. At first it looks very good but it wont work :-(

有人知道是什么问题吗?

Does anyone know what the problem is?

$Pass = "Passwort";
$Clear = "Klartext";

$crypted = fnEncrypt($Clear, $Pass);
echo "Encrypted: ".$crypted."</br>";

$newClear = fnDecrypt($crypted, $Pass);
echo "Decrypted: ".$newClear."</br>";

function fnEncrypt($sValue, $sSecretKey) {
    return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $sSecretKey, $sDecrypted, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));
}

function fnDecrypt($sValue, $sSecretKey) {
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $sSecretKey, base64_decode($sEncrypted), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));
}

结果是:

加密:boKRNTYYNp7AiOvY1CidqsAn9wX4ufz/D9XrpjAOPk8=

解密:—( ^ y~F'–í 2_B‰—

推荐答案

$sDecrypted$sEncrypted 在您的代码中未定义.查看有效的解决方案(但不安全!):

$sDecrypted and $sEncrypted were undefined in your code. See a solution that works (but is not secure!):

这个例子不安全!不要使用它!

<小时>

$Pass = "Passwort";
$Clear = "Klartext";        

$crypted = fnEncrypt($Clear, $Pass);
echo "Encrypred: ".$crypted."</br>";

$newClear = fnDecrypt($crypted, $Pass);
echo "Decrypred: ".$newClear."</br>";        

function fnEncrypt($sValue, $sSecretKey)
{
    return rtrim(
        base64_encode(
            mcrypt_encrypt(
                MCRYPT_RIJNDAEL_256,
                $sSecretKey, $sValue, 
                MCRYPT_MODE_ECB, 
                mcrypt_create_iv(
                    mcrypt_get_iv_size(
                        MCRYPT_RIJNDAEL_256, 
                        MCRYPT_MODE_ECB
                    ), 
                    MCRYPT_RAND)
                )
            ), ""
        );
}

function fnDecrypt($sValue, $sSecretKey)
{
    return rtrim(
        mcrypt_decrypt(
            MCRYPT_RIJNDAEL_256, 
            $sSecretKey, 
            base64_decode($sValue), 
            MCRYPT_MODE_ECB,
            mcrypt_create_iv(
                mcrypt_get_iv_size(
                    MCRYPT_RIJNDAEL_256,
                    MCRYPT_MODE_ECB
                ), 
                MCRYPT_RAND
            )
        ), ""
    );
}

但是此代码中存在其他问题使其不安全,尤其是使用 ECB(这不是加密模式,只是加密模式之上的构建块可以定义).请参阅 Fab Sa 的回答 以快速解决最严重的问题和 Scott 的回答如何正确地做到这一点.

But there are other problems in this code which make it insecure, in particular the use of ECB (which is not an encryption mode, only a building block on top of which encryption modes can be defined). See Fab Sa's answer for a quick fix of the worst problems and Scott's answer for how to do this right.

这篇关于PHP AES 加密/解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

Encryption in JavaScript and decryption with PHP(JavaScript 加密和 PHP 解密)
Best solution to protect PHP code without encryption(无需加密即可保护 PHP 代码的最佳解决方案)
Upgrading my encryption library from Mcrypt to OpenSSL(将我的加密库从 Mcrypt 升级到 OpenSSL)
How to add/remove PKCS7 padding from an AES encrypted string?(如何从 AES 加密字符串中添加/删除 PKCS7 填充?)
How do I upgrade from PHP 7.0 to 7.3 on google cloud platform?(如何在谷歌云平台上从 PHP 7.0 升级到 7.3?)
Setting up firebase v3 custom auth with php(使用 php 设置 firebase v3 自定义身份验证)