SHA1 PHP mcrypt_decrypt结果
[英]SHA1 the PHP mcrypt_decrypt result
问题描述
I have 2 encrypt & decrypt functions using PHP mcrypt library. 
我使用PHP mcrypt库有2个加密和解密函数。
public function encrypt_string($input, $key) {
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$cipher = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $input, MCRYPT_MODE_CBC, $iv);
return base64_encode($iv . $cipher);
}
public function decrypt_string($input, $key) {
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$ciphertext = base64_decode($input);
$iv = substr($ciphertext, 0, $iv_size);
$cipher = substr($ciphertext, $iv_size);
return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $cipher, MCRYPT_MODE_CBC, $iv);
}
Given that the key is generated by: 鉴于密钥是由以下因素生成的:
$key = pack('H*', 'dfgsdighsdfksdhfosdfasdjldsfsdfgdfkgdl'); // a random key
I can successfully obtain back the input after encryption & decryption. 我可以在加密和解密后成功获取输入。
Here is the code: 这是代码:
$pass = '123456';
echo sha1($pass) . PHP_EOL; // prints 7c4a8d09ca3762af61e59520943dc26494f8941b
$pass_cipher = encrypt_string($pass, $key);
$pass_decrypt = decrypt_string($pass_cipher, $key);
echo $pass_decrypt . PHP_EOL; // prints 123456
echo sha1($pass_decrypt) . PHP_EOL; // prints f41b44dbecccaccfbb4ccf6a7fc4921c03878c6d
However, the SHA1 result is different: 但是,SHA1结果不同:
7c4a8d09ca3762af61e59520943dc26494f8941b // before encrypt & decrypt
f41b44dbecccaccfbb4ccf6a7fc4921c03878c6d // after encrypt & decrypt
Why is it different ? 它为什么不同? What did I miss ? 我错过了什么 ?
UPDATE: 更新:
The accepted answer is useful. 接受的答案很有用。 For people who wants additional information, here it is: 对于想要了解更多信息的人来说,这里是:
echo bin2hex($pass) . PHP_EOL; // prints 313233343536
echo bin2hex($pass_decrypt) . PHP_EOL; // prints 31323334353600000000000000000000
and after trim() , the SHA1 result works as expected, as empty hidden 0 are removed. 在trim() ,SHA1结果按预期工作,因为删除了空隐藏0 。
2 个解决方案
解决方案1
6 已采纳 2013-10-15 12:22:58
Problem is that your decrypt_string returns 16 bytes string, that is filled with 0 bytes at the right side. 问题是你的decrypt_string返回16个字节的字符串,在右侧填充0个字节。 It's a problem known for about 2 years . 这是一个已知约2年的问题。
Remove null bytes from the right with line similar to this one: 从右侧删除空字节,其行与此类似:
return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $cipher, MCRYPT_MODE_CBC, $iv), "\0");
Be careful not to encrypt things with null character at the end, as cryptology functions in PHP works as if all strings were null-terminated and are not shy to cut string at first \\0 or to return a bit of \\0 s glued to the end of their output. 注意不要在末尾加密带有空字符的东西,因为PHP中的密码学函数就好像所有字符串都是以空值终止的并且不会害羞地在第一个字符串切割字符串\\0或者返回一些粘贴到字符串的\\0 s他们的输出结束。
解决方案2
0 2017-05-13 06:29:24
in post encrypted data + sign will be replaced with whitespace. 在帖子中加密的数据+符号将被替换为空格。 thats why decryption was not done . 这就是解密没有完成的原因。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.