AES-256-CBC 加密/解密十六进制字符串在 php 中使用 openssl
[英]AES-256-CBC Encryption/Decryption hex string using openssl in php
问题描述
I'm a noob developer and I'm trying to decrypt some data but when I use OpenSSL in PHP I received no response.
我是一个 noob 开发人员,我正在尝试解密一些数据,但是当我在 PHP 中使用 OpenSSL 时,我没有收到任何响应。 Also, when trying to encrypt data OpenSSL add a block of characters.此外,当尝试加密数据 OpenSSL 时,添加一个字符块。
This is the code:这是代码:
<?php
$dataToDecrypt = hex2bin("C2E5CDFE8BBFBC7350D40538434824DD3E11520B89A5BFDE24FA064DB2EED6EA");
$aesKey = hex2bin("E3FB8EA130722FA99266B96B77C2735C39393939393939393920202020202020");
$iv = hex2bin("00000000000000000000000000000000");
$result = openssl_decrypt($dataToDecrypt, 'AES-256-CBC', $aesKey, OPENSSL_RAW_DATA, $iv);
echo bin2hex($result);
?>
The $result is supposed to be: $result应该是:
C3A6149C73FFBE4EAD36DC62FE40877D17CD690F37B06058CA3D65A345CC8212
I've tried this on VB and even in a AES encription web page ( http://aes.online-domain-tools.com/ ) and the result is correct.我已经在 VB 上甚至在 AES 加密网页( http://aes.online-domain-tools.com/ )中尝试过这个,结果是正确的。 But when trying with PHP I've got no answer.但是在尝试使用 PHP 时,我没有答案。
I noticed when encrypting with the same information, the encrypted data is different.我注意到用相同的信息加密时,加密的数据是不同的。 This is the code:这是代码:
<?php
$dataToEncrypt = hex2bin("C3A6149C73FFBE4EAD36DC62FE40877D17CD690F37B06058CA3D65A345CC8212");
$aesKey = hex2bin("E3FB8EA130722FA99266B96B77C2735C39393939393939393920202020202020");
$iv = hex2bin("00000000000000000000000000000000");
$result = openssl_encrypt($dataToEncrypt, 'AES-256-CBC', $aesKey, OPENSSL_RAW_DATA, $iv);
echo bin2hex($result);
?>
When I encrypt the result is:当我加密时,结果是:
C2E5CDFE8BBFBC7350D40538434824DD3E11520B89A5BFDE24FA064DB2EED6EA3A3ED407DC78D6AF9030BAB90CB40EAD
I get 32 characters more than expected ( 3A3ED407DC78D6AF9030BAB90CB40EAD ).我得到的字符比预期多 32 个( 3A3ED407DC78D6AF9030BAB90CB40EAD )。 When I encrypt in VB or using the web page mentioned before I don't get these 32 extra characters.当我在 VB 中加密或使用之前提到的网页时,我没有得到这 32 个额外的字符。
Why is this happening?为什么会这样? Am I missing something?我错过了什么吗? I've been searching for an answer for several days.几天来我一直在寻找答案。 Any help is appreciated.任何帮助表示赞赏。
1 个解决方案
解决方案1
2 已采纳 2017-05-23 17:31:02
To see something during PHP decrypt you need to turn on warning messages.要在 PHP 解密期间查看某些内容,您需要打开警告消息。
Essentially the openssl_decrypt call will first decrypt your ciphertext.本质上, openssl_decrypt调用将首先解密您的密文。 As long as your ciphertext is a multiple of 16 bytes (the block size of AES) this will always succeed.只要您的密文是 16 字节(AES 的块大小)的倍数,这将始终成功。 After that it will try and perform PKCS#7 compatible unpadding, which will fail (with high probability).之后它将尝试执行与 PKCS#7 兼容的 unpadding,这将失败(很有可能)。 To make it not unpad, use the OPENSSL_ZERO_PADDING in addition to OPENSSL_RAW_DATA .为了使它不被取消OPENSSL_ZERO_PADDING ,除了OPENSSL_RAW_DATA之外,还使用OPENSSL_RAW_DATA 。
The same goes for your encryption function of course.当然,您的加密功能也是如此。 Currently you receive the ciphertext of the padded plaintext.当前您收到填充明文的密文。 This will add exactly one block of padding if the input plaintext is a multiple of the block size (and it is in your sample code).如果输入纯文本是块大小的倍数(并且它在您的示例代码中),这将恰好添加一个填充块。 So you need OPENSSL_ZERO_PADDING there as well.所以你也需要OPENSSL_ZERO_PADDING 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.