[英]PHP switch from MCRYPT_MODE_ECB to AES-256-ECB
I am rewriting code to be compatible with PHP 7.2.我正在重写代码以与 PHP 7.2 兼容。 Old code is
旧代码是
public function encryptPasswordOld($password, $salt)
{
$key = md5($salt);
$result = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $password, MCRYPT_MODE_ECB);
return base64_encode($result);
}
New code should be according to my research something like this根据我的研究,新代码应该是这样的
public function encryptPasswordNew($password, $salt)
{
$method = 'AES-256-ECB';
$ivSize = openssl_cipher_iv_length($method);
$iv = openssl_random_pseudo_bytes($ivSize);
$key = md5($salt);
$result = openssl_encrypt($password, $method, $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($result);
}
but I tried every combination of openssl_encrypt options: OPENSSL_RAW_DATA
, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING
但我尝试了 openssl_encrypt 选项的每种组合:
OPENSSL_RAW_DATA
、 OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING
OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING
, OPENSSL_ZERO_PADDING
, 0
and still ended up with different result as the old method returns OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING
, OPENSSL_ZERO_PADDING
, 0
并且仍然以不同的结果作为旧方法返回
try to use pkcs5padding on value before encrypt.尝试在加密之前对值使用 pkcs5padding。 ie
即
remember the blocksize should be 8-byte based, ie 8/16/24 etc.记住块大小应该是基于 8 字节的,即 8/16/24 等。
function pkcs5_pad($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr(0), $pad);
}
and encrypt option should be OPENSSL_RAW_DATA |和加密选项应该是 OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, ie
OPENSSL_ZERO_PADDING,即
openssl_encrypt(pkcs5_pad($value, 16), 'aes-256-ecb', $aes_key, 3, '')
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.