使用AES算法在Php中加密图像

Question

我在尝试使用AES 128位上传时对图像进行加密，但是文本被加密和解密了，但是在上传之前我没有得到如何加密图像的信息。 以下是我正在使用的AES的代码：

码：

<?php
/**
Aes encryption
*/
class AES {

  const M_CBC = 'cbc';
  const M_CFB = 'cfb';
  const M_ECB = 'ecb';
  const M_NOFB = 'nofb';
  const M_OFB = 'ofb';
  const M_STREAM = 'stream';

  protected $key;
  protected $cipher;
  protected $data;
  protected $mode;
  protected $IV;
/**
* 
* @param type $data
* @param type $key
* @param type $blockSize
* @param type $mode
*/
  function __construct($data = null, $key = null, $blockSize = null, $mode = null) {
    $this->setData($data);
    $this->setKey($key);
    $this->setBlockSize($blockSize);
    $this->setMode($mode);
    $this->setIV("");
  }

/**
* 
* @param type $data
*/
  public function setData($data) {
    $this->data = $data;
  }

/**
* 
* @param type $key
*/
  public function setKey($key) {
    $this->key = $key;
  }

/**
* 
* @param type $blockSize
*/
  public function setBlockSize($blockSize) {
    switch ($blockSize) {
      case 128:
      $this->cipher = MCRYPT_RIJNDAEL_128;
      break;

      case 192:
      $this->cipher = MCRYPT_RIJNDAEL_192;
      break;

      case 256:
      $this->cipher = MCRYPT_RIJNDAEL_256;
      break;
    }
  }

/**
* 
* @param type $mode
*/
  public function setMode($mode) {
    switch ($mode) {
      case AES::M_CBC:
      $this->mode = MCRYPT_MODE_CBC;
      break;
      case AES::M_CFB:
      $this->mode = MCRYPT_MODE_CFB;
      break;
      case AES::M_ECB:
      $this->mode = MCRYPT_MODE_ECB;
      break;
      case AES::M_NOFB:
      $this->mode = MCRYPT_MODE_NOFB;
      break;
      case AES::M_OFB:
      $this->mode = MCRYPT_MODE_OFB;
      break;
      case AES::M_STREAM:
      $this->mode = MCRYPT_MODE_STREAM;
      break;
      default:
      $this->mode = MCRYPT_MODE_ECB;
      break;
    }
  }

/**
* 
* 
* @return boolean
*/
  public function validateParams() {
    if ($this->data != null &&
        $this->key != null &&
        $this->cipher != null) {
      return true;
    } else {
      return FALSE;
    }
  }

  public function setIV($IV) {
        $this->IV = $IV;
    }
  protected function getIV() {
      if ($this->IV == "") {
        $this->IV = mcrypt_create_iv(mcrypt_get_iv_size($this->cipher, $this->mode), MCRYPT_RAND);
      }
      return $this->IV;
  }

/**
* @return type
* @throws Exception
*/
  public function encrypt() {

    if ($this->validateParams()) {
      return trim(base64_encode(
        mcrypt_encrypt(
          $this->cipher, $this->key, $this->data, $this->mode, $this->getIV())));
    } else {
      throw new Exception('Invlid params!');
    }
  }
/**
* 
* @return type
* @throws Exception
*/
  public function decrypt() {
    if ($this->validateParams()) {
      return trim(mcrypt_decrypt(
        $this->cipher, $this->key, base64_decode($this->data), $this->mode, $this->getIV()));
    } else {
      throw new Exception('Invlid params!');
    }
  }

}
?>

<?php
include 'enc.php';


if(isset($_POST['submit']))
{
    $blockSize = 128;
    $inputKey = "My text to encrypt";



$allowedExts = array("jpg", "jpeg", "gif", "png", "mp3", "mp4", "wma");
$fileName = $_FILES['file']['name'];
$extension = substr($fileName, strrpos($fileName, '.') + 1); // getting the info about the image to get its extension

if(in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
     echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
    }
  else
    {
    $aes = new AES($_FILES["file"]["tmp_name"], $inputKey, $blockSize);
    $enc = $aes->encrypt();
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";

    if (file_exists("upload/" . $_FILES["file"]["name"]))
      {
        echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
       move_uploaded_file($_FILES["file"]["tmp_name"],"upload/" . $enc."jpg");
      echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
      }
    }
  }
else
  {
  echo "Invalid file";
  }
}
?>
<form method="post"  enctype="multipart/form-data" >

<label for="file"><span>Filename:</span></label>

<input type="file" name="file" id="file" /> 

<br />
<input type="submit" name="submit" value="Submit" />
</form>

Answer 1

问题在于您不加密图像，而仅加密文件名。 因此，您需要从临时文件中读取文件内容，对内容进行加密，然后将内容写入目标文件。 临时文件随后被删除。

if (file_exists("upload/" . $_FILES["file"]["name"]))
  {
    echo $_FILES["file"]["name"] . " already exists. ";
  }
else
  {
    $fileData = file_get_contents($_FILES["file"]["tmp_name"]);
    $aes = new AES($fileData, $inputKey, $blockSize);
    $encData = $aes->encrypt();
    file_put_contents("upload/" . $_FILES["file"]["name"] . "jpg", $encData);
    unlink($_FILES["file"]["tmp_name"]);
    echo "Stored in: " . "upload/" . $_FILES["file"]["name"] . "jpg";
  }

笔记：

• 加密的文件是Base64编码的，可能不是您想要的，但是由于您使用的是AES实现，因此会始终执行此操作。
• 未加密的文件通过网络发送（当您不使用SSL / TLS时），并且以未加密的形式将其短期存储在temp文件夹中。