如何創建將 JSON 數據加密/加密為 AES-128-CBC 算法的函數？

Question

你能幫我解決我的問題嗎？ 我在 AES-128-CBC 加密中找不到任何好的示例或教程 AES 意味着高級加密標准，我是新手。 我有一個 JSON 格式的數據。 我需要做的就是為我的表單數據創建一個加密和解密函數。 使用 AES-128-CBC 算法。 知道怎么做嗎？ 或者示例或任何可以幫助我解決問題的鏈接？ 提前致謝。 :) 順便說一下，我在這個鏈接中有一個參考，但我不知道我的數據是否在 AES-128-CBC 算法中加密。 http://www.php.net/manual/en/function.mcrypt-encrypt.php代碼如下：

<?php
    # --- ENCRYPTION ---

    # the key should be random binary, use scrypt, bcrypt or PBKDF2 to
    # convert a string into a key
    # key is specified using hexadecimal
    $key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");

    # show key size use either 16, 24 or 32 byte keys for AES-128, 192
    # and 256 respectively
    $key_size =  strlen($key);
    echo "Key size: " . $key_size . "\n";

    $plaintext = "This string was AES-256 / CBC / ZeroBytePadding encrypted.";

    # create a random IV to use with CBC encoding
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

    # creates a cipher text compatible with AES (Rijndael block size = 128)
    # to keep the text confidential 
    # only suitable for encoded input that never ends with value 00h
    # (because of default zero padding)
    $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,
                                 $plaintext, MCRYPT_MODE_CBC, $iv);

    # prepend the IV for it to be available for decryption
    $ciphertext = $iv . $ciphertext;

    # encode the resulting cipher text so it can be represented by a string
    $ciphertext_base64 = base64_encode($ciphertext);

    echo  $ciphertext_base64 . "\n";

    # === WARNING ===

    # Resulting cipher text has no integrity or authenticity added
    # and is not protected against padding oracle attacks.

    # --- DECRYPTION ---

    $ciphertext_dec = base64_decode($ciphertext_base64);

    # retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
    $iv_dec = substr($ciphertext_dec, 0, $iv_size);

    # retrieves the cipher text (everything except the $iv_size in the front)
    $ciphertext_dec = substr($ciphertext_dec, $iv_size);

    # may remove 00h valued characters from end of plain text
    $plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,
                                    $ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);

    echo  $plaintext_dec . "\n";
?>

輸出是

Key size: 32
ENJW8mS2KaJoNB5E5CoSAAu0xARgsR1bdzFWpEn+poYw45q+73az5kYi4j+0haevext1dGrcW8Qi59txfCBV8BBj3bzRP3dFCp3CPQSJ8eU=
This string was AES-256 / CBC / ZeroBytePadding encrypted.

但在 AES-256 CBC 中。 如何以 AES 128 CBC 格式創建加密？

Answer 1

您可能不想在實踐中使用 CBC 模式。

相反，一個經過充分研究的 PHP 加密庫（最好是不使用 mcrypt 的庫），結合 JSON 函數，應該可以完全解決您的問題。

最簡單的是defuse/php-encryption ：

<?php
use Defuse\Crypto\Crypto;
use Defuse\Crypto\Key;

/**
 * @param array|object $encrypted
 * @param Key $key
 * @return string
 */
function encryptJson($arrayOrObject, Key $key)
{
    $encoded = json_encode($arrayOrObject);
    return Crypto::encrypt($encoded, $key);
}

/**
 * @param string $encrypted
 * @param Key $key
 * @param bool $assoc
 * @return array|object
 */
function decryptJson($encrypted, Key $key, $assoc = false)
{
    $decrypted = Crypto::decrypt($encrypted, $key);
    return json_encode($decrypted, $assoc);
}