[英]php decrypt string with MCRYPT_RIJNDAEL_256
<?php
function encrypt ($key,$iv,$str)
{
$block=mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$padding=$block-(strlen($str) % $block);
$str.=str_repeat(chr($padding), $padding);
$encryptxt=mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);
$encryptxt64=base64_encode($encryptxt);
return $encryptxt64;
}
function decrypt ($key,$iv,$str)
{
$block=mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$padding=$block-(strlen($str) % $block);
$str.=str_repeat(chr($padding), $padding);
$decryptxt=mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);
$decryptxt64=base64_decode($decryptxt);
return $decryptxt64;
}
echo encrypt("1234567890123456","12345678901234561234567890123456","test")."\n<br/>";
echo decrypt("1234567890123456","12345678901234561234567890123456","xHqKvRQ6FXehOGGMrKoek04146M2l9bv1ScP6C1qCyg=")."\n<br/>";
?>
我發現這種方式可以加密字符串,效果很好,但是當我嘗試解密字符串時,以上代碼無法正常工作。 解密輸出喜歡
S '= ɚ?
有人知道如何修復解密部分嗎?謝謝!
正如我在評論中所述,這就是你所擁有的
//encrypt
$encryptxt=mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);
$encryptxt64=base64_encode($encryptxt);
//decrypt
$decryptxt=mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);
$decryptxt64=base64_decode($decryptxt);
應該是FILO(后進先出)
這樣一來,您將解密crypto的輸出而不是 base64編碼的輸出,
像這樣:
$encryptxt=mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);
$encryptxt64=base64_encode($encryptxt);
//decrypt
$decryptxt64=base64_decode($str);
$decryptxt=mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$decryptxt64,MCRYPT_MODE_CBC,$iv);
請注意,MCRYPT_RIJNDAEL_256不是AES 256,因為您需要帶有32字節密鑰的MCRYPT_RIJNDAEL_128,因此在某些方面128更好,(128是較小的塊密碼)
我建議做的另一件事是在加密之前對輸入字符串進行md5哈希處理,然后將其添加到輸入字符串中。 這樣一來,當您解密它時,您可以減去前32個字符,然后使用它來檢查輸入。 基本上,您需要知道輸入字符串才能查看它是否已解密。 但是,通過對它進行散列然后進行類似的比較,您不再需要知道它即可檢查它是否有效。
所以大家在一起(還沒有測試過,但應該可以讓您接近)
function encrypt ($key,$iv,$str)
{
$block=mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$padding=$block-(strlen($str) % $block);
$str.=str_repeat(chr($padding), $padding);
///prepend a md5 hash of the plain text input before encrypting it ( so we can check it later )
$str = md5( $str ) . $str;
$encryptxt=mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);
$encryptxt64=base64_encode($encryptxt);
return $encryptxt64;
}
function decrypt ($key,$iv,$str)
{
$block=mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$padding=$block-(strlen($str) % $block);
$str.=str_repeat(chr($padding), $padding);
$decryptxt64=base64_decode($str);
$decryptxt=mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$decryptxt64,MCRYPT_MODE_CBC,$iv);
///Separate the md5 hash from the other text, and then hash the other text and compare to the hash we included when encrypting if they are = it all worked.
/// it is perfectly safe to use md5 here because it will be part of what we encrypt, and not accessible until it is decrypted.
///it's sole purpose is to give us 2 things we can compare to check that the decryption worked
$hash = substr( $decryptxt, 0, 32); //find first 32 characters (md5 output is always 32 characters long )
$decryptxt = substr($decryptxt, 33); //find everything after the fist 32
if( $hash != md5($decryptxt) ){
die( 'fail' ); /// or some other error
}
return $decryptxt64;
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.