如何在PHP中解密由SQL Server的EncryptByPassPhrase()加密的字符串?
[英]How to decrypt a string encrypted by SQL Server's EncryptByPassPhrase() in PHP?
問題描述
我有一個加密的字符串及其密鑰,它是使用“EncryptByPassPhrase”用SQL Server創建的,我如何在PHP中解密它?
我已經閱讀了“EncryptByPassPhrase”的文檔,該文檔指出這是128長度的Triple DES加密。 我試過PHP的3DES解密,但它沒有返回預期的輸出。
MS SQL中的加密完成
declare @encrypt varbinary(200)
select @encrypt = EncryptByPassPhrase('key', 'taskseq=10000&amt=200.5' )
select @encrypt
我在PHP中解密它如下:
function decryptECB($encrypted, $key) {
$iv_size = mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
// decrypting
$stringText = mcrypt_decrypt(MCRYPT_3DES, $key, $encrypted,
MCRYPT_MODE_ECB, $iv);
return $stringText;
}
3 個解決方案
解決方案1
1 已采納 2019-05-01 01:27:10
我冒昧地將這個Stack Overflow的答案翻譯成PHP。
這是結果:
<?php
// SQL Server's DecryptByPassphrase translated into PHP.
function decrypt(string $data, string $password): ?string {
// SQL Server <2017 uses SHA1 for the key and the DES-EDE-CBC crypto algorithm
// whereas SQL Server >= 2017 uses SHA256 and AES-256-CBC.
// Version 1 is the SHA1 + DES-EDE-CBC version, Version 2 is the AES-256-CBC version.
// Version is stored in the first four bytes as a little endian int32.
$version_bytes = substr($data, 0, 4);
$version = unpack('V', $version_bytes)[1];
// Password must be converted to the UTF-16LE encoding.
$passwordUtf16 = mb_convert_encoding($password, 'UTF-16LE');
if ($version === 1) {
// Key is hashed using SHA1, The first 16 bytes of the hash are used.
$key = substr(hash('sha1', $passwordUtf16, true), 0, 16);
$method = 'des-ede-cbc';
$options = OPENSSL_RAW_DATA;
$iv = substr($data, 4, 8); // initialization vector of 8 bytes
$encrypted_data = substr($data, 12); // actual encrypted data
} else if ($version === 2) {
// Key is hashed using sha256. Key length is always 32 bytes.
$key = hash('sha256', $passwordUtf16, true);
$method = 'aes-256-cbc';
$options = OPENSSL_RAW_DATA;
$iv = substr($data, 4, 16); // iv of 16 bytes
$encrypted_data = substr($data, 20);
} else {
throw new \InvalidArgumentException('Invalid version');
}
$decrypted = openssl_decrypt($encrypted_data, $method, $key, $options, $iv);
if ($decrypted === false) {
return null;
}
// First 8 bytes contain the magic number 0xbaadf00d and the length
// of the decrypted data
$decrypted = substr($decrypted, 8);
// UTF-16 encoding should be converted to UTF-8. Note that
// there might be a better way to accomplish this.
$isUtf16 = strpos($decrypted, 0) !== false;
if ($isUtf16) {
return mb_convert_encoding($decrypted, 'UTF-8', 'UTF-16LE');
}
return $decrypted;
}
// A version 1 encrypted string. Taken directly from the Stack Overflow answer linked above
$s = '010000007854E155CEE338D5E34808BA95367D506B97C63FB5114DD4CE687FE457C1B5D5';
$password = 'banana';
$bin = hex2bin($s);
$d = decrypt($bin, $password);
var_dump($d); // string(6) "turkey"
// A version 2 encrypted string. Taken directly from the Stack Overflow answer linked above
$s = '02000000266AD4F387FA9474E825B013B0232E73A398A5F72B79BC90D63BD1E45AE3AA5518828D187125BECC285D55FA7CAFED61';
$password = 'Radames';
$bin = hex2bin($s);
$d = decrypt($bin, $password);
var_dump($d); // string(16) "LetTheSunShining"
旁注: mcrypt已被棄用十多年了。
解決方案2
0 2019-04-22 15:25:13
解決方案3
0 2019-04-23 00:13:54
EncryptByPassPhrase()使用的專有格式似乎沒有現成的文檔。 解密的最佳選擇是DecryptByPassPhrase() 。
此專有格式的目的是在應用程序的數據庫層中使用 - 而不是跨應用程序/網絡/語言。
如果你使用這種格式(我建議不要這樣),你需要獲得這種格式的規范,包括使用什么樣的鍵偏差函數將密碼轉換成實際的加密密鑰等。
如果您有此規范,則必須自行實現。
如何使用 PHP 解密在 javascript 中的 CryptoJS 中加密的字符串
[英]How to decrypt with PHP a string that is encrypted in CryptoJS in javascript
如何在用 crypt 加密的 PHP 中解密密碼字符串?
[英]How can I decrypt password string in PHP which was encrypted with crypt?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.