PHP双向加密

I need to be able to encrypt and decrypt a variable, however I also need to know if the decryption was successful. In my code, when I change the $string variable before decryption to something else, I receive random characters.

function encrypt($string) {
    $key = 'password';
    $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key))));
    return $encrypted;
}
function decrypt($encrypted) {
    $key = 'password';
    $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encrypted), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
    return $decrypted;
}

$string = 'Hello world.';
if (encrypt($string)) {
    $string = encrypt($string);
    echo $string;
    echo '<br>';
}

if (decrypt($string)) {
    $string = decrypt($string);
    echo $string;
    echo '<br>';
}

Is it possible to detect failed decryption? Thanks.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dpnzf48660 2013-08-04 12:32
关注
The best way to detect tampering of the ciphertext is to add a MAC (message authentication code) over the ciphertext. This is a signature generated by a secret key. The key used for this should be different from the one used to perform the encryption. One way to do this is to use a KDF (key derivation function) over a master key to generate the two keys.

Alternatively it is possible to use an authenticated cipher such as GCM (Galois Counter Mode).

The authentication data generated by the MAC or by the authenticated cipher is called an authentication tag.

A reasonable implementation of what you are trying to achieve seems to be embedded in the Zend framework:

http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/

Don't forget to retrieve and store the salt together with the ciphertext (call getSalt() after encryption, use setSalt() during decryption). Note that the author confuses the word salt and IV often, which is not a good sign.

Disclaimer: I haven't read through the symmetric cipher code deployed by this component, and I haven't tested the code in any way.

本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

PHP双向加密 php
2013-08-04 12:17

回答 1 已采纳 The best way to detect tampering of the ciphertext is to add a MAC (message authentication code) o
php怎么对视频播放地址进行加密 javascript php
2020-09-04 15:33

回答 1 已采纳 https://blog.csdn.net/qincidong/article/details/82781699
PHP加密算法 php
2016-10-30 10:21

回答 1 已采纳 By using the & (bitwise and operator) I managed to get the output that I wanted. 0xd77 & 0xff = 0
PHP实现的AES双向加密解密功能示例【128位】
2020-10-18 02:41

主要介绍了PHP实现的AES双向加密解密功能,结合实例形式分析了基于AES算法的加密解密类定义与使用技巧,需要的朋友可以参考下
Php如何实现base64加密数据和java互通 java php
2020-03-20 21:45

回答 2 已采纳 ``` = 3) { for($i=0;$i_debug) { echo '$bin = ',decbin($bin),"\n";
PHP加密更大的文件 php
2017-06-16 21:14

回答 1 已采纳 I'm not sure what the issue is, but I do know a solution. First of all, you probably want to read
加密/解密数据php php
2016-12-28 17:36

回答 1 已采纳 The problem is this lines //for decrypt almost the same thing $password = $_POST['password'];
双向加密php,贴一对php双向加密函数
2021-04-16 14:40

IonQ_Inc的博客加密函数：输入参数字符串，返回机密字符串。Coding::tiriEncode(String)解密函数：输入上边函数的加密结果，反解到加密前字符串Coding::tiriDecode(String)特点：1.同一个输入，每次输出都不同，可以有若干个加密后...
PHP加密问题 php
2013-12-17 02:28

回答 3 已采纳 You should have a look at this answer to a similar question. the crypt() function requires that yo
简单的PHP加密程序 php
2015-03-17 14:31

回答 1 已采纳 This should work for you: <?php //^^^ good practice in lowercase $ConvertedLetter ="";
PHP8 实现 AES CBC PKCS5Padding 加密的问题 java php 同态加密
2022-11-01 00:02

回答 1 已采纳给你找了一篇非常好的博客，你可以看看是否有帮助，链接：AES/CBC/PKCS5Padding java与php加密类互通（亲测可用）
php自带双向加密解密函数,php 自带加密、解密函数
2021-04-29 05:07

Dr.Blue的博客 php 自带的加密函数不可逆的加密函数为：md5()、crypt() md5() 用来计算 MD5 哈稀。语法为：string md5(string str); crypt() 将字符串用 UNIX 的标准加密 DES 模块加密。这是单向的加密函数，无法解密。欲比对字符...
关于PHP和JAVA之间的AES加密互通问题 java php
2019-03-02 12:04

回答 2 已采纳可以试试下面这种AES加密解密方式看行不行 ``` class AES { /** * * @param string $string 需要加密的字符串
php 双向加密解密,一个双向加密解密法(php)
2021-04-23 22:26

weixin_39719078的博客基于进制转换的[@more@]//made by huyang @2005-01-20||11-04-06##用n进位制到m进位制##0~9A-Z，最多可理解为36进制范围print'加密解密法';class carry{function carry($n,$m){$this->n=$n;$this->m=$m;$this-...
php双向通信,RSA + AES 双向通信加密
2021-05-07 09:38

Adam-何荣的博客导入插件Vuex的modules模块里，初始化AES密匙，存做全局变量，例如我创建了 /store/modules/app.js 模块(对Vuex不甚明白的，看Vuex官方文档)import { ...const state = {publicKey: null, // RSA加密公匙ae...
没有解决我的问题, 去提问

悬赏问题

¥15 R语言Rstudio突然无法启动
¥15 关于#matlab#的问题：提取2个图像的变量作为另外一个图像像元的移动量，计算新的位置创建新的图像并提取第二个图像的变量到新的图像
¥15 改算法，照着压缩包里边，参考其他代码封装的格式写到main函数里
¥15 用windows做服务的同志有吗
¥60 求一个简单的网页(标签-安全|关键词-上传)
¥35 lstm时间序列共享单车预测，loss值优化，参数优化算法
¥15 Python中的request，如何使用ssr节点，通过代理requests网页。本人在泰国，需要用大陆ip才能玩网页游戏，合法合规。
¥100 为什么这个恒流源电路不能恒流？
¥15 有偿求跨组件数据流路径图
¥15 写一个方法checkPerson，入参实体类Person，出参布尔值

PHP双向加密

1条回答 默认 最新

悬赏问题

1条回答默认最新