dqe9657 2015-11-23 05:07
浏览 61
已采纳

加密不适用于> 5.6.0

I've created my own encryption class, using mcrypt_encrypt is working fine but mcrypt_decrypt is not working as expected. So here's the following code

error_reporting(1);
ini_set('display_errors', 1);

class Encryption {

    private $key = "myKeyIs";
    protected $iv_size;
    protected $iv;

    public function __construct(){
        $this->iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
        $this->iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    }

    public function encryptData($input) {
        $input = $input;
        $output = $this->encrypt($input);
        return $output;
    }

    public function decryptData($input) {
        $input = base64_decode($input);
        $output = $this->decrypt($input);
        return $output;
    }

    public function decrypt($string) {
        $string = base64_decode($string);
        # retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
        $iv_dec = substr($string, 0, $this->iv_size);

        # retrieves the cipher text (everything except the $iv_size in the front)
        $string = substr($string, $this->iv_size);

        # may remove 00h valued characters from end of plain text
        $output = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->key,
                                        $string, MCRYPT_MODE_CBC, $iv_dec);
        return $output;
    }

    public function encrypt($string) {

        $output = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $this->key,
                                 $string, MCRYPT_MODE_CBC, $this->iv);

        # prepend the IV for it to be available for decryption
        $output = $this->iv . $output;

        # encode the resulting cipher text so it can be represented by a string
        $output = base64_encode($output);

        return $output;
    }

}

$test = new Encryption();
$encrypted  = $test->encryptData("Vicky");
echo $encrypted."
";
echo $test->decryptData($encrypted);

Output

hCaIoMokbIjLlnFnlrS3Iw==
�M����+�=�l�

Now the questions are

  1. Why its not decrypting as expected?
  2. Why its not outputting any text above PHP versions 5.6.0. You can check over here for the version output.
  • 写回答

1条回答 默认 最新

  • dongtuoji5396 2015-11-23 06:27
    关注

    I've identified some bugs and its working well in PHP versions above 5.3.29

    <?php

error_reporting(E_ALL);
ini_set('display_errors', 1);

class Encryption {

    private $key;
    protected $iv_size;
    protected $iv;

    public function __construct() {
        # --- ENCRYPTION ---
        # the key should be random binary, use scrypt, bcrypt or PBKDF2 to
        # convert a string into a key
        # key is specified using hexadecimal
        $this->key = pack("H*", "myKeyIsGreaterth2nanndbestofall04nkdsdffsd546754sdfvsdg6efflsdfs");
        # create a random IV to use with CBC encoding
        $this->iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
        $this->iv = mcrypt_create_iv($this->iv_size, MCRYPT_RAND);
    }

    public function encryptData($input) {
        $output = $this->encrypt($input);
        return $output;
    }

    public function decryptData($input) {
        $input = base64_decode($input);
        $output = $this->decrypt($input);
        return $output;
    }

    protected function decrypt($string) {

        # retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
        $iv_dec = substr($string, 0, $this->iv_size);

        # retrieves the cipher text (everything except the $iv_size in the front)
        $string = substr($string, $this->iv_size);

        # may remove 00h valued characters from end of plain text
        $output = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->key, $string, MCRYPT_MODE_CBC, $iv_dec);

        return $output;
    }

    protected function encrypt($string) {
        # creates a cipher text compatible with AES (Rijndael block size = 128)
        # to keep the text confidential 
        # only suitable for encoded input that never ends with value 00h
        # (because of default zero padding)
        $output = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $this->key, $string, MCRYPT_MODE_CBC, $this->iv);

        # prepend the IV for it to be available for decryption
        $output = $this->iv . $output;

        # encode the resulting cipher text so it can be represented by a string
        $output = base64_encode($output);

        # === WARNING ===
        # Resulting cipher text has no integrity or authenticity added
        # and is not protected against padding oracle attacks.

        return $output;
    }

}

$test = new Encryption();
$encrypted = $test->encryptData("Vicky");
echo "This is encrypted text of a string Vicky  $encrypted 
";
echo "This is decrypted text ".$test->decryptData($encrypted);

    Update that I've done are as

    1. error_reporting(E_ALL); instead of error_reporting(1);
    2. Used pack function for key // If you don't want to use pack you can simply use key Size of 16, 24 or 32
    3. Update mcrypt_create_iv($iv_size, into mcrypt_create_iv($this->iv_size,
    4. Removed extra base64_decode($string); from decrypt function

    So its now ready to use just update your own key

    Demo

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 运筹学排序问题中的在线排序
  • ¥15 关于docker部署flink集成hadoop的yarn,请教个问题 flink启动yarn-session.sh连不上hadoop,这个整了好几天一直不行,求帮忙看一下怎么解决
  • ¥30 求一段fortran代码用IVF编译运行的结果
  • ¥15 深度学习根据CNN网络模型,搭建BP模型并训练MNIST数据集
  • ¥15 C++ 头文件/宏冲突问题解决
  • ¥15 用comsol模拟大气湍流通过底部加热(温度不同)的腔体
  • ¥50 安卓adb backup备份子用户应用数据失败
  • ¥20 有人能用聚类分析帮我分析一下文本内容嘛
  • ¥30 python代码,帮调试,帮帮忙吧
  • ¥15 #MATLAB仿真#车辆换道路径规划