2

我需要借助秘密静态密钥来解密加密的 POST 值字符串。

我看过 crypt() (但它只是单向的)和 Mcrypt,GnuPG,......但我对它们不满意。我认为它们对于我的简单问题来说太复杂了。我应该使用什么?我不需要 IV 形状或超级安全的算法。是否有任何我不知道的基本 PHP 函数?

我只需要像这样对用户隐藏图像路径: ImageJPEG(ImageCreateFromJPEG( decode($_REQUEST['encryptedImage'],'secret Key') ));

4

3 回答 3

4

更新(27/09/17):

由于mcrypt_encrypt自PHP 7.1.0起已弃用。我已经使用openssl添加了一个简单的加密/解密。

function encrypt($string, $key = 'PrivateKey', $secret = 'SecretKey', $method = 'AES-256-CBC') {
    // hash
    $key = hash('sha256', $key);
    // create iv - encrypt method AES-256-CBC expects 16 bytes
    $iv = substr(hash('sha256', $secret), 0, 16);
    // encrypt
    $output = openssl_encrypt($string, $method, $key, 0, $iv);
    // encode
    return base64_encode($output);
}

function decrypt($string, $key = 'PrivateKey', $secret = 'SecretKey', $method = 'AES-256-CBC') {
    // hash
    $key = hash('sha256', $key);
    // create iv - encrypt method AES-256-CBC expects 16 bytes
    $iv = substr(hash('sha256', $secret), 0, 16);
    // decode
    $string = base64_decode($string);
    // decrypt
    return openssl_decrypt($string, $method, $key, 0, $iv);
}

$str = 'Encrypt this text';
echo "Plain: " .$str. "\n";

// encrypt
$encrypted_str = encrypt($str);
echo "Encrypted: " .$encrypted_str. "\n";

// decrypt
$decrypted_str = decrypt($encrypted_str);
echo "Decrypted: " .$decrypted_str. "\n";

原答案:

再简单不过了:(PHP < 7.1.0):

<?php 
define('SECRET',md5('Some secret key'));

function encrypt($value){
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    return mcrypt_encrypt(MCRYPT_RIJNDAEL_256, SECRET, $value, MCRYPT_MODE_ECB, $iv);
}

function decrypt($value){
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, SECRET, $value, MCRYPT_MODE_ECB, $iv));
}

?>
于 2012-05-10T14:59:38.597 回答
0

您可以将内置函数包装起来,使它们更友好。就像mcrypt_cbc文档页面上的第二个用户帖子一样:

<?php
$stuff="String to enc/enc/dec/dec =,=,";
$key="XiTo74dOO09N48YeUmuvbL0E";

function nl() {
    echo "<br/> \n";
}
$iv = mcrypt_create_iv (mcrypt_get_block_size (MCRYPT_TripleDES, MCRYPT_MODE_CBC), MCRYPT_DEV_RANDOM);

// Encrypting
function encrypt($string, $key) {
    $enc = "";
    global $iv;
    $enc=mcrypt_cbc (MCRYPT_TripleDES, $key, $string, MCRYPT_ENCRYPT, $iv);

  return base64_encode($enc);
}

// Decrypting
function decrypt($string, $key) {
    $dec = "";
    $string = trim(base64_decode($string));
    global $iv;
    $dec = mcrypt_cbc (MCRYPT_TripleDES, $key, $string, MCRYPT_DECRYPT, $iv);
  return $dec;
}

$encrypted = encrypt($stuff, $key);
$decrypted = decrypt($encrypted, $key);

echo "Encrypted is ".$encrypted . nl();
echo "Decrypted is ".$decrypted . nl();
?>
于 2012-05-10T14:58:15.587 回答
0

这是我所知道的唯一基本的内置功能。

$string = "/path/img.jpg";

$scramble = str_rot13($string);

echo "<p>Scrambled: ".$scramble;

echo "<p>Unscrambled: ".str_rot13($scramble);
于 2012-05-10T15:07:11.837 回答