PHP 提供了 MCrypt 库来使用双向加密。最大的问题是在哪里存储密钥,但这是另一个问题。您可以提供的最佳保护是,您根本不存储密钥(用于加密),并让用户在每次使用您的服务时输入密钥。缺点是,以这种方式无法实现忘记密码功能。
注意不要使用 ECB 模式进行加密,相同的密码总是会产生相同的密文,而是使用具有随机 IV 向量的另一种模式。由于 PHP 手册中有使用 ECB 模式的示例,因此我添加了一个小示例,该示例使用 IV 向量并将其存储在结果中。
/**
* Encrypts data with the TWOFISH algorithm. The IV vector will be
* included in the resulting binary string.
* @param string $data Data to encrypt. Trailing \0 characters will get lost.
* @param string $key This key will be used to encrypt the data. The key
* will be hashed to a binary representation before it is used.
* @return string Returns the encrypted data in form of a binary string.
*/
function encryptTwofish($data, $key)
{
if (!defined('MCRYPT_DEV_URANDOM')) throw new Exception('The MCRYPT_DEV_URANDOM source is required (PHP 5.3).');
if (!defined('MCRYPT_TWOFISH')) throw new Exception('The MCRYPT_TWOFISH algorithm is required (PHP 5.3).');
// The cbc mode is preferable over the ecb mode
$td = mcrypt_module_open(MCRYPT_TWOFISH, '', MCRYPT_MODE_CBC, '');
// Twofish accepts a key of 32 bytes. Because usually longer strings
// with only readable characters are passed, we build a binary string.
$binaryKey = hash('sha256', $key, true);
// Create initialization vector of 16 bytes
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_URANDOM);
mcrypt_generic_init($td, $binaryKey, $iv);
$encryptedData = mcrypt_generic($td, $data);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
// Combine iv and encrypted text
return $iv . $encryptedData;
}
/**
* Decrypts data, formerly encrypted with @see encryptTwofish.
* @param string $encryptedData Binary string with encrypted data.
* @param string $key This key will be used to decrypt the data.
* @return string Returns the original decrypted data.
*/
function decryptTwofish($encryptedData, $key)
{
if (!defined('MCRYPT_TWOFISH')) throw new Exception('The MCRYPT_TWOFISH algorithm is required (PHP 5.3).');
$td = mcrypt_module_open(MCRYPT_TWOFISH, '', MCRYPT_MODE_CBC, '');
// Extract initialization vector from encrypted data
$ivSize = mcrypt_enc_get_iv_size($td);
$iv = substr($encryptedData, 0, $ivSize);
$encryptedData = substr($encryptedData, $ivSize);
$binaryKey = hash('sha256', $key, true);
mcrypt_generic_init($td, $binaryKey, $iv);
$decryptedData = mdecrypt_generic($td, $encryptedData);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
// Original data was padded with 0-characters to block-size
return rtrim($decryptedData, "\0");
}