首页 > 程序 > php5/7 AES/CBC/PKCS7Padding加密的实现

作者:ghostry 发布时间:2020-10-30 浏览: 2719

转载注明出处: https://blog.1ge.fun/program/1012.html

PHP需要安装mcrypt扩展

说明

加密模式采用AES/CBC/PKCS7Padding

注意:加密后的字节码使用Base64转换成字符串

  • 加密模式: CBC
  • 填充模式: PKCS7Padding
  • 加密密钥: 用户密钥 SHA256 的32 bytes
  • AES IV : 加密密钥的前 16 bytes
  • Base 64: Base64.DEFAULT

加密过程:

加密:padding->CBC加密->base64编码

解密:base64解码->CBC解密->unpadding

AES加密结果基准测试:

用户密钥:

909ed2d5fcf907c79fb9aa341a98febb65291c39

明文:

AABBCC测试数据

密文:

noMrTUS2A0YTcYaaPQSy9peqF6Mv/faMkI4yYHDvKjw=

实现代码

<?php

class AesCrypter {

    private $key = 'php1234567890';
    private $iv;

    public function __construct($key = '') {
        if (!empty($key)) {
            $this->key = $key;
        }
        $this->key = hash('sha256', $this->key, true);
        $this->iv = substr($this->key, 0, 16);
    }

    public function encrypt($input) {
        if (substr(PHP_VERSION, 0, 1) == '7') {
            return $this->opensslEncrypt($input);
        } else {
            return $this->mcryptEncrypt($input);
        }

    }
    public function decrypt($input) {
        if (substr(PHP_VERSION, 0, 1) == '7') {
            return $this->opensslDecrypt($input);
        } else {
            return $this->mcryptDecrypt($input);
        }

    }
    /**
     * [encrypt description]
     * 使用mcrypt库进行加密
     * @param  [type] $orig_data
     * @return [type]
     */
    public function mcryptEncrypt($orig_data) {
        $encrypter = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '',
            MCRYPT_MODE_CBC, '');
        $orig_data = $this->pkcs7padding(
            $orig_data, mcrypt_enc_get_block_size($encrypter)
        );
        mcrypt_generic_init($encrypter, $this->key, $this->iv);
        $ciphertext = mcrypt_generic($encrypter, $orig_data);
        mcrypt_generic_deinit($encrypter);
        mcrypt_module_close($encrypter);
        return base64_encode($ciphertext);
    }

    /**
     * [decrypt description]
     * 使用mcrypt库进行解密
     * @param  [type] $ciphertext
     * @return [type]
     */
    public function mcryptDecrypt($ciphertext) {
        $encrypter = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '',
            MCRYPT_MODE_CBC, '');
        $ciphertext = base64_decode($ciphertext);
        mcrypt_generic_init($encrypter, $this->key, $this->iv);
        $orig_data = mdecrypt_generic($encrypter, $ciphertext);
        mcrypt_generic_deinit($encrypter);
        mcrypt_module_close($encrypter);
        return $this->pkcs7unPadding($orig_data);
    }

    public function pkcs7padding($data, $blocksize) {
        $padding = $blocksize - strlen($data) % $blocksize;
        $padding_text = str_repeat(chr($padding), $padding);
        return $data . $padding_text;
    }

    public function pkcs7unPadding($data) {
        $length = strlen($data);
        $unpadding = ord($data[$length - 1]);
        return substr($data, 0, $length - $unpadding);
    }

    /**
     * [opensslDecrypt description]
     * 使用openssl库进行加密
     * @param  [type] $sStr
     * @return [type]
     */
    public function opensslEncrypt($sStr) {
        $str = base64_encode(openssl_encrypt($sStr, 'AES-256-CBC', $this->key, 1, $this->iv));
        return $str;
    }
    /**
     * [opensslDecrypt description]
     * 使用openssl库进行解密
     * @param  [type] $sStr
     * @return [type]
     */
    public function opensslDecrypt($sStr) {
        $str = openssl_decrypt(base64_decode($sStr), 'AES-256-CBC', $this->key, 1, $this->iv);
        return $str;
    }
}

测试代码

$test = new AesCrypter("909ed2d5fcf907c79fb9aa341a98febb65291c39");
echo $test->encrypt("AABBCC测试数据") . "\n";
echo $test->decrypt("noMrTUS2A0YTcYaaPQSy9peqF6Mv/faMkI4yYHDvKjw=") . "\n";

标签: none

上一篇: 如何简单快速安装archlinux
下一篇: 从ubuntu迁移到popOS

添加新评论 »

*
*

欢迎评论!歡迎評論!Comments welcome!komentoj bonvenaj!댓글 오신 것을 환영합니다!
:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: :cold: :cryy: :cute: :shy: :sleep: :struggle: :tea: :yahou: