在Coldfusion中加密,然后在PHP中解密 [英] Encrypting in Coldfusion and then decrypting in PHP
问题描述
在PHP加密时,我遇到了一个问题:
<?php
$ key =$ 224455 @;
$ Valor =TESTE;
$ base = chop(base64_encode(mcrypt_encrypt(MCRYPT_DES,$ key,$ Valor,MCRYPT_MODE_ECB)));
?>
我有结果:
TzwRx5Bxoa0 =
在Coldfusion中:
< cfset Valor =TESTE>
< cfset Key =$ 224455 @>
< cfset base = Encrypt(Valor,ToBase64(Key),DES / ECB / PKCS5Padding,BASE64)>
结果:
qOQnhdxiIKs =
ColdFusion与PHP产生的价值不同?
非常感谢
(评论太长)
问题是填充。 PHP的mcrypt扩展只使用
ZeroPadding [...]你需要在php [...]中填入明文或
在ColdFusion中使用不同的密码,例如DES / ECB / NoPadding 。 I
推荐前者,因为如果你使用NoPadding,明文必须
已经是块大小的倍数。
很遗憾,很难在CF中产生空字符。 AFAIK,唯一的技术是使用 URLDecode(%00)
。如果你不能修改PHP代码作为@Artjom B.建议,你可以尝试使用下面的功能填充CF中的文本。
由于CF encrypt()函数总是解释平面文字输入为UTF-8字符串,则还可以使用 charsetEncode(bytes, utf-8)以从单个元素字节数组创建空字符,即
charsetEncode(javacast(byte [],[0]),utf -8)
示例:
Valor = nullPad(TESTE,8);
Key =$ 224455 @;
result = Encrypt(Valor,ToBase64(Key),DES / ECB / NoPadding,BASE64);
//结果:TzwRx5Bxoa0 =
WriteDump(Encrypted Text =& Result);
功能:
/ *
将空字节的字符串填充到给定块大小的倍数
@param plainText - string to pad
@param blockSize - pad字符串,所以它是这个大小的倍数
@param encoding - 文本的字符集编码
* /
字符串函数nullPad(string plainText,numeric blockSize,string encoding =UTF-8)
{
local.newText = arguments.plainText;
local.bytes = charsetDecode(arguments.plainText,arguments.encoding);
local.remain = arrayLen(local.bytes)%arguments.blockSize;
if(local.remain neq 0)
{
local.padSize = arguments.blockSize - local.remain;
local.newText& = repeatString(urlDecode(%00),local.padSize);
}
return local.newText;
}
I have a problem reproducing the same result generated in PHP vs Coldfusion.
In PHP encrypting this way:
<?php
$key = "$224455@";
$Valor = "TESTE";
$base = chop(base64_encode(mcrypt_encrypt(MCRYPT_DES, $key, $Valor, MCRYPT_MODE_ECB)));
?>
I have the result:
TzwRx5Bxoa0=
In Coldfusion did so:
<cfset Valor = "TESTE">
<cfset Key = "$224455@">
<cfset base = Encrypt(Valor,ToBase64(Key),"DES/ECB/PKCS5Padding","BASE64")>
Result:
qOQnhdxiIKs=
What isn't ColdFusion yielding the same value as PHP?
Thank you very much
(Too long for comments)
Artjom B. already provided the answer above. Artjom B. wrote
The problem is the padding. The mcrypt extension of PHP only uses ZeroPadding [...] you either need to pad the plaintext in php [...] or use a different cipher in ColdFusion such as "DES/ECB/NoPadding". I recommend the former, because if you use NoPadding, the plaintext must already be a multiple of the block size.
Unfortunately, it is difficult to produce a null character in CF. AFAIK, the only technique that works is to use URLDecode("%00")
. If you cannot modify the PHP code as @Artjom B. suggested, you could try using the function below to pad the text in CF. Disclaimer: It is only lightly tested (CF10), but seemed to produce the same result as above.
Update:
Since the CF encrypt() function always interprets the plain text input as a UTF-8 string, you can also use charsetEncode(bytes, "utf-8") to create a null character from a single element byte array, ie charsetEncode( javacast("byte[]", [0] ), "utf-8")
Example:
Valor = nullPad("TESTE", 8);
Key = "$224455@";
result = Encrypt(Valor, ToBase64(Key), "DES/ECB/NoPadding", "BASE64");
// Result: TzwRx5Bxoa0=
WriteDump( "Encrypted Text = "& Result );
Function:
/*
Pads a string, with null bytes, to a multiple of the given block size
@param plainText - string to pad
@param blockSize - pad string so it is a multiple of this size
@param encoding - charset encoding of text
*/
string function nullPad( string plainText, numeric blockSize, string encoding="UTF-8")
{
local.newText = arguments.plainText;
local.bytes = charsetDecode(arguments.plainText, arguments.encoding);
local.remain = arrayLen( local.bytes ) % arguments.blockSize;
if (local.remain neq 0)
{
local.padSize = arguments.blockSize - local.remain;
local.newText &= repeatString( urlDecode("%00"), local.padSize );
}
return local.newText;
}
这篇关于在Coldfusion中加密,然后在PHP中解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!