mcrypt_decrypt PHP的正确用法 [英] mcrypt_decrypt PHP proper usage
问题描述
我认为我安装的PHP可能有问题.当我尝试这样做时,我会得到
I think my PHP intall might have problems. When I try to do this I get
警告:mcrypt_decrypt()[function.mcrypt-decrypt]:模块初始化失败
Warning: mcrypt_decrypt() [function.mcrypt-decrypt]: Module initialization failed
我正在编写一小段代码,它将使用模式ECB解密使用AES-128加密的以下字符串.
I am writing a small snippet of code that will decrypt the following string encrypted with AES-128 using mode ECB.
密钥(以base64编码):aXJhbmRvbXNlY3VyZWtleQ ==
Key (encoded in base64): aXJhbmRvbXNlY3VyZWtleQ==
加密的字符串>(以base64编码):3l6xiNdgRG + PkBw5M0lawvJ/fmuTZPRhEcbtqAmOpDI =
Encrypted string> (encoded in base64): 3l6xiNdgRG+PkBw5M0lawvJ/fmuTZPRhEcbtqAmOpDI=
我不断收到模块错误.
这是我尝试过的:
<?PHP
$retval = mcrypt_decrypt( "AES-128",
base64_decode( "aXJhbmRvbXNlY3VyZWtleQ=="),
base64_decode( "3l6xiNdgRG+PkBw5M0lawvJ/fmuTZPRhEcbtqAmOpDI") ,
"ECB");
echo $retval;
?>
这是我相关的phpinfo.我没有看到AES-128.也许那就是问题所在.
here is my relevant phpinfo. I dont see AES-128 . Maybe thats the problem.
mcrypt
mcrypt support enabled
Version 2.5.8
Api No 20021217
Supported ciphers cast-128 gost rijndael-128 twofish arcfour cast-256 loki97 rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes
Supported modes cbc cfb ctr ecb ncfb nofb ofb stream
推荐答案
您很亲密,有2个小问题.
You are close, there are 2 small problems.
首先,AES-128
不是来自mcrypt的有效密码常数. AES确实是您的支持. AES-128的 mcrypt密码常数为MCRYPT_RIJNDAEL_128
,即字符串rijndael-128
.其次,mcrypt模式必须为小写.
First, AES-128
is not a valid cipher constant from mcrypt. AES is really rijndael which you have support for. The mcrypt cipher constant for AES-128 is MCRYPT_RIJNDAEL_128
which is the string rijndael-128
. Second, the mcrypt mode must be lowercase.
将代码更改为:
<?php
$retval = mcrypt_decrypt( "rijndael-128",
base64_decode( "aXJhbmRvbXNlY3VyZWtleQ=="),
base64_decode( "3l6xiNdgRG+PkBw5M0lawvJ/fmuTZPRhEcbtqAmOpDI") ,
"ecb");
echo $retval;
产生正确的输出:Is 3 random enough?
我个人会使用mcrypt常量而不是实际的字符串,因此将rijndael-128
替换为MCRYPT_RIJNDAEL_128
,将ecb
替换为MCRYPT_MODE_ECB
.
Personally, I'd go with the mcrypt constants rather than the actual strings, so replace rijndael-128
with MCRYPT_RIJNDAEL_128
and ecb
with MCRYPT_MODE_ECB
.
另一方面,如果要加密大量敏感信息,请考虑使用IV而不是ECB的CBC.
On a side note, consider using CBC with an IV instead of ECB if you are encrypting lots of sensitive information.
Mcrypt可以轻松为您创建适当长度的IV.示例代码:
Mcrypt can easily create IVs for you with the proper lengths. Sample code:
$ivsize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($ivsize);
在加密和解密时使用此IV.您可以将IV和数据一起作为base64编码的字符串传递,以实现可移植性.
Use this IV when encrypting and decrypting. You can pass the IV along with your data as a base64 encoded string for portability.
这篇关于mcrypt_decrypt PHP的正确用法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!