openssl_encrypt返回空字符串 [英] openssl_encrypt returning empty string

问题描述

我正在尝试在服务器上创建UUID，并且由于某些原因 openssl_enrypt 正在初始化一个空字符串。如果返回的是false，这将是一次不同的对话，但是不是，返回的是一个字符串，只是一个空的字符串。

I am trying to create a UUID on my server, and for some reason openssl_enrypt is initializing an empty string. This would be a different conversation if it was returning false, but it's not, it's returning a string, just one that's empty.

这是我所有的代码用于构建我想要的加密字符串：

Here is all of my code I'm using to build the encrypted string I want:

$key = hash_hmac("sha512", "You can decrypt this all day long, won't get you closer to the truth", "myKey");
$iv = openssl_random_pseudo_bytes(16);
$adminVal = filter_var($userData['is_admin'], FILTER_VALIDATE_BOOLEAN);
$userName = $userData["name"];
$dataEncrypt = $adminVal.$userName;
$encrypted = openssl_encrypt($dataEncrypt, "AES-256-XTS", $key, 0, $iv);

我有 var_dumped $ key ， $ iv 和 $ dataEncrypt ，它们都返回正确的值。

I have var_dumped $key, $iv, and $dataEncrypt and they all return correct values.

推荐答案

@ Fred-ii-绝对正确，谢谢！我不敢相信我没有看到...我想给你答案！

@Fred-ii- You're absolutely right, thank you! I can't believe I didn't see that...I would love to give you the answer!

根据要求：

这似乎是您使用的 AES-256-XTS 方法。例如，如果将其更改为 aes128 或 AES-128-CBC ，则会看到结果。查阅文档 http://php.net/manual/en/function.openssl -encrypt.php -手册中未列出 AES-256-XTS 。

It seems to be the method you're using AES-256-XTS. If you change that to aes128 or AES-128-CBC for example, you'll see a result. Consult the documentation http://php.net/manual/en/function.openssl-encrypt.php - There is no AES-256-XTS listed in the manual.

编辑：我从以前的编辑中删除了错误报告，我将对此进行进一步调查，以弄清为什么最终产生空结果。

I removed the bug report from a previous edit which I will investigate this further as to why this ended up producing an empty result.

由于（密码）方法确实（实际上）在运行 var_dump（openssl_get_cipher_methods（））时存在； ，它也可能取决于openssl ；

Since the (cipher) method does (in fact) exist when running a var_dump(openssl_get_cipher_methods());, it may also depend on openssl; as pulled/taken from a comment left in the bug report.

我将更新我的答案，如果/一旦我希望能得到结果/关于为什么OP和我自己的测试为空并从OP获得更多信息的解释。

已编辑：

经过更多研究后，我偶然发现了此链接，代码使用 AES-256-XTS密码方法开箱即用 （请注意；请参阅源脚本结尾处的注释行注释）。

After doing more research, I stumbled upon this link and that code worked "right out of the box" using the "AES-256-XTS" cipher method (note; consult the commented line note in the source script near the end).

在查看该代码并将其与OP进行比较时，我注意到需要对数据/消息进行加密。

In looking at that code and comparing it with the OP, I noticed that it was the data/message that required to be encrypted.

• 消息被散列为作为关键字，从而使字符串为空。仅对密钥进行哈希处理，而不对密钥和数据/消息进行哈希处理，因为您正尝试使用消息和密钥作为密钥 来加密现有的哈希方法。

• The message was hashed "as the key" which in turn made the string empty. Only hash the key and not both key and data/message, as you were trying to encrypt both an existing hashing method with the message and key "as the key".

生成的脚本如下：

边注：下面的注释行也可用于它们各自的部分；

Sidenote: The commented lines just below, also work with their respective parts; just don't use both at the same time.

$plaintext = 'The secret message in plain text';
$password = '3sc3RLrpd17';
$key = substr(hash('sha256', $password, true), 0, 32);

$iv = openssl_random_pseudo_bytes(16);
$method = "aes-256-xts";
$userName = "JOHN";
$encrypted = base64_encode(openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv));
// $encrypted = openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv);

    echo "<br>";
    var_dump($iv);
    echo "<br>";
    var_dump($userName);
    echo "<br>";
    var_dump($encrypted);
    echo "<hr>";

$decrypted = openssl_decrypt(base64_decode($encrypted), $method, $key, OPENSSL_RAW_DATA, $iv);
// $decrypted = openssl_decrypt($encrypted, $method, $key, OPENSSL_RAW_DATA, $iv);
    echo 'decrypted to: ' . $decrypted . "\n\n";

特别说明：在选择杰伊·布兰查德（Jay Blanchard）的大脑和测试；

Special note: I also had some help in picking Jay Blanchard's brain and testing; two heads are often better than one, so Jay deserves credit for this also.

注意：不止一个消息来源指出（ AES-256-XTS）适合于文件系统/磁盘加密。您可能会说 AES-256-XTS和AES-128-XTS方法真正用于文件系统加密，因此不适合于文本。

NOTE: More than one source indicates it ("AES-256-XTS") is for file systems / disk encryption. You could say "AES-256-XTS and AES-128-XTS" methods really intended for file system encryption and therefore are not suitable for text.

从此链接：

<?php

$plaintext = 'My secret message 1234';
$password = '3sc3RLrpd17';
$method = 'aes-256-cbc'; // I replaced aes-256-cbc with aes-256-xts during testing

// Must be exact 32 chars (256 bit)
$password = substr(hash('sha256', $password, true), 0, 32);
echo "Password:" . $password . "\n";

// IV must be exact 16 chars (128 bit)
$iv = chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0);

// av3DYGLkwBsErphcyYp+imUW4QKs19hUnFyyYcXwURU=
$encrypted = base64_encode(openssl_encrypt($plaintext, $method, $password, OPENSSL_RAW_DATA, $iv));

// My secret message 1234
$decrypted = openssl_decrypt(base64_decode($encrypted), $method, $password, OPENSSL_RAW_DATA, $iv);

echo 'plaintext=' . $plaintext . "\n";
echo 'cipher=' . $method . "\n";
echo 'encrypted to: ' . $encrypted . "\n";
echo 'decrypted to: ' . $decrypted . "\n\n";

这篇关于openssl_encrypt返回空字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！