从 mcrypt_decrypt 到 openssl_decrypt [英] From mcrypt_decrypt to openssl_decrypt
问题描述
我有一个问题,我想用 open_ssl 解密替换对 mcrypt 的函数调用.但输出是混合的:
I have a question, I want to replace a function call to mcrypt with open_ssl decrypt. but the output is mingled:
这是 mcrypt 实现(效果很好):
This is the mcrypt implementation (which works great):
$decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,
substr(sha1($this->secretKey), 0, 32),
base64_decode($encrypted),
MCRYPT_MODE_CBC,
base64_decode($iv)), "\0..\32");
var_dump($decrypted);
我把它翻译成:
var_dump(
trim(
openssl_decrypt(
$encrypted,
'AES-256-CBC',
substr(sha1($this->secretKey), 0, 32),
OPENSSL_ZERO_PADDING, $iv)
),"\0..\32");
,
但会导致错误:
openssl_decrypt(): 传递的 IV 是 24 字节长,比所选密码预期为 16,正在截断
openssl_decrypt(): IV passed is 24 bytes long which is longer than the 16 expected by selected cipher, truncating
混合输出:
'm%?xljj>|lgSke":"2017-05-19T05:48:37-07:00","收据":
'm%xlj j>|lgSke":"2017-05-19T05:48:37-07:00","receipt":
第一个键值对被混合.
有什么建议或我可能错过的任何选项吗?
Anyone suggestions or any option I might have missed?
谢谢!
推荐答案
$data
可以是如描述所说的 raw 或 base64.如果未设置 $option
(即,如果此参数中传递的值为 0),则数据将被假定为 base64 编码.如果设置了参数OPENSSL_RAW_DATA
,将被理解为行数据.
$data
can be as the description says raw or base64. If no $option
is set (this is, if value of 0 is passed in this parameter), data will be assumed to be base64 encoded. If parameter OPENSSL_RAW_DATA
is set, it will be understood as row data.
$iv
和 $password
一样,是一个字节串.它的长度取决于所使用的算法.生成 $iv
的最佳方法可能是:
$iv
is as in the case of $password
, a String of bytes. Its length depends on the algorithm used. May be the best way to generate an $iv
is by:
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('your algorithm'));
// for example you algorithm = 'AES-256-CTR'
更多信息:https://www.php.net/manual/en/function.openssl-decrypt.php
这篇关于从 mcrypt_decrypt 到 openssl_decrypt的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!