使用PHP mcrypt与Rijndael / AES [英] Using PHP mcrypt with Rijndael/AES

问题描述

我试图使用mcrypt从php和密码Rijndael加密一些文本消息，但我不知道MCRYPT_MODE_modename（根据PHP的手册这些是可用的ecb，cbc，cfb，ofb ，nofb或stream，但我读到实际上有几个）。我不知道每个人做什么或如何使用它们。

I am trying to encrypt some text messages using mcrypt from php and the cipher Rijndael, but I am not sure about the MCRYPT_MODE_modename (according to PHP's manual these are available "ecb", "cbc", "cfb", "ofb", "nofb" or "stream" but I read there are actually a few more). I have no idea what each one do or how to use them.

我读两个东西，ECB模式不应该使用，MCRYPT_RAND也不。他们没有解释为什么。对于ECB模式，我猜这是因为它总是为相同的纯文本生成相同的加密输出（也许这可以用于攻击），不知道MCRYPT_RAND（由@azz 这里）。

I read two things, that ECB mode should not be used and MCRYPT_RAND neither. They didn't explain why. For the ECB mode I guess it's because it always generate the same encrypted output for the same plain text (maybe this could be used for an attack), no idea about MCRYPT_RAND (mentioned by @azz here).

我的问题是，我应该使用mcrypt模式使用，这将是巨大的，看到一个php代码使用的例子，因为所有的例子，我发现使用ECB。我想加密的字符串将只包含ascii文本和不大于500个字符的可变长度。

My question is, what mcrypt mode should I use, and it would be great to see an example of php code using it because all the examples I found use ECB. The strings I am trying to encrypt will contain only ascii text, and variable length, not bigger than 500 chars.

推荐答案

ecb是最简单且具有弱点，因此不推荐使用（ http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation ）。 cbc被认为明显强于ecb。一些其他的可能比cbc更强大，但他们都是流相关所以cbc应该适合你的需要。

ecb is the simplest and has weaknesses so it is not recommended (http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation). cbc is considered significantly stronger than ecb. Some of the others may be even stronger than cbc but they are all stream related so cbc should suit your needs.

From ... http://us.php.net/manual/en/mcrypt.constants.php ...

From... http://us.php.net/manual/en/mcrypt.constants.php...

• MCRYPT_MODE_ECB（电子码本）适用于随机数据，例如加密其他密钥。由于数据很短且随机，所以ECB的缺点具有有利的负面效果。


• MCRYPT_MODE_CBC（密码块链接）特别适合于加密其中安全性明显超过ECB的文件。


• MCRYPT_MODE_CFB（加密反馈）是加密字节流的最佳模式，单个字节必须加密。


• MCRYPT_MODE_OFB与CFB相当，但可用于不能容忍错误传播的应用中。


• MCRYPT_MODE_NOFB（输出反馈，以nbit为单位）与OFB相当，但更安全，因为它工作在

• MCRYPT_MODE_ECB (electronic codebook) is suitable for random data, such as encrypting other keys. Since data there is short and random, the disadvantages of ECB have a favorable negative effect.
• MCRYPT_MODE_CBC (cipher block chaining) is especially suitable for encrypting files where the security is increased over ECB significantly.
• MCRYPT_MODE_CFB (cipher feedback) is the best mode for encrypting byte streams where single bytes must be encrypted.
• MCRYPT_MODE_OFB (output feedback, in 8bit) is comparable to CFB, but can be used in applications where error propagation cannot be tolerated. It's insecure (because it operates in 8bit mode) so it is not recommended to use it.
• MCRYPT_MODE_NOFB (output feedback, in nbit) is comparable to OFB, but more secure because it operates on the block size of the algorithm.
• MCRYPT_MODE_STREAM is an extra mode to include some stream algorithms like "WAKE" or "RC4".

我不知道为什么MCRYPT_RAND是推荐的，但它可能是因为许多系统上的系统随机数生成器不被认为是真正的随机。只有两个选择，它们可能不可用取决于您的系统和PHP版本。来自... http://php.net/manual/en/function.mcrypt-create- iv.php ...

I'm not sure why MCRYPT_RAND is recommended against but it may be because the system random number generator on many systems is not considered to be truely random. There are only two alternatives and they may not be available depending on your system and PHP version. From... http://php.net/manual/en/function.mcrypt-create-iv.php...

• IV源可以是MCRYPT_RAND（系统随机数生成器），MCRYPT_DEV_RANDOM / dev / random）和MCRYPT_DEV_URANDOM（从/ dev / urandom读取数据）。在5.3.0之前，MCRYPT_RAND是Windows上唯一支持的。

下面的代码只是一个简单的例子。它工作，但我不能证明它的实力。

The code below is just a quick sample. It works but I can't attest to it's strength.

<?php

// Test code

    $objEncManager = new DataEncryptor();

    $sensitiveData = "7890";
    echo "Raw Data: _" . $sensitiveData . "_<br><br>";

    $encryptedData = $objEncManager->mcryptEncryptString( $sensitiveData );
    echo "Enc Data: _" . $encryptedData . "_<br><br>";
    echo "Enc Data length: " . strlen( $encryptedData) . "<br><br>";

    $decryptedData = $objEncManager->mcryptDecryptString( $encryptedData, $objEncManager->lastIv );
    echo "D-enc Data: _" . $decryptedData . "_<br><br>";

    echo "IV: _" . $objEncManager->lastIv . "_<br><br>";


/*
 * Note: These functions do not accurately handle cases where the data 
 * being encrypted have trailing whitespace so the data
 *       encrypted by them must not have any. Leading whitespace is okay.
 *  
 * Note: If your data needs to be passed through a non-binary safe medium you should
 * base64_encode it but this makes the data about 33% larger.
 * 
 * Note: The decryption IV must be the same as the encryption IV so the encryption
 * IV must be stored or transmitted with the encrypted data.
 * From (http://php.net/manual/en/function.mcrypt-create-iv.php)... 
 * "The IV is only meant to give an alternative seed to the encryption routines. 
 * This IV does not need to be secret at all, though it can be desirable. 
 * You even can send it along with your ciphertext without losing security."
 * 
 * Note: These methods don't do any error checking on the success of the various mcrypt functions
 */
class DataEncryptor
{
    const MY_MCRYPT_CIPHER        = MCRYPT_RIJNDAEL_256;
    const MY_MCRYPT_MODE          = MCRYPT_MODE_CBC;
    const MY_MCRYPT_KEY_STRING    = "1234567890-abcDEFGHUzyxwvutsrqpo"; // This should be a random string, recommended 32 bytes

    public  $lastIv               = '';


    public function __construct()
    {
        // do nothing
    }


    /**
     * Accepts a plaintext string and returns the encrypted version
     */
    public function mcryptEncryptString( $stringToEncrypt, $base64encoded = true )
    {
        // Set the initialization vector
            $iv_size      = mcrypt_get_iv_size( self::MY_MCRYPT_CIPHER, self::MY_MCRYPT_MODE );
            $iv           = mcrypt_create_iv( $iv_size, MCRYPT_RAND );
            $this->lastIv = $iv;

        // Encrypt the data
            $encryptedData = mcrypt_encrypt( self::MY_MCRYPT_CIPHER, self::MY_MCRYPT_KEY_STRING, $stringToEncrypt , self::MY_MCRYPT_MODE , $iv );

        // Data may need to be passed through a non-binary safe medium so base64_encode it if necessary. (makes data about 33% larger)
            if ( $base64encoded ) {
                $encryptedData = base64_encode( $encryptedData );
                $this->lastIv  = base64_encode( $iv );
            } else {
                $this->lastIv = $iv;
            }

        // Return the encrypted data
            return $encryptedData;
    }


    /**
     * Accepts a plaintext string and returns the encrypted version
     */
    public function mcryptDecryptString( $stringToDecrypt, $iv, $base64encoded = true )
    {
        // Note: the decryption IV must be the same as the encryption IV so the encryption IV must be stored during encryption

        // The data may have been base64_encoded so decode it if necessary (must come before the decrypt)
            if ( $base64encoded ) {
                $stringToDecrypt = base64_decode( $stringToDecrypt );
                $iv              = base64_decode( $iv );
            }

        // Decrypt the data
            $decryptedData = mcrypt_decrypt( self::MY_MCRYPT_CIPHER, self::MY_MCRYPT_KEY_STRING, $stringToDecrypt, self::MY_MCRYPT_MODE, $iv );

        // Return the decrypted data
            return rtrim( $decryptedData ); // the rtrim is needed to remove padding added during encryption
    }


}
?>

这篇关于使用PHP mcrypt与Rijndael / AES的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！