在PHP中解密加密文本 [英] Decryption of encrypted text in PHP
问题描述
要解密的数据进入PHP文件,作为一个数据参数。
$ dataArg1 = $ _REQUEST [data];
//从存储中检索$ encryptedData
//
//加载私钥并解密加密数据
$ encryptedData = $ dataArg1;
$ privateKey = array(array(123456,654321,123456),array(123456,1234),
array(1234567,4321)
);
openssl_private_decrypt($ encryptedData,$ sensitiveData,$ privateKey);
上面的函数来自Stack Overflow上另一个帖子的第二个响应:
< a href =https://stackoverflow.com/questions/2414064/how-to-encrypt-data-in-javascript-and-decrypt-in-php>如何加密javascript中的数据并解密php?
我假设解密的值在PHP变量$ sensitiveData。
当我回覆在屏幕上,我什么都没有。
echo(sensitiveData = [$ sensitiveData]< br />) ;
想法?
更新:
openssl_private_decrypt()的返回值为FALSE,返回值为NULL。
底部有一行:
并将以下内容放在您的私人脚本中(可能在您的本地硬盘上,而不是在互联网上) - 如果你的私钥被发现这整个事情是无用的。)
< script>
函数decrypt(){
// key = [[d],[p],[q]];
var key = [[123456789,123456789,123456789],[123456789,1234],[123456789,4321]];
document.form.text.value = rsaDecode(key,document.form.text.value);
}
< / script>
(实际值更改)
我将var key =行翻译成PHP (按我的其他帖子)。使用嵌入式数组翻译。我然后通过该密钥到解密函数。
我的想法是,PHP文档调用私有密钥mixed。我想知道是否可能需要使用不同的私钥格式。
这是输出:
dataArg1 = [jmOdss9ktFc\WO5eltUZXt0rpqS1NluNKa]
bResult = []
sensitiveData = []
var_dump = [NULL]
$ privateKey必须在一定的格式,你不能只是扔随机数据,并且神奇地期望它知道该怎么做。
另外,看着你的js,重新使用,它不只是做RSA,它有一个名为 base64ToText 的函数,它解密密文,把第一个字节作为加密会话密钥的长度, ,获得加密会话密钥,使用RSA解密,然后使用它作为RC4的密钥进行解密,但也有一些问题,除此之外,还有一些问题,其中包括:$ code base64ToText 与PHP的 base64_encode 不一样我可能会暗示。
无论如何,我无法让它工作。就个人而言,我会推荐一些这样的东西(可以与PHP / phpseclib的Crypt_RSA 互操作):
http://area51.phpbb。 com / phpBB / viewtopic.php?p = 208860
那就是说,我确实想出了几件事情。你的js lib使用base-28。要将该格式的数字转换为一个phpseclib,您需要使用此功能:
函数conv_base($ num)
{
$ result = pack('N',$ num [count($ num) - 1]); ($ i = count($ num) - 2; $ i> = 0; - $ i){
$ b $ result = $ result | str_pad(pack('N',$ num [$ i]),strlen($ result),chr(0),STR_PAD_LEFT);
}
return $ result;
}
函数_base256_lshift(& $ x,$ shift)
{
if($ shift == 0){
return;
}
$ num_bytes = $ shift>> 3; // eg。 ($ shift / 8)
$ shift& = 7; // eg。 $ shift%8
$ carry = 0; ($ i = strlen($ x) - 1; $ i> = 0; - $ i){
$ temp = ord($ x [$ i])< $ shift | $矣;
$ x [$ i] = chr($ temp);
$ carry = $ temp>> 8;
}
$ carry =($ carry!= 0)? chr($ carry):'';
$ x = $ carry。 $ x。 str_repeat(chr(0),$ num_bytes);
}
这是我用来确认其正确性的脚本:
<?php
include('Math / BigInteger.php');
$ p = array(242843315,241756122,189);
$ q = array(177094647,33319298,129);
$ n =数组(45173685,178043534,243390137,201366668,24520);
$ p = new Math_BigInteger(conv_base($ p),256);
$ q = new Math_BigInteger(conv_base($ q),256);
$ n = new Math_BigInteger(conv_base($ n),256);
$ test = $ p->乘法($ q);
echo $ test。 \\\\。 $ N;
ie。他们匹配。
我还将您的js的 base64ToText 移植到PHP:
函数解码($ t)
{
static $ b64s ='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_';
$ r =''; $ b ($ n = 0; $ n
if($ c> = 0){
if($ m){
$ r。= chr(($ c < m))& 255 | $ a);
}
$ a = $ c>> $ m;
$ m + = 2;
if($ m = = 8){
$ m = 0;
}
}
}
return $ r;
}
我可能遇到的其他潜在问题...谁知道他们的RC4实现是否正确?他们的base64实现不是所以RC4实现也不会是先例。
I am trying to decode encrypted data in PHP, however the return value keeps coming back as null.
The data to be decrypted comes into the PHP file as a data argument.
$dataArg1 = $_REQUEST["data"];
// Retrieve $encryptedData from storage ...
//
// Load the private key and decrypt the encrypted data
$encryptedData = $dataArg1;
$privateKey = array ( array(123456,654321,123456), array(123456,1234),
array(1234567,4321)
);
openssl_private_decrypt($encryptedData, $sensitiveData, $privateKey);
The function above comes from the second response of another posting here on Stack Overflow: How to encrypt data in javascript and decrypt in php?
I assume that the decrypted value is in the PHP variable, $sensitiveData.
When I echo that to the screen, I get nothing.
echo("sensitiveData=[$sensitiveData]<br />");
Thoughts?
UPDATE: The return value from openssl_private_decrypt() is FALSE, and the return value is NULL.
UPDATE 2: I created the public/private key from the following URL. http://shop-js.sourceforge.net/crypto2.htm
At the bottom, there is the line: And put the following in your private script (probably on your local hard disk -- not on the internet -- if your private key is found this whole thing is useless.)
<script>
function decrypt() {
// key = [ [d], [p], [q] ];
var key=[[123456789,123456789,123456789],[123456789,1234],[123456789,4321]];
document.form.text.value=rsaDecode(key, document.form.text.value);
}
</script>
(actual values changed)
I copied translated the "var key=" line to PHP (per my other posting). Translation above using embedded arrays. I then past that key to the decrypt function.
My thought is that the PHP documentation calls the private key "mixed". I am wondering if maybe I need a different format for the private key.
Here is the output:
dataArg1=[jmOdss9ktFc\"WO5eltUZXt0rpqS1NluNKa]
bResult=[]
sensitiveData=[]
var_dump=[NULL ]
$privateKey has to be in a certain format. You can't just throw in random data to it and magically expect it to know what to do with it.
Also, looking at the js you're using, it's not just doing RSA. It has a function named base64ToText. It's decoding the ciphertext with that, taking the first byte as the length of the "encrypted session key", getting the "encrypted session key", decrypting that with RSA and then using that as the key to RC4 to decrypt it. But there are a number of problems with that too. Among other things, base64ToText isn't the same thing as PHP's base64_encode as the name might imply.
Anyway I wasn't able to get it to working. Personally, I'd recommend something more like this (which is interoperable with PHP / phpseclib's Crypt_RSA):
http://area51.phpbb.com/phpBB/viewtopic.php?p=208860
That said, I did manage to figure a few things out. Your js lib uses base-28. To convert numbers from that format to one phpseclib uses you'll need to use this function:
function conv_base($num)
{
$result = pack('N', $num[count($num) - 1]);
for ($i = count($num) - 2; $i >= 0; --$i) {
_base256_lshift($result, 28);
$result = $result | str_pad(pack('N', $num[$i]), strlen($result), chr(0), STR_PAD_LEFT);
}
return $result;
}
function _base256_lshift(&$x, $shift)
{
if ($shift == 0) {
return;
}
$num_bytes = $shift >> 3; // eg. floor($shift/8)
$shift &= 7; // eg. $shift % 8
$carry = 0;
for ($i = strlen($x) - 1; $i >= 0; --$i) {
$temp = ord($x[$i]) << $shift | $carry;
$x[$i] = chr($temp);
$carry = $temp >> 8;
}
$carry = ($carry != 0) ? chr($carry) : '';
$x = $carry . $x . str_repeat(chr(0), $num_bytes);
}
Here's the script I used to confirm the correctness of that:
<?php
include('Math/BigInteger.php');
$p = array(242843315,241756122,189);
$q = array(177094647,33319298,129);
$n = array(45173685,178043534,243390137,201366668,24520);
$p = new Math_BigInteger(conv_base($p), 256);
$q = new Math_BigInteger(conv_base($q), 256);
$n = new Math_BigInteger(conv_base($n), 256);
$test = $p->multiply($q);
echo $test . "\r\n" . $n;
ie. they match.
I also ported your js's base64ToText to PHP:
function decode($t)
{
static $b64s = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_"';
$r = '';
$m = $a = 0;
for ($n = 0; $n < strlen($t); $n++) {
$c = strpos($b64s, $t[$n]);
if ($c >= 0) {
if ($m) {
$r.= chr(($c << (8-$m))&255 | $a);
}
$a = $c >> $m;
$m+=2;
if ($m == 8) {
$m = 0;
}
}
}
return $r;
}
Among other potential problems I may have encountered... who knows if their RC4 implementation is correct? Their base64 implementation isn't so it wouldn't be without precedent for the RC4 implementation to be broken too.
这篇关于在PHP中解密加密文本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
