I bet the best way is use SSL (HTTPS) and I recommend you to read the OWASP Guideand especially the How-To section.

我敢打赌，最好的方法是使用 SSL (HTTPS)，我建议您阅读OWASP 指南，尤其是How-To 部分。

I always liked MCRYPT

我永远喜欢 MCRYPT

//Key
$key = 'SuperSecretKey';

//To Encrypt:
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, 'I want to encrypt this', MCRYPT_MODE_ECB);

//To Decrypt:
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_ECB);

If that's something you're looking for. It'll treat the JSON as a string and then after you decrypt it you'll have to do your json_decode()or whatever it is you're doing.

如果那是你正在寻找的东西。它会将 JSON 视为字符串，然后在您解密它之后，您将必须执行您的操作json_decode()或您正在执行的任何操作。

It really depending on how sensitive the data are. However from my experience a simple php encryption usually do the trick. I would usually encrypt the sensitive fields in the json data fields before encoding it to a json string.

这实际上取决于数据的敏感程度。然而，根据我的经验，一个简单的 php 加密通常可以解决问题。我通常会在将 json 数据字段中的敏感字段编码为 json 字符串之前对其进行加密。

Here's the code for the encryption part.

这是加密部分的代码。

$key = 'password to (en/de)crypt'; $string = ' string to be encrypted '; // note the spaces

$key = '密码到（en/de）crypt'; $string = '要加密的字符串'; // 注意空格

To Encrypt:

加密：

$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key))));

To Decrypt:

解密：

$decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encrypted), MCRYPT_MODE_CBC, md5(md5($key))), "##代码##");

However, you should always hash (MD5, SHA1) passwords, preferably with some salt.

但是，您应该始终散列（MD5，SHA1）密码，最好使用一些盐。

Store a private key on the server and use DES encryption; it's a 2-way algorithm.

在服务器上存储私钥并使用DES加密；这是一个2路算法。

EDIT:

编辑：

Per comments, it seems I've misinterpreted the question. My assumption was OP would like to send encrypted data out on the Internet like in an email or something then get the data back at a later time and be able to decrypt it. I'll be sure to clarify through comments in the future before submitting an answer.

根据评论，我似乎误解了这个问题。我的假设是 OP 想要将加密数据发送到 Internet 上，例如通过电子邮件或其他方式发送出去，然后稍后取回数据并能够对其进行解密。在提交答案之前，我一定会在将来通过评论进行澄清。

Use Open SSL:

使用开放 SSL：

http://www.php.net/manual/en/book.openssl.php

http://www.php.net/manual/en/book.openssl.php

You can generate a public/private key pair without the need for https if it's unavailable.

如果 https 不可用，您可以生成公钥/私钥对，而无需 https。

Of course, SSL (HTTPS) is needed to safely transfer data across the web.

当然，需要 SSL (HTTPS) 才能安全地通过网络传输数据。

But that said, there are still reasons to encrypt json data, before you sent them.

但这就是说，在发送 json 数据之前，仍有理由对其进行加密。

I had a problem with encrypting json data. It was caused by "\t" in json data. You need to remove them, before encryption. Otherwise there will be a problem when you want to decrypt it back to a propper json format.

我在加密 json 数据时遇到了问题。它是由 json 数据中的“\t”引起的。您需要在加密之前删除它们。否则当你想把它解密回正确的json格式时就会出现问题。

$plain_txt = str_replace("\r",'', $plain_txt);

$plain_txt = str_replace("\r",'', $plain_txt);

$plain_txt = str_replace("\n",'', $plain_txt);

$plain_txt = str_replace("\n",'', $plain_txt);

$plain_txt = str_replace("\t",'', $plain_txt);

$plain_txt = str_replace("\t",'', $plain_txt);

See a working example: https://gist.github.com/petermuller71/33616d55174d9725fc00a663d30194ba

查看一个工作示例：https: //gist.github.com/petermuller71/33616d55174d9725fc00a663d30194ba