使用 php 的三重 DES 加密/解密
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/22592919/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
TRIPLE DES encryption/decryption using php
提问by Piya
I have this TRIPLE DES ENCRYPTION CODE IN PHP
我在 PHP 中有这个三重 DES 加密代码
$encryption_key = "CE51E06875F7D964";
$data='tokenNo=test&securityCode=111' ;
echo $desEncryptedData = encryptText_3des($data, $encryption_key);//outputs 3des encrypted data
function encryptText_3des($plainText, $key) {
$key = hash("md5", $key, TRUE);
for ($x=0;$x<8;$x++) {
$key = $key.substr($key, $x, 1);
}
$padded = pkcs5_pad($plainText,
mcrypt_get_block_size(MCRYPT_3DES, MCRYPT_MODE_CBC));
$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $padded, MCRYPT_MODE_CBC));
return $encrypted;
}
function pkcs5_pad ($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr($pad), $pad);
}
Im able to encrypt the data as xcFEvIdLXc2fjhG1i4iPOQu5L6ahxwZVucDOPqeMM2E=
我能够将数据加密为 xcFEvIdLXc2fjhG1i4iPOQu5L6ahxwZVucDOPqeMM2E=
Now I have the key,will I able to decrypt this data to plain text format?
现在我有了密钥,我可以将这些数据解密为纯文本格式吗?
I tried it this way
我这样试过
$encryption_key = "CE51E06875F7D964";
$data='xcFEvIdLXc2fjhG1i4iPOQu5L6ahxwZVucDOPqeMM2E=' ; //encrypted data
echo $desEncryptedData = encryptText_3des($data, $encryption_key);//outputs 3des encrypted data
function encryptText_3des($plainText, $key) {
$key = hash("md5", $key, TRUE);
for ($x=0;$x<8;$x++) {
$key = $key.substr($key, $x, 1);
}
$padded = pkcs5_unpad($plainText,
mcrypt_get_block_size(MCRYPT_3DES, MCRYPT_MODE_CBC));
$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $padded, MCRYPT_MODE_CBC));
return $encrypted;
}
function pkcs5_unpad($text)
{
$pad = ord($text{strlen($text)-1});
if ($pad > strlen($text)) return false;
if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
return substr($text, 0, -1 * $pad);
}
But I couldnt do it.IS what I am doing is wrong?Please suggest me a way to decrypt this?Is the encryption key itself is used to decrypt the data in triple DES?Please help
但是我做不到。是我做的不对吗?请给我建议一种解密方法?加密密钥本身是否用于解密三重DES中的数据?请帮忙
回答by Damian
This is the solution:
这是解决方案:
public function encrypt($data, $secret)
{
//Generate a key from a hash
$key = md5(utf8_encode($secret), true);
//Take first 8 bytes of $key and append them to the end of $key.
$key .= substr($key, 0, 8);
//Pad for PKCS7
$blockSize = mcrypt_get_block_size('tripledes', 'ecb');
$len = strlen($data);
$pad = $blockSize - ($len % $blockSize);
$data .= str_repeat(chr($pad), $pad);
//Encrypt data
$encData = mcrypt_encrypt('tripledes', $key, $data, 'ecb');
return base64_encode($encData);
}
public function decrypt($data, $secret)
{
//Generate a key from a hash
$key = md5(utf8_encode($secret), true);
//Take first 8 bytes of $key and append them to the end of $key.
$key .= substr($key, 0, 8);
$data = base64_decode($data);
$data = mcrypt_decrypt('tripledes', $key, $data, 'ecb');
$block = mcrypt_get_block_size('tripledes', 'ecb');
$len = strlen($data);
$pad = ord($data[$len-1]);
return substr($data, 0, strlen($data) - $pad);
}
Regards.
问候。
回答by Raihan Al-Mamun
https://github.com/iam-raihan96/3DES-ECB-Cryptography-in-PHP
https://github.com/iam-raihan96/3DES-ECB-Cryptography-in-PHP
here i wrote 3DES-ECBCryptography in PHP. there you will get two class file "Crypt_mcrypt" using "mcrypt" and "Crypt_openssl" using "openssl". so you can use any of them but it is
在这里,我用PHP编写了3DES-ECB密码学。在那里你会得到两个类文件“ Crypt_mcrypt”使用“ mcrypt”和“ Crypt_openssl”使用“openssl”。所以你可以使用它们中的任何一个,但它是
highly recomended to use "Crypt_openssl"
强烈建议使用“Crypt_openssl”
If you're typing the word mcrypt into your code, you're probably making a mistake. Although it's possible to provide a relatively secure cryptography library that builds on top of mcrypt (the earlier version of defuse/php-encryptiondid), switching your code to openssl will provide better security, performance, maintainability, and portability. Even better: use libsodium instead.
如果您在代码中输入 mcrypt 一词,您可能会犯错误。虽然可以提供一个相对安全的加密库,它构建在 mcrypt 之上(早期版本的defuse/php-encryption就是这样做的),但将代码切换到 openssl 将提供更好的安全性、性能、可维护性和可移植性。更好的是:改用 libsodium。
回答by Sem
For PHP 7.1and above, mcryptfunction is deprecated. Here is the alternative using openssl_encrypt
对于PHP 7.1及更高版本,不推荐使用mcrypt函数。这是使用openssl_encrypt的替代方法
$ciphertext = openssl_encrypt('string to be encrypted', 'DES-EDE3', 'key', OPENSSL_RAW_DATA);
$ciphertext = base64_encode($ciphertext);
You can use this online Triple DES encryptiontool to cross check.
您可以使用此在线三重 DES 加密工具进行交叉检查。
For other available cipher, you can invoke PHP method openssl_get_cipher_methods()
对于其他可用的密码,您可以调用 PHP 方法openssl_get_cipher_methods()
回答by Umair Baig
Hey @black buddy the decrypt function is perfect the thing is that you need to pass the encyrpted data by the function encrypt.
嘿@black 哥们,解密功能很完美,但您需要通过功能加密传递加密的数据。
<?php
$encryption_key = "CE51E06875F7D964";
$data='tokenNo=test&securityCode=111' ;
// the below will return the encoded data you need to put the value in the variable $asl.
echo encrypt($data,$encryption_key);
function encrypt($data, $secret)
{
//Generate a key from a hash
$key = md5(utf8_encode($secret), true);
//Take first 8 bytes of $key and append them to the end of $key.
$key .= substr($key, 0, 8);
//Pad for PKCS7
$blockSize = mcrypt_get_block_size('tripledes', 'ecb');
$len = strlen($data);
$pad = $blockSize - ($len % $blockSize);
$data .= str_repeat(chr($pad), $pad);
//Encrypt data
$encData = mcrypt_encrypt('tripledes', $key, $data, 'ecb');
return base64_encode($encData);
}
//the below is the encryption of $data = 'token.....' which there above
$asl = 'xcFEvIdLXc0LX+lk46iIFY09GF+FL+SWM0PTNw669VE=';
// this echo will provide you the $data which is there in the begining
echo decrypt($asl , $encryption_key);
function decrypt($data, $secret)
{
//Generate a key from a hash
$key = md5(utf8_encode($secret), true);
//Take first 8 bytes of $key and append them to the end of $key.
$key .= substr($key, 0, 8);
$data = base64_decode($data);
$data = mcrypt_decrypt('tripledes', $key, $data, 'ecb');
$block = mcrypt_get_block_size('tripledes', 'ecb');
$len = strlen($data);
$pad = ord($data[$len-1]);
return substr($data, 0, strlen($data) - $pad);
}
?>