Tôi đang làm việc với mật mã trong một dự án và tôi cần một chút trợ giúp về cách làm việc openssl_encryptvà openssl_decrypt, tôi chỉ muốn biết cách cơ bản và chính xác nhất để thực hiện nó. Đây là những gì tôi nhận được cho đến nay:
// To encrypt a string
$dataToEncrypt = 'Hello World';
$cypherMethod = 'AES-256-CBC';
$key = random_bytes[32];
$iv = openssl_random_pseudo_bytes[openssl_cipher_iv_length[$cypherMethod]];
$encryptedData = openssl_encrypt[$dataToEncrypt, $cypherMethod, $key, $options=0, $iv];
Sau đó $cypherMethod, tôi lưu trữ $keyvà $ivđể sử dụng khi giải mã $encryptedData. [Hãy không nói rõ về cách tôi lưu trữ các giá trị, cảm ơn!]
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
Trước hết, đoạn mã ví dụ trên có phải là một ví dụ chính xác về cách sử dụng php openssl_encryptkhông?
Thứ hai, phương pháp của tôi để tạo $keyvà có $ivchính xác và an toàn không? Bởi vì tôi tiếp tục đọc, các khóa phải được bảo mật bằng mật mã.
Cuối cùng,
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
17 hữu ích 1 bình luận 34k xem chia sẻ 1 bình luận 34k xem chia sẻ
[PHP 5 >= 5.3.0, PHP 7, PHP 8]
openssl_encrypt — Encrypts data — Encrypts data
Description
openssl_encrypt[ string
6, string // To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
7, string // To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
8, int // To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
9 = 0, string // To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
$iv = "", string openssl_encrypt1 = openssl_encrypt2, string openssl_encrypt3 = "", int openssl_encrypt4 = 16]: string|false[
string
6,// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
string
7,// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
string
8,// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
int
9 = 0,// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
string $iv =
"",
string openssl_encrypt1 = openssl_encrypt2,
string openssl_encrypt3 = "",
int openssl_encrypt4 = 16
]: string|false
Parameters
openssl_encrypt5The plaintext message data to be encrypted.
openssl_encrypt6The cipher method. For a list of available cipher methods, use openssl_get_cipher_methods[]. openssl_get_cipher_methods[].
openssl_encrypt7 The passphrase. If the passphrase is shorter than expected, it is silently padded with openssl_encrypt8 characters; if the passphrase is longer than expected, it is silently truncated.
openssl_encrypt9 openssl_encrypt9 is a bitwise disjunction of the flags openssl_decrypt1 and openssl_decrypt2. openssl_decrypt1 and openssl_decrypt2.
openssl_decrypt3A non-NULL Initialization Vector.
openssl_decrypt4The authentication tag passed by reference when using AEAD cipher mode [GCM or CCM].
openssl_decrypt5Additional authenticated data.
openssl_decrypt6 The length of the authentication openssl_decrypt4. Its value can be between 4 and 16 for GCM mode.
Return Values
Returns the encrypted string on success or openssl_decrypt8 on failure. openssl_decrypt8 on failure.
Errors/Exceptions
Emits an openssl_decrypt9 level error if an unknown cipher algorithm is passed in via the openssl_encrypt6 parameter. openssl_decrypt9 level error if an unknown cipher algorithm is passed in via the openssl_encrypt6
parameter.
Emits an openssl_decrypt9 level error if an empty value is passed in via the openssl_decrypt3 parameter. openssl_decrypt9 level error if an empty value is passed in via the openssl_decrypt3 parameter.
Changelog
| 7.1.0 | openssl_encrypt[ string $iv = "", string openssl_encrypt1 = openssl_encrypt2, string openssl_encrypt3 = "", int openssl_encrypt4 = 16]: string|false |
Parameters
openssl_encrypt5
$cypherMethod6
The plaintext message data to be encrypted.
$cypherMethod7
openssl_encrypt6 ¶
The cipher method. For a list of available cipher methods, use openssl_get_cipher_methods[].
$cypherMethod8
$cypherMethod9
$key0
$key1
$key2
$key3
$key4
$key5
$key6
$key7 openssl_encrypt7 ¶
The passphrase. If the passphrase is shorter than expected, it is silently padded with openssl_encrypt8 characters; if the passphrase is longer than expected, it is silently truncated.
$key8
$key9
$iv0
$iv1
$iv2 openssl_encrypt9 ¶
openssl_encrypt9 is a bitwise disjunction of the flags openssl_decrypt1 and openssl_decrypt2.
$iv3
$iv4
$iv5
$iv6
$iv7
$iv8
$iv9
$encryptedData0
$key7 openssl_decrypt3 ¶
A non-NULL Initialization Vector.
$encryptedData2
$encryptedData3
$encryptedData4 openssl_decrypt4 ¶
The authentication tag passed by reference when using AEAD cipher mode [GCM or CCM].
$encryptedData5
$encryptedData6
$encryptedData7
$encryptedData8
$key7 openssl_decrypt5 ¶
Additional authenticated data.
php openssl_encrypt0
php openssl_encrypt1
php openssl_encrypt2
php openssl_encrypt3
php openssl_encrypt4
php openssl_encrypt5 openssl_decrypt6 ¶
The length of the authentication openssl_decrypt4. Its value can be between 4 and 16 for GCM mode.
php openssl_encrypt6
php openssl_encrypt7
$encryptedData3
php openssl_encrypt9Return Values ¶
openssl_encrypt9 is a bitwise disjunction of the flags openssl_decrypt1 and openssl_decrypt2.
$key0
$key1
$key2
$key3 openssl_decrypt3 ¶
openssl_encrypt9 is a bitwise disjunction of the flags openssl_decrypt1 and openssl_decrypt2.
$key4
$key5
$key6
$key7
$key8
$key7 openssl_decrypt3 ¶
A non-NULL Initialization Vector.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
openssl_decrypt4 ¶
Additional authenticated data.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
openssl_decrypt6 ¶
The length of the authentication openssl_decrypt4. Its value can be between 4 and 16 for GCM mode.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
$key7Return Values ¶
The length of the authentication openssl_decrypt4. Its value can be between 4 and 16 for GCM mode.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
$key7Return Values ¶
Returns the encrypted string on success or openssl_decrypt8 on failure.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
openssl_decrypt9 level error if an unknown cipher algorithm is passed in via the openssl_encrypt6 parameter. Emits an openssl_decrypt9 level error if an empty value is passed in via the openssl_decrypt3 parameter. ¶
Changelog
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
Version ¶
Additional authenticated data.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
openssl_decrypt6 ¶
Additional authenticated data.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
$key7 openssl_decrypt6 ¶
The length of the authentication openssl_decrypt4. Its value can be between 4 and 16 for GCM mode.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
Return Values ¶
The authentication tag passed by reference when using AEAD cipher mode [GCM or CCM].
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
openssl_decrypt5 ¶
The cipher method. For a list of available cipher methods, use openssl_get_cipher_methods[].
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
openssl_encrypt7 ¶
The length of the authentication openssl_decrypt4. Its value can be between 4 and 16 for GCM mode.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
$key7Return Values ¶
Returns the encrypted string on success or openssl_decrypt8 on failure.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
Emits an openssl_decrypt9 level error if an unknown cipher algorithm is passed in via the openssl_encrypt6 parameter.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
Emits an openssl_decrypt9 level error if an empty value is passed in via the openssl_decrypt3 parameter. ¶
A non-NULL Initialization Vector.
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
openssl_decrypt4 ¶
The cipher method. For a list of available cipher methods, use openssl_get_cipher_methods[].
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
// To decrypt an encrypted string
$decryptedData = openssl_decrypt[$encryptedData, $cypherMethod, $key, $options=0, $iv];
$key7