Hướng dẫn dùng aad gcm trong PHP
(PHP 5 >= 5.3.0, PHP 7, PHP 8) openssl_encrypt — Encrypts data openssl_encrypt( The
plaintext message data to be encrypted. The cipher method. For a list of available cipher methods, use openssl_get_cipher_methods(). The passphrase. If the passphrase is shorter than expected, it is silently padded with A
non-NULL Initialization Vector. The authentication tag passed by reference when using AEAD cipher mode (GCM or CCM). Additional authenticated data. The length of the authentication Returns the encrypted string on success or Emits an
Emits an Example #1 AES Authenticated Encryption in GCM mode example for PHP 7.1+ Example #2 AES Authenticated Encryption example prior to PHP 7.1 Nick ¶ 6 years ago biohazard dot ge at gmail dot
com ¶ 11 years ago # openssl enc -aes-128-cbc -d -in file.encrypted -pass pass:123 Or even if he/she determinates that openssl_encrypt output was base64 and tries: # openssl enc -aes-128-cbc -d -in file.encrypted -base64 -pass pass:123 Or even if he determinates that base64 encoded file is represented in one line and tries: # openssl enc -aes-128-cbc -d -in file.encrypted -base64 -A -pass pass:123 Or even if he determinates that IV is needed and adds some string iv as encryption function`s fourth parameter and than adds hex representation of iv as parameter in openssl command line : # openssl enc -aes-128-cbc -d -in file.encrypted -base64 -pass pass:123 -iv -iv 31323334353637383132333435363738 Or even if he determinates that aes-128 password must be 128 bits there fore 16 bytes and sets $pass = '1234567812345678' and tries: # openssl enc -aes-128-cbc -d -in file.encrypted -base64 -pass pass:1234567812345678 -iv -iv 31323334353637383132333435363738 All these troubles will have no result in any case. BECAUSE THE PASSWORD PARAMETER DOCUMENTED HERE IS NOT THE PASSWORD. It means that the password parameter of the function is not the same string used as [-pass pass:] parameter with openssl cmd tool for file encryption decryption. IT IS THE KEY ! And now how to correctly encrypt data with php openssl_encrypt and how to correctly decrypt it from openssl command line tool. function strtohex($x) echo "\niv in hex to use: ".strtohex ($iv);echo "\nkey in hex to use: ".strtohex ($pass); echo "\n";file_put_contents ('./file.encrypted',openssl_encrypt ($source, $method, $pass, true, $iv));$exec = "openssl enc -".$method." -d -in file.encrypted -nosalt -nopad -K ".strtohex($pass)." -iv ".strtohex($iv); echo 'executing: '.$exec."\n\n";echo exec ($exec); echo "\n";?> IV and Key parameteres passed to openssl command line must be in hex representation of string. The correct command for decrypting is: # openssl enc -aes-128-cbc -d -in file.encrypted -nosalt -nopad -K 31323334353637383132333435363738 -iv 31323334353637383132333435363738 As it has no salt has no padding and by setting functions third parameter we have no more base64 encoded file to decode. The command will echo that it works... : / openssl at mailismagic dot com ¶ 7 years ago
omidbahrami1990 at gmail dot com ¶ 4 years ago
hash_equals($second_encrypted,$second_encrypted_new)) gcleaves at gmail dot com ¶ 2 years ago
naitsirch at e dot mail dot de ¶ 5 years ago
$error ? false : $dest; TheNorthMemory ¶ 1 year ago
false === $ciphertext) { Raphael ¶ 7 years ago
$i = 0; $i < 5; $i++) { Anonymous ¶ 7 years ago
Jean-Luc ¶ 4 years ago
denis at bitrix dot ru ¶ 5 years ago
$m = strlen($data)%8) max ¶ 10 years ago
Shin ¶ 1 year ago
ralf at exphpert dot de ¶ 5 months ago
desmatic at gmail dot com ¶ 10 months ago
decrypt($cipherjson, $key) { darek334 at gazeta dot pl ¶ 5 years ago
Kruthers ¶ 5 years ago
public at grik dot net ¶ 12 years ago
handsomedmm at 126 dot com ¶ 2 years ago
$salt = hex2bin("77E3D3F82E978FE5"); David ¶ 6 years ago
Kukulkan ¶ 10 years ago
waltzie ¶ 3 years ago
decrypt_openssl($data, $key) { me at bobste dot in ¶ 4 years ago
Geoff ¶ 6 years ago
|