php使用MCRYPT_RIJNDAEL_256解密字符串

Question

<?php
function encrypt ($key,$iv,$str)
{     
  $block=mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
  $padding=$block-(strlen($str) % $block);
  $str.=str_repeat(chr($padding), $padding);  
  $encryptxt=mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);  
  $encryptxt64=base64_encode($encryptxt);
  return $encryptxt64;
}
function decrypt ($key,$iv,$str)
{     
  $block=mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
  $padding=$block-(strlen($str) % $block);
  $str.=str_repeat(chr($padding), $padding);  
  $decryptxt=mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);  
  $decryptxt64=base64_decode($decryptxt);
  return $decryptxt64;
}
echo encrypt("1234567890123456","12345678901234561234567890123456","test")."\n<br/>";
echo decrypt("1234567890123456","12345678901234561234567890123456","xHqKvRQ6FXehOGGMrKoek04146M2l9bv1ScP6C1qCyg=")."\n<br/>";
?>

我发现这种方式可以加密字符串,工作正常,但当我试图解密一个字符串时,上面的代码不起作用.解密输出喜欢

S '= ɚ？

有谁知道如何修复解密部分？提前感谢!

Answer 1

正如我在评论中所述,这就是你所拥有的

  //encrypt
 $encryptxt=mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);  
  $encryptxt64=base64_encode($encryptxt);

 //decrypt 
   $decryptxt=mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);  
  $decryptxt64=base64_decode($decryptxt);

1. 加密
2. base64编码
3. 解码
4. base64解码

应该是FILO(倒数第一)

1. 加密
2. base64编码
3. base64解码
4. 解码

这样你就解密了加密的输出而不是 base64编码的输出,

喜欢如此:

$encryptxt=mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);  
  $encryptxt64=base64_encode($encryptxt);

//decrypt 
 $decryptxt64=base64_decode($str);
$decryptxt=mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$decryptxt64,MCRYPT_MODE_CBC,$iv);  

作为注释,MCRYPT_RIJNDAEL_256不是AES 256,为此您需要MCRYPT_RIJNDAEL_128和32byte密钥,所以在某些方面128更好,(128是更小的块密码)

我建议做的另一件事是在输入字符串中使用md5哈希,然后在加密之前将其预先输入到输入字符串.这样,当您解密它时,您可以包含前32个字符并使用它来检查输入.基本上你需要知道输入字符串才能看出它是否被解密.但是,通过散列它然后比较这样你不再需要知道它来检查它是否有效.

所以一起(没有测试它,但应该让你关闭)

function encrypt ($key,$iv,$str)
{     
  $block=mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
  $padding=$block-(strlen($str) % $block);
  $str.=str_repeat(chr($padding), $padding);  

  ///prepend a md5 hash of the plain text input before encrypting it ( so we can check it later )
  $str = md5( $str ) . $str;

    $encryptxt=mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$str,MCRYPT_MODE_CBC,$iv);  
  $encryptxt64=base64_encode($encryptxt);
  return $encryptxt64;
}
function decrypt ($key,$iv,$str)
{     
  $block=mcrypt_get_block_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
  $padding=$block-(strlen($str) % $block);
  $str.=str_repeat(chr($padding), $padding);  

  $decryptxt64=base64_decode($str);
  $decryptxt=mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$key,$decryptxt64,MCRYPT_MODE_CBC,$iv);  

   ///Separate the md5 hash from the other text, and then hash the other text and compare to the hash we included when encrypting  if they are = it all worked.
  /// it is perfectly safe to use md5 here because it will be part of what we encrypt, and not accessible until it is decrypted. 
 ///it's sole purpose is to give us 2 things we can compare to check that the decryption worked
  $hash = substr( $decryptxt, 0, 32); //find first 32 characters (md5 output is always 32 characters long )
  $decryptxt = substr($decryptxt, 33); //find everything after the fist 32
  if( $hash != md5($decryptxt) ){
        die( 'fail' ); /// or some other error
  }


  return $decryptxt64;
}