php7.1加密解密 openssl_encrypt 替代mcrypt

1 概況

php7.1發(fā)布后新特性吸引了不少PHPer,大家都在討論新特性帶來(lái)的好處與便利。但是從php7.0 升級(jí)到 php7.1 廢棄了一個(gè)在過(guò)去普遍應(yīng)用的擴(kuò)展(mcrypt擴(kuò)展)。官方提供了相應(yīng)的解決提示,卻沒(méi)有提供更詳細(xì)的解決辦法。于是坑來(lái)了….

2 解決

php手冊(cè)目前缺少“ openssl_encrypt ”和“ openssl_decrypt ”功能的文檔,所以花了我一段時(shí)間來(lái)完成我需要做的工作,以使這些功能可以替代mcrypt

2.1 首先,您將需要生成一個(gè)用作256位加密密鑰的偽隨機(jī)字節(jié)串,請(qǐng)求的長(zhǎng)度將為32(32位= 256位)。
$encryption_key_256bit = base64_encode(openssl_random_pseudo_bytes(32));
2.2 現(xiàn)在我們有了關(guān)鍵,我們將創(chuàng)建加密功能。我們將把要編碼的數(shù)據(jù)和我們的密鑰傳遞給該函數(shù)。除了我們的密鑰,還有一個(gè)二次隨機(jī)字符串,我們將創(chuàng)建和使用稱(chēng)為 初始化向量 (IV),有助于加強(qiáng)加密。
function my_encrypt($data, $key) {
    // Remove the base64 encoding from our key
    $encryption_key = base64_decode($key);
    // Generate an initialization vector
    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));
    // Encrypt the data using AES 256 encryption in CBC mode using our encryption key and initialization vector.
    $encrypted = openssl_encrypt($data, 'aes-256-cbc', $encryption_key, 0, $iv);
    // The $iv is just as important as the key for decrypting, so save it with our encrypted data using a unique separator (::)
    return base64_encode($encrypted . '::' . $iv);
}
2.3 現(xiàn)在為解密功能:
function my_decrypt($data, $key) {
      // Remove the base64 encoding from our key
      $encryption_key = base64_decode($key);
      // To decrypt, split the encrypted data from our IV - our unique separator used was "::"
      list($encrypted_data, $iv) = explode('::', base64_decode($data), 2);
      return openssl_decrypt($encrypted_data, 'aes-256-cbc', $encryption_key, 0, $iv);
}

2.4 放在一起測(cè)試

//$key is our base64 encoded 256bit key that we created earlier. You will probably store and define this     key in a config file.
$key = 'bRuD5WYw5wd0rdHR9yLlM6wt2vteuiniQBqE70nAuhU=';

function my_encrypt($data, $key) {
    // Remove the base64 encoding from our key
    $encryption_key = base64_decode($key);
    // Generate an initialization vector
    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));
    // Encrypt the data using AES 256 encryption in CBC mode using our encryption key and initialization vector.
    $encrypted = openssl_encrypt($data, 'aes-256-cbc', $encryption_key, 0, $iv);
    // The $iv is just as important as the key for decrypting, so save it with our encrypted data using a unique separator (::)
    return base64_encode($encrypted . '::' . $iv);
}

function my_decrypt($data, $key) {
    // Remove the base64 encoding from our key
    $encryption_key = base64_decode($key);
    // To decrypt, split the encrypted data from our IV - our unique separator used was "::"
    list($encrypted_data, $iv) = explode('::', base64_decode($data), 2);
    return openssl_decrypt($encrypted_data, 'aes-256-cbc', $encryption_key, 0, $iv);
}

//our data to be encoded
$password_plain = 'abc123';
echo $password_plain . "<br>";

//our data being encrypted. This encrypted data will probably be going into a database
//since it's base64 encoded, it can go straight into a varchar or text database field without corruption worry
$password_encrypted = my_encrypt($password_plain, $key);
echo $password_encrypted . "<br>";

//now we turn our encrypted data back to plain text
$password_decrypted = my_decrypt($password_encrypted, $key);
echo $password_decrypted . "<br>";
2.5 上面的代碼將輸出以下內(nèi)容。請(qǐng)注意,由于我們的初始化向量,每次運(yùn)行代碼時(shí),中間的加密字符串將會(huì)更改:
abc123
K3gzWkxySUd6VkgvQTNJUUtZMjV2UT09Ojpia3sh1zglO3DYodw84855
abc123
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

推薦閱讀更多精彩內(nèi)容