看一眼mcyrpt_encrypt():
string mcrypt_encrypt ( string $cipher , string $key , string $data ,
string $mode [, string $iv ] )
Set $cipher
to MCRYPT_RIJNDAEL_128
(AES-128),以及$mode
to MCRYPT_MODE_CBC
.
然后使用base64_encode()生成 Base-64 编码输出(即:-a
选项
做)。
openssl 推导密钥和 IV 如下:
Key = MD5(Password + Salt)
IV = MD5(Key + Password + Salt)
Where Salt
是一个8字节的盐。考虑到这一点,我创建了简单的encrypt()
and decrypt()
例程:
function ssl_encrypt($pass, $data) {
$salt = substr(md5(mt_rand(), true), 8);
$key = md5($pass . $salt, true);
$iv = md5($key . $pass . $salt, true);
$ct = mcrypt_encrypt (MCRYPT_RIJNDAEL_128, $key, $data,
MCRYPT_MODE_CBC, $iv);
return base64_encode('Salted__' . $salt . $ct);
}
function ssl_decrypt($pass, $data) {
$data = base64_decode($data);
$salt = substr($data, 8, 8);
$ct = substr($data, 16);
$key = md5($pass . $salt, true);
$iv = md5($key . $pass . $salt, true);
$pt = mcrypt_decrypt (MCRYPT_RIJNDAEL_128, $key, $ct,
MCRYPT_MODE_CBC, $iv);
return $pt;
}
参数$data
获取要加密的字符串。如果你想加密一个文件,你必须通过file_get_contents()
或类似的,然后将其赋予该功能。
Usage:
echo ssl_encrypt('super secret key', 'Hello World');
生成类似的东西(由于随机盐而每次都会改变):
U2FsdGVkX18uygnq8bZYi6f62FzaeAnyB90U6v+Pyrk=