Php 简明教程
PHP – Encryption
PHP 的早期版本包含 mcrypt 扩展,它提供了加密/解密功能。由于缺乏维护,mycrypt 扩展已从 PHP 7.2 版本中弃用并删除。PHP 现在包含 OpenSSL 库,该库具有广泛的功能来支持加密和解密功能。
Early versions of PHP included mcrypt extension, that provided encryption/decryption capabilities. Due to lack of maintenance, the mycrypt extension has been deprecated and removed from PHP 7.2 version onwards. PHP now includes OpenSSL library that has an extensive functionality to support encryption and decryption features.
OpenSSL 支持各种加密算法,例如 AES(高级加密标准)。可通过调用 openssl_get_cipher_methods() 函数获取所有受支持的算法。
OpenSSL supports various encryption algorithms such as AES (Advanced Encryption Standard). All the supported algorithms can be obtained by invoking openssl_get_cipher_methods() function.
OpenSSL 扩展中的两个重要函数为 -
The two important functions in OpenSSL extension are −
-
openssl_encrypt() − Encrypts data
-
openssl_decrypt() − Decrypts data
The openssl_encrypt() Function
此函数使用给定的方法和密钥加密给定数据,并返回原始或 base64 编码的字符串 -
This function encrypts the given data with given method and key, and returns a raw or base64 encoded string −
openssl_encrypt(
string $data,
string $cipher_algo,
string $passphrase,
int $options = 0,
string $iv = "",
string &$tag = null,
string $aad = "",
int $tag_length = 16
): string|false该函数具有以下 parameters -
The function has the following parameters −
Sr.No |
Parameter & Description |
1 |
data The plaintext message data to be encrypted. |
2 |
cipher_algo The cipher method. |
3 |
passphrase The passphrase. If the passphrase is shorter than expected, padded with NULL characters; if the passphrase is longer than expected, it is truncated. |
4 |
options options is a bitwise disjunction of the flags OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING. |
5 |
iv A non-NULL Initialization Vector. |
6 |
tag The authentication tag passed by reference when using AEAD cipher mode (GCM or CCM). |
7 |
aad Additional authenticated data. |
8 |
tag_length The length of the authentication tag. Its value can be between 4 and 16 for GCM mode. |
该函数在成功时返回加密字符串,或在失败时返回 false 。
The function returns the encrypted string on success or false on failure.
The openssl_decrypt() Function
此函数获取原始或 base64 编码的字符串并使用给定的方法和密钥对其解密。
This function takes a raw or base64 encoded string and decrypts it using a given method and key.
openssl_decrypt(
string $data,
string $cipher_algo,
string $passphrase,
int $options = 0,
string $iv = "",
?string $tag = null,
string $aad = ""
): string|falseopenssl_decrypt() 函数使用与 openssl_encrypt 函数相同的参数。
The openssl_decrypt() function uses the same parameters as the openssl_encrypt function.
此函数在成功时返回解密字符串,或在失败时返回 false。
This function returns the decrypted string on success or false on failure.
Example
请看以下示例:
Take a look at the following example −
<?php
function sslencrypt($source, $algo, $key, $opt, $iv) {
$encstring = openssl_encrypt($source, $algo, $key, $opt, $iv);
return $encstring;
}
function ssldecrypt($encstring, $algo, $key, $opt, $iv) {
$decrstring = openssl_decrypt($encstring, $algo, $key, $opt, $iv);
return $decrstring;
}
// string to be encrypted
$source = "PHP: Hypertext Preprocessor";
// Display the original string
echo "Before encryption: " . $source . "\n";
$algo = "BF-CBC";
$opt=0;
$ivlength = openssl_cipher_iv_length($algo);
$iv = random_bytes($ivlength);
$key = "abcABC123!@#";
// Encryption process
$encstring = sslencrypt($source, $algo, $key, $opt, $iv);
// Display the encrypted string
echo "Encrypted String: " . $encstring . "\n";
// Decryption process
$decrstring = ssldecrypt($encstring, $algo, $key, $opt, $iv);
// Display the decrypted string
echo "Decrypted String: " . $decrstring;
?>它将生成以下 output −
It will produce the following output −
Before encryption: PHP: Hypertext Preprocessor
Encrypted String:
Decrypted String: