mirror of
				https://github.com/fofolee/uTools-Manuals.git
				synced 2025-10-25 22:03:08 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			243 lines
		
	
	
		
			17 KiB
		
	
	
	
		
			HTML
		
	
	
	
	
	
			
		
		
	
	
			243 lines
		
	
	
		
			17 KiB
		
	
	
	
		
			HTML
		
	
	
	
	
	
| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 | ||
| <html>
 | ||
|  <head>
 | ||
|   <meta http-equiv="content-type" content="text/html; charset=UTF-8">
 | ||
|   <title>加密数据</title>
 | ||
|  </head>
 | ||
|  <body class="docs"><div id="layout">
 | ||
|   <div id="layout-content"><div id="function.openssl-encrypt" class="refentry">
 | ||
|  <div class="refnamediv">
 | ||
|   <h1 class="refname">openssl_encrypt</h1>
 | ||
|   <p class="verinfo">(PHP 5 >= 5.3.0, PHP 7)</p><p class="refpurpose"><span class="refname">openssl_encrypt</span> — <span class="dc-title">加密数据</span></p>
 | ||
| 
 | ||
|  </div>
 | ||
| 
 | ||
|  <div class="refsect1 description" id="refsect1-function.openssl-encrypt-description">
 | ||
|   <h3 class="title">说明</h3>
 | ||
|   <div class="methodsynopsis dc-description">
 | ||
|    <span class="methodname"><strong>openssl_encrypt</strong></span>
 | ||
|     ( <span class="methodparam"><span class="type">string</span> <code class="parameter">$data</code></span>
 | ||
|    , <span class="methodparam"><span class="type">string</span> <code class="parameter">$method</code></span>
 | ||
|    , <span class="methodparam"><span class="type">string</span> <code class="parameter">$key</code></span>
 | ||
|    [, <span class="methodparam"><span class="type">int</span> <code class="parameter">$options</code><span class="initializer"> = 0</span></span>
 | ||
|    [, <span class="methodparam"><span class="type">string</span> <code class="parameter">$iv</code><span class="initializer"> = ""</span></span>
 | ||
|    [, <span class="methodparam"><span class="type">string</span> <code class="parameter reference">&$tag</code><span class="initializer"> = NULL</span></span>
 | ||
|    [, <span class="methodparam"><span class="type">string</span> <code class="parameter">$aad</code><span class="initializer"> = ""</span></span>
 | ||
|    [, <span class="methodparam"><span class="type">int</span> <code class="parameter">$tag_length</code><span class="initializer"> = 16</span></span>
 | ||
|   ]]]]] ) : <span class="type">string</span></div>
 | ||
| 
 | ||
|   <p class="para rdfs-comment">
 | ||
|    以指定的方式和 key 加密数据,返回原始或 base64 编码后的字符串。
 | ||
|   </p>
 | ||
|  </div>
 | ||
| 
 | ||
| 
 | ||
|  <div class="refsect1 parameters" id="refsect1-function.openssl-encrypt-parameters">
 | ||
|   <h3 class="title">参数</h3>
 | ||
|   <p class="para">
 | ||
|    <dl>
 | ||
| 
 | ||
|     
 | ||
|      <dt>
 | ||
| <code class="parameter">data</code></dt>
 | ||
| 
 | ||
|      <dd>
 | ||
| 
 | ||
|       <p class="para">
 | ||
|        待加密的明文信息数据。
 | ||
|       </p>
 | ||
|      </dd>
 | ||
| 
 | ||
|     
 | ||
|     
 | ||
|      <dt>
 | ||
| <code class="parameter">method</code></dt>
 | ||
| 
 | ||
|      <dd>
 | ||
| 
 | ||
|       <p class="para">
 | ||
|        密码学方式。<span class="function"><a href="openssl_get_cipher_methods.html" class="function">openssl_get_cipher_methods()</a></span> 可获取有效密码方式列表。
 | ||
|       </p>
 | ||
|      </dd>
 | ||
| 
 | ||
|     
 | ||
|     
 | ||
|      <dt>
 | ||
| <code class="parameter">key</code></dt>
 | ||
| 
 | ||
|      <dd>
 | ||
| 
 | ||
|       <p class="para">
 | ||
|        key。
 | ||
|       </p>
 | ||
|      </dd>
 | ||
| 
 | ||
|     
 | ||
|     
 | ||
|       <dt>
 | ||
| <code class="parameter">options</code></dt>
 | ||
| 
 | ||
|       <dd>
 | ||
| 
 | ||
|         <p class="para">
 | ||
|           <code class="parameter">options</code> 是以下标记的按位或:
 | ||
|           <strong><code>OPENSSL_RAW_DATA</code></strong> 、
 | ||
|           <strong><code>OPENSSL_ZERO_PADDING</code></strong>。
 | ||
|         </p>
 | ||
|       </dd>
 | ||
| 
 | ||
|     
 | ||
|     
 | ||
|      <dt>
 | ||
| <code class="parameter">iv</code></dt>
 | ||
| 
 | ||
|      <dd>
 | ||
| 
 | ||
|       <p class="para">
 | ||
|        非 NULL 的初始化向量。
 | ||
|       </p>
 | ||
|      </dd>
 | ||
| 
 | ||
|     
 | ||
|     
 | ||
|      <dt>
 | ||
| <code class="parameter">tag</code></dt>
 | ||
| 
 | ||
|      <dd>
 | ||
| 
 | ||
|       <p class="para">
 | ||
|        使用 AEAD 密码模式(GCM 或 CCM)时传引用的验证标签。
 | ||
|       </p>
 | ||
|      </dd>
 | ||
| 
 | ||
|     
 | ||
|     
 | ||
|      <dt>
 | ||
| <code class="parameter">aad</code></dt>
 | ||
| 
 | ||
|      <dd>
 | ||
| 
 | ||
|       <p class="para">
 | ||
|        附加的验证数据。
 | ||
|       </p>
 | ||
|      </dd>
 | ||
| 
 | ||
|     
 | ||
|     
 | ||
|      <dt>
 | ||
| <code class="parameter">tag_length</code></dt>
 | ||
| 
 | ||
|      <dd>
 | ||
| 
 | ||
|       <p class="para">
 | ||
|        验证 <code class="parameter">tag</code> 的长度。GCM 模式时,它的范围是 4 到 16。
 | ||
|       </p>
 | ||
|      </dd>
 | ||
| 
 | ||
|     
 | ||
|    </dl>
 | ||
| 
 | ||
|   </p>
 | ||
|  </div>
 | ||
| 
 | ||
| 
 | ||
|  <div class="refsect1 returnvalues" id="refsect1-function.openssl-encrypt-returnvalues">
 | ||
|   <h3 class="title">返回值</h3>
 | ||
|   <p class="para">
 | ||
|    成功时返回加密后的字符串, 或者在失败时返回 <strong><code>FALSE</code></strong>。
 | ||
|   </p>
 | ||
|  </div>
 | ||
| 
 | ||
| 
 | ||
|  <div class="refsect1 errors" id="refsect1-function.openssl-encrypt-errors">
 | ||
|   <h3 class="title">错误/异常</h3>
 | ||
|   <p class="para">
 | ||
|    <code class="parameter">method</code> 传入未知算法时,产生 <strong><code>E_WARNING</code></strong> 级别的错误。
 | ||
|   </p>
 | ||
|   <p class="para">
 | ||
|    <code class="parameter">iv</code> 传入空字符串时产生 <strong><code>E_WARNING</code></strong> 级别的错误。
 | ||
|   </p>
 | ||
|  </div>
 | ||
| 
 | ||
| 
 | ||
|  <div class="refsect1 changelog" id="refsect1-function.openssl-encrypt-changelog">
 | ||
|   <h3 class="title">更新日志</h3>
 | ||
|   <table class="doctable informaltable">
 | ||
|    
 | ||
|     <thead>
 | ||
|      <tr>
 | ||
|       <th>版本</th>
 | ||
|       <th>说明</th>
 | ||
|      </tr>
 | ||
| 
 | ||
|     </thead>
 | ||
| 
 | ||
|     <tbody class="tbody">
 | ||
|      <tr>
 | ||
|       <td>5.3.3</td>
 | ||
|       <td>
 | ||
|        增加 <code class="parameter">iv</code> 参数。
 | ||
|       </td>
 | ||
|      </tr>
 | ||
| 
 | ||
|      <tr>
 | ||
|       <td>5.4.0</td>
 | ||
|       <td>
 | ||
|        <code class="parameter">raw_output</code> 改到 <code class="parameter">options</code>。
 | ||
|       </td>
 | ||
|      </tr>
 | ||
| 
 | ||
|      <tr>
 | ||
|       <td>7.1.0</td>
 | ||
|       <td>增加了 <code class="parameter">tag</code>、<code class="parameter">aad</code>、<code class="parameter">tag_length</code> 参数</td>
 | ||
|      </tr>
 | ||
| 
 | ||
|     </tbody>
 | ||
|    
 | ||
|   </table>
 | ||
| 
 | ||
|  </div>
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
|  <div class="refsect1 examples" id="refsect1-function.openssl-encrypt-examples">
 | ||
|   <h3 class="title">范例</h3>
 | ||
|   <p class="para">
 | ||
|    <div class="example" id="example-930">
 | ||
|     <p><strong>Example #1 PHP 7.1+  下 GCM 模式的 AES 认证加密例子</strong></p>
 | ||
|     <div class="example-contents">
 | ||
| <div class="phpcode"><pre><span style="color: #000000">
 | ||
| <span style="color: #0000BB"><?php<br /></span><span style="color: #FF8000">//$key should have been previously generated in a cryptographically safe way, like openssl_random_pseudo_bytes<br /></span><span style="color: #0000BB">$plaintext </span><span style="color: #007700">= </span><span style="color: #DD0000">"message to be encrypted"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$cipher </span><span style="color: #007700">= </span><span style="color: #DD0000">"aes-128-gcm"</span><span style="color: #007700">;<br />if (</span><span style="color: #0000BB">in_array</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">, </span><span style="color: #0000BB">openssl_get_cipher_methods</span><span style="color: #007700">()))<br />{<br />    </span><span style="color: #0000BB">$ivlen </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">);<br />    </span><span style="color: #0000BB">$iv </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_random_pseudo_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br />    </span><span style="color: #0000BB">$ciphertext </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_encrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$plaintext</span><span style="color: #007700">, </span><span style="color: #0000BB">$cipher</span><span style="color: #007700">, </span><span style="color: #0000BB">$key</span><span style="color: #007700">, </span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv</span><span style="color: #007700">, </span><span style="color: #0000BB">$tag</span><span style="color: #007700">);<br />    </span><span style="color: #FF8000">//store $cipher, $iv, and $tag for decryption later<br />    </span><span style="color: #0000BB">$original_plaintext </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_decrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext</span><span style="color: #007700">, </span><span style="color: #0000BB">$cipher</span><span style="color: #007700">, </span><span style="color: #0000BB">$key</span><span style="color: #007700">, </span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv</span><span style="color: #007700">, </span><span style="color: #0000BB">$tag</span><span style="color: #007700">);<br />    echo </span><span style="color: #0000BB">$original_plaintext</span><span style="color: #007700">.</span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #0000BB">?></span>
 | ||
| </span>
 | ||
| </pre></div>
 | ||
|     </div>
 | ||
| 
 | ||
|    </div>
 | ||
| 
 | ||
|    <div class="example" id="example-931">
 | ||
|     <p><strong>Example #2 PHP 5.6+ 的 AES 认证加密例子</strong></p>
 | ||
|     <div class="example-contents">
 | ||
| <div class="phpcode"><pre><span style="color: #000000">
 | ||
| <span style="color: #0000BB"><?php<br /></span><span style="color: #FF8000">//$key previously generated safely, ie: openssl_random_pseudo_bytes<br /></span><span style="color: #0000BB">$plaintext </span><span style="color: #007700">= </span><span style="color: #DD0000">"message to be encrypted"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$ivlen </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">=</span><span style="color: #DD0000">"AES-128-CBC"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$iv </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_random_pseudo_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext_raw </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_encrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$plaintext</span><span style="color: #007700">, </span><span style="color: #0000BB">$cipher</span><span style="color: #007700">, </span><span style="color: #0000BB">$key</span><span style="color: #007700">, </span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">OPENSSL_RAW_DATA</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$hmac </span><span style="color: #007700">= </span><span style="color: #0000BB">hash_hmac</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">, </span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">, </span><span style="color: #0000BB">$key</span><span style="color: #007700">, </span><span style="color: #0000BB">$as_binary</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext </span><span style="color: #007700">= </span><span style="color: #0000BB">base64_encode</span><span style="color: #007700">( </span><span style="color: #0000BB">$iv</span><span style="color: #007700">.</span><span style="color: #0000BB">$hmac</span><span style="color: #007700">.</span><span style="color: #0000BB">$ciphertext_raw </span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//decrypt later....<br /></span><span style="color: #0000BB">$c </span><span style="color: #007700">= </span><span style="color: #0000BB">base64_decode</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ivlen </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">=</span><span style="color: #DD0000">"AES-128-CBC"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$iv </span><span style="color: #007700">= </span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">, </span><span style="color: #0000BB">0</span><span style="color: #007700">, </span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$hmac </span><span style="color: #007700">= </span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">, </span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">, </span><span style="color: #0000BB">$sha2len</span><span style="color: #007700">=</span><span style="color: #0000BB">32</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext_raw </span><span style="color: #007700">= </span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">, </span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">+</span><span style="color: #0000BB">$sha2len</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$original_plaintext </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_decrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">, </span><span style="color: #0000BB">$cipher</span><span style="color: #007700">, </span><span style="color: #0000BB">$key</span><span style="color: #007700">, </span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">OPENSSL_RAW_DATA</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$calcmac </span><span style="color: #007700">= </span><span style="color: #0000BB">hash_hmac</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">, </span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">, </span><span style="color: #0000BB">$key</span><span style="color: #007700">, </span><span style="color: #0000BB">$as_binary</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br />if (</span><span style="color: #0000BB">hash_equals</span><span style="color: #007700">(</span><span style="color: #0000BB">$hmac</span><span style="color: #007700">, </span><span style="color: #0000BB">$calcmac</span><span style="color: #007700">))</span><span style="color: #FF8000">//PHP 5.6+ timing attack safe comparison<br /></span><span style="color: #007700">{<br />    echo </span><span style="color: #0000BB">$original_plaintext</span><span style="color: #007700">.</span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #0000BB">?></span>
 | ||
| </span>
 | ||
| </pre></div>
 | ||
|     </div>
 | ||
| 
 | ||
|    </div>
 | ||
| 
 | ||
|   </p>
 | ||
|  </div>
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
|  <div class="refsect1 seealso" id="refsect1-function.openssl-encrypt-seealso">
 | ||
|   <h3 class="title">参见</h3>
 | ||
|   <p class="para">
 | ||
|    <ul class="simplelist">
 | ||
|     <li class="member"><span class="function"><a href="openssl_decrypt.html" class="function" rel="rdfs-seeAlso">openssl_decrypt()</a> - 解密数据</span></li>
 | ||
|    </ul>
 | ||
|   </p>
 | ||
|  </div>
 | ||
| 
 | ||
| 
 | ||
| </div></div></div></body></html> |