study/uTools-Manuals
1
0
Fork 0
mirror of https://github.com/fofolee/uTools-Manuals.git synced 2025-06-18 05:26:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
uTools-Manuals/docs/php/openssl_encrypt.html
fofolee f782158fb7 v0.0.2
2019-04-28 19:00:34 +08:00

243 lines
17 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>加密数据</title>
</head>
<body class="docs"><div id="layout">
<div id="layout-content"><div id="function.openssl-encrypt" class="refentry">
<div class="refnamediv">
<h1 class="refname">openssl_encrypt</h1>
<p class="verinfo">(PHP 5 &gt;= 5.3.0, PHP 7)</p><p class="refpurpose"><span class="refname">openssl_encrypt</span> &mdash; <span class="dc-title">加密数据</span></p>
</div>
<div class="refsect1 description" id="refsect1-function.openssl-encrypt-description">
<h3 class="title">说明</h3>
<div class="methodsynopsis dc-description">
<span class="methodname"><strong>openssl_encrypt</strong></span>
( <span class="methodparam"><span class="type">string</span> <code class="parameter">$data</code></span>
, <span class="methodparam"><span class="type">string</span> <code class="parameter">$method</code></span>
, <span class="methodparam"><span class="type">string</span> <code class="parameter">$key</code></span>
[, <span class="methodparam"><span class="type">int</span> <code class="parameter">$options</code><span class="initializer"> = 0</span></span>
[, <span class="methodparam"><span class="type">string</span> <code class="parameter">$iv</code><span class="initializer"> = &quot;&quot;</span></span>
[, <span class="methodparam"><span class="type">string</span> <code class="parameter reference">&$tag</code><span class="initializer"> = NULL</span></span>
[, <span class="methodparam"><span class="type">string</span> <code class="parameter">$aad</code><span class="initializer"> = &quot;&quot;</span></span>
[, <span class="methodparam"><span class="type">int</span> <code class="parameter">$tag_length</code><span class="initializer"> = 16</span></span>
]]]]] ) : <span class="type">string</span></div>
<p class="para rdfs-comment">
以指定的方式和 key 加密数据,返回原始或 base64 编码后的字符串。
</p>
</div>
<div class="refsect1 parameters" id="refsect1-function.openssl-encrypt-parameters">
<h3 class="title">参数</h3>
<p class="para">
<dl>
<dt>
<code class="parameter">data</code></dt>
<dd>
<p class="para">
待加密的明文信息数据。
</p>
</dd>
<dt>
<code class="parameter">method</code></dt>
<dd>
<p class="para">
密码学方式。<span class="function"><a href="openssl_get_cipher_methods.html" class="function">openssl_get_cipher_methods()</a></span> 可获取有效密码方式列表。
</p>
</dd>
<dt>
<code class="parameter">key</code></dt>
<dd>
<p class="para">
key。
</p>
</dd>
<dt>
<code class="parameter">options</code></dt>
<dd>
<p class="para">
<code class="parameter">options</code> 是以下标记的按位或:
<strong><code>OPENSSL_RAW_DATA</code></strong>
<strong><code>OPENSSL_ZERO_PADDING</code></strong>
</p>
</dd>
<dt>
<code class="parameter">iv</code></dt>
<dd>
<p class="para">
非 NULL 的初始化向量。
</p>
</dd>
<dt>
<code class="parameter">tag</code></dt>
<dd>
<p class="para">
使用 AEAD 密码模式GCM 或 CCM时传引用的验证标签。
</p>
</dd>
<dt>
<code class="parameter">aad</code></dt>
<dd>
<p class="para">
附加的验证数据。
</p>
</dd>
<dt>
<code class="parameter">tag_length</code></dt>
<dd>
<p class="para">
验证 <code class="parameter">tag</code> 的长度。GCM 模式时,它的范围是 4 到 16。
</p>
</dd>
</dl>
</p>
</div>
<div class="refsect1 returnvalues" id="refsect1-function.openssl-encrypt-returnvalues">
<h3 class="title">返回值</h3>
<p class="para">
成功时返回加密后的字符串, 或者在失败时返回 <strong><code>FALSE</code></strong>
</p>
</div>
<div class="refsect1 errors" id="refsect1-function.openssl-encrypt-errors">
<h3 class="title">错误/异常</h3>
<p class="para">
<code class="parameter">method</code> 传入未知算法时,产生 <strong><code>E_WARNING</code></strong> 级别的错误。
</p>
<p class="para">
<code class="parameter">iv</code> 传入空字符串时产生 <strong><code>E_WARNING</code></strong> 级别的错误。
</p>
</div>
<div class="refsect1 changelog" id="refsect1-function.openssl-encrypt-changelog">
<h3 class="title">更新日志</h3>
<table class="doctable informaltable">
<thead>
<tr>
<th>版本</th>
<th>说明</th>
</tr>
</thead>
<tbody class="tbody">
<tr>
<td>5.3.3</td>
<td>
增加 <code class="parameter">iv</code> 参数。
</td>
</tr>
<tr>
<td>5.4.0</td>
<td>
<code class="parameter">raw_output</code> 改到 <code class="parameter">options</code>
</td>
</tr>
<tr>
<td>7.1.0</td>
<td>增加了 <code class="parameter">tag</code><code class="parameter">aad</code><code class="parameter">tag_length</code> 参数</td>
</tr>
</tbody>
</table>
</div>
<div class="refsect1 examples" id="refsect1-function.openssl-encrypt-examples">
<h3 class="title">范例</h3>
<p class="para">
<div class="example" id="example-930">
<p><strong>Example #1 PHP 7.1+ 下 GCM 模式的 AES 认证加密例子</strong></p>
<div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /></span><span style="color: #FF8000">//$key&nbsp;should&nbsp;have&nbsp;been&nbsp;previously&nbsp;generated&nbsp;in&nbsp;a&nbsp;cryptographically&nbsp;safe&nbsp;way,&nbsp;like&nbsp;openssl_random_pseudo_bytes<br /></span><span style="color: #0000BB">$plaintext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"message&nbsp;to&nbsp;be&nbsp;encrypted"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$cipher&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"aes-128-gcm"</span><span style="color: #007700">;<br />if&nbsp;(</span><span style="color: #0000BB">in_array</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">openssl_get_cipher_methods</span><span style="color: #007700">()))<br />{<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$ivlen&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$iv&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_random_pseudo_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$ciphertext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_encrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$plaintext</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$tag</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #FF8000">//store&nbsp;$cipher,&nbsp;$iv,&nbsp;and&nbsp;$tag&nbsp;for&nbsp;decryption&nbsp;later<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$original_plaintext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_decrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$tag</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #0000BB">$original_plaintext</span><span style="color: #007700">.</span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
</div>
</div>
<div class="example" id="example-931">
<p><strong>Example #2 PHP 5.6+ 的 AES 认证加密例子</strong></p>
<div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /></span><span style="color: #FF8000">//$key&nbsp;previously&nbsp;generated&nbsp;safely,&nbsp;ie:&nbsp;openssl_random_pseudo_bytes<br /></span><span style="color: #0000BB">$plaintext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"message&nbsp;to&nbsp;be&nbsp;encrypted"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$ivlen&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">=</span><span style="color: #DD0000">"AES-128-CBC"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$iv&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_random_pseudo_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext_raw&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_encrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$plaintext</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">OPENSSL_RAW_DATA</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$hmac&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_hmac</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$as_binary</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">base64_encode</span><span style="color: #007700">(&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">.</span><span style="color: #0000BB">$hmac</span><span style="color: #007700">.</span><span style="color: #0000BB">$ciphertext_raw&nbsp;</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//decrypt&nbsp;later....<br /></span><span style="color: #0000BB">$c&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">base64_decode</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ivlen&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">=</span><span style="color: #DD0000">"AES-128-CBC"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$iv&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">0</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$hmac&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$sha2len</span><span style="color: #007700">=</span><span style="color: #0000BB">32</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext_raw&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">+</span><span style="color: #0000BB">$sha2len</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$original_plaintext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_decrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">OPENSSL_RAW_DATA</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$calcmac&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_hmac</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$as_binary</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br />if&nbsp;(</span><span style="color: #0000BB">hash_equals</span><span style="color: #007700">(</span><span style="color: #0000BB">$hmac</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$calcmac</span><span style="color: #007700">))</span><span style="color: #FF8000">//PHP&nbsp;5.6+&nbsp;timing&nbsp;attack&nbsp;safe&nbsp;comparison<br /></span><span style="color: #007700">{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #0000BB">$original_plaintext</span><span style="color: #007700">.</span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
</div>
</div>
</p>
</div>
<div class="refsect1 seealso" id="refsect1-function.openssl-encrypt-seealso">
<h3 class="title">参见</h3>
<p class="para">
<ul class="simplelist">
<li class="member"><span class="function"><a href="openssl_decrypt.html" class="function" rel="rdfs-seeAlso">openssl_decrypt()</a> - 解密数据</span></li>
</ul>
</p>
</div>
</div></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink