需要配套的PHP加密功能

Question

我在 3 年前构建了一个多层应用程序，它在 .NET 端加密并在 PHP 端解密。我从来没有创建过相应的 PHP Encrypt 函数，因为我认为我永远不需要它。现在我做到了，但我不记得我从哪里得到 PHP 解密。我不太了解 php 加密，无法从头开始构建它并让它与我现有的 php Decrypt() 函数一起使用。

我需要有人指出我的 php Decrypt() 将正确解密的 PHP Encrypt() 函数。以下所有详细信息。

.NET 加密函数：

private string Encrypt(string plainText)
{
    if (string.IsNullOrEmpty(plainText))
        return string.Empty;

    string passPhrase = "secret1";
    string saltValue = "secret2";
    int passwordIterations = 1000;
    string initVector = "pOWaTbO92LfXbh69JkYzfT7P465TNc0h";
    int keySize = 256;

    byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
    byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
    byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);

    Rfc2898DeriveBytes password = new Rfc2898DeriveBytes(passPhrase, saltValueBytes, passwordIterations);

    byte[] keyBytes = password.GetBytes(keySize / 8);

    // Create uninitialized Rijndael encryption object.
    RijndaelManaged symmetricKey = new RijndaelManaged();
    symmetricKey.BlockSize = 256;
    symmetricKey.KeySize = 256;
    symmetricKey.Padding = PaddingMode.Zeros;
    symmetricKey.Mode = CipherMode.CBC;

    ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
    MemoryStream memoryStream = new MemoryStream();
    CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
    cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
    cryptoStream.FlushFinalBlock();
    byte[] cipherTextBytes = memoryStream.ToArray();
    memoryStream.Close();
    cryptoStream.Close();
    string cipherText = Convert.ToBase64String(cipherTextBytes);
    return cipherText;
}

PHP解密函数：

function Decrypt($encryptedText) {
    $p = "secret1";
    $s = "secret2";
    $iv = "pOWaTbO92LfXbh69JkYzfT7P465TNc0h";
    $c = 1000;
    $kl = 32;
    $a = 'sha1';
    $hl = strlen(hash($a, null, true)); # Hash length
    $kb = ceil($kl / $hl);              # Key blocks to compute
    $dk = '';                           # Derived key

    # Create key
    for ( $block = 1; $block <= $kb; $block ++ ) {

        # Initial hash for this block
        $ib = $b = hash_hmac($a, $s . pack('N', $block), $p, true);

        # Perform block iterations
        for ( $i = 1; $i < $c; $i ++ )

            # XOR each iterate
            $ib ^= ($b = hash_hmac($a, $b, $p, true));

        $dk .= $ib; # Append iterated block
    }

    $key = substr($dk, 0, $kl);
    $plainText = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($encryptedText), MCRYPT_MODE_CBC, $iv));

    $textArray = str_split($plainText);
    foreach($textArray as $char) {
        $ascii = ord($char);
        if($ascii < 32 || $ascii > 127){
            return "";
        }
    }

    return $plainText;
}

我的 .NET Encrypt() 和 PHP Decrypt() 可以很好地协同工作，没有问题。有没有一个 PHP 加密英雄可以向我展示一个与发布的 php Decrypt() 函数一起使用的 php Encrypt() 函数？

一个加密示例：“SnoqL/xcgfFBkhZld+QXRnsl7zS9viJpJsbm4MocDUQ=”解密为字符串“443”。没有引号。

Answer 1

下面是带有证明的加密代码。我接受“这是一个测试！”用我的函数加密作为解密函数的输入，该函数成功解密并打印“这是一个测试！”到屏幕上。

<?

echo Decrypt(Encrypt('This is a test!'));

function Encrypt($plainText) {
  $key = createKey();
  $encryptedText = rtrim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $plainText, MCRYPT_MODE_CBC, "pOWaTbO92LfXbh69JkYzfT7P465TNc0h")));

  return $encryptedText;
}

function Decrypt($encryptedText) {
  $key = createKey();
  $plainText = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($encryptedText), MCRYPT_MODE_CBC, "pOWaTbO92LfXbh69JkYzfT7P465TNc0h"));

  return $plainText;
}

function createKey() {
  $p = "secret1";
  $s = "secret2";
  $dk = '';

  for ($block = 1; $block <= 2; $block++) {
    $ib = $b = hash_hmac('sha1', $s . pack('N', $block), $p, true);

    for ($i = 1; $i < 1000; $i++)
      $ib ^= ($b = hash_hmac('sha1', $b, $p, true));
      $dk .= $ib;
  }

  return substr($dk, 0, 32);
}

创建了一个 createKey() 函数，该函数将大量重复代码从我们原本简单的 Decrypt() / Encrypt() 函数中移出。