mysql和php中的AES加密
Mysql AES_encrypt中有一个函数mysql和php中的AES加密,php,mysql,codeigniter,encryption,Php,Mysql,Codeigniter,Encryption,Mysql AES_encrypt中有一个函数 SELECT AES_encrypt( "Hello World", "password" ) AS encrypted_value 这将给出结果:9438eb79863e7009722fc3f0ad4b7198 但是当我使用php中的代码进行AES_加密时,它给了我一个不同的值 我从stackoverflow获得的PHP代码-- PHP代码的结果是ytip2sEkD87gmRk3IVI09qE7T+RoLr20YK4rJp16NkY= p
SELECT AES_encrypt( "Hello World", "password" ) AS encrypted_value
这将给出结果:9438eb79863e7009722fc3f0ad4b7198
但是当我使用php中的代码进行AES_加密时,它给了我一个不同的值
我从stackoverflow获得的PHP代码--
PHP代码的结果是ytip2sEkD87gmRk3IVI09qE7T+RoLr20YK4rJp16NkY=
php或codeigniter中是否有方法返回相同的值。?
--谢谢。MySQL AES\u加密使用128位密钥长度-参考 而PHP代码使用256位密钥长度
要解决此问题,您应该能够使用“MCRYPT_RIJNDAEL_128”而不是256。您使用的代码有三个问题:
MCRYPT_RIJNDAEL_256
,而如下所述:
使用128位密钥长度编码,但可以通过修改源代码将其扩展到256位。我们选择128位是因为它速度快得多,而且对于大多数用途来说都足够安全
base64_encode()
将PHP的二进制结果转换为文本,而MySQL结果似乎只是二进制结果的十六进制表示。您可以从v5.6.1开始在MySQL中使用,也可以在PHP中使用<?php
class MySQL_Function {
const PKCS7 = 1;
private static function pad($string, $mode, $blocksize = 16) {
$len = $blocksize - (strlen($string) % $blocksize);
switch ($mode) {
case self::PKCS7:
$padding = str_repeat(chr($len), $len); break;
default:
throw new Exception();
}
return $string.$padding;
}
public static function AES_ENCRYPT($str, $key_str) {
return mcrypt_encrypt(
MCRYPT_RIJNDAEL_128,
$key_str, self::pad($str, self::PKCS7),
MCRYPT_MODE_ECB
);
}
}
echo bin2hex(MySQL_Function::AES_encrypt( "Hello World", "password" ));
?>
公认的答案是可行的,但代码太多了,下面是一行代码
function aes_encrypt_str($val,$key){
return mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$key, $val,MCRYPT_MODE_ECB,mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256,MCRYPT_MODE_ECB),MCRYPT_RAND));
}
mcrypt\u encrypt
已被弃用,因此这里有一个解决方案,它可以转而使用openssl\u encrypt
。说实话,我不知道这一切是怎么回事。它是我在mcrypt\u ENCRYPT
中复制MySQL的AES\u ENCRYPT
然后在openssl\u ENCRYPT
中复制mcrypt\u ENCRYPT
的一些解决方案的组合。从AES_ENCRYPT
中用作salt参数的内容生成密钥,以及理解何时使用哪个密码,我有点难以理解。但我可以说,这些函数经过时间测试,在功能上与MySql对应的函数完全相同
if (!function_exists('mysql_aes_key')) {
/**
* @param string $key
* @return string
*/
function mysql_aes_key($key)
{
$new_key = str_repeat(chr(0), 16);
for ($i = 0, $len = strlen($key); $i < $len; $i++) {
$new_key[$i % 16] = $new_key[$i % 16] ^ $key[$i];
}
return $new_key;
}
}
if (!function_exists('aes_encrypt')) {
/**
* @param string $val
* @param string $cypher
* @param bool $mySqlKey
* @return string
* @throws \BadFunctionCallException
*/
function aes_encrypt($val, $cypher = null, $mySqlKey = true)
{
$salt = getenv('SALT') ?: '1234567890abcdefg';
$key = $mySqlKey ? mysql_aes_key($salt) : $salt;
if (function_exists('mcrypt_encrypt')) {
$cypher = (!$cypher || $cypher == strtolower('aes-128-ecb')) ? MCRYPT_RIJNDAEL_128 : $cypher;
$pad_value = 16 - (strlen($val) % 16);
$val = str_pad($val, (16 * (floor(strlen($val) / 16) + 1)), chr($pad_value));
return @mcrypt_encrypt($cypher, $key, $val, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_DEV_URANDOM));
} elseif (function_exists('openssl_encrypt')) {
//TODO: Create a more comprehensive map of mcrypt <-> openssl cyphers
$cypher = (!$cypher || $cypher == MCRYPT_RIJNDAEL_128) ? 'aes-128-ecb' : $cypher;
return openssl_encrypt($val, $cypher, $key, true);
}
throw new \BadFunctionCallException('No encryption function could be found.');
}
}
if (!function_exists('aes_decrypt')) {
/**
* @param string $val
* @param string $cypher
* @param bool $mySqlKey
* @return string
* @throws \BadFunctionCallException
*/
function aes_decrypt($val, $cypher = null, $mySqlKey = true)
{
$salt = getenv('SALT') ?: '1234567890abcdefg';
$key = $mySqlKey ? mysql_aes_key($salt) : $salt;
if (function_exists('mcrypt_decrypt')) {
$cypher = (!$cypher || $cypher == strtolower('aes-128-ecb')) ? MCRYPT_RIJNDAEL_128 : $cypher;
$val = @mcrypt_decrypt($cypher, $key, $val, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_DEV_URANDOM));
return rtrim($val, chr(0)."..".chr(16));
} elseif (function_exists('openssl_decrypt')) {
//TODO: Create a more comprehensive map of mcrypt <-> openssl cyphers
$cypher = (!$cypher || $cypher == MCRYPT_RIJNDAEL_128) ? 'aes-128-ecb' : $cypher;
return openssl_decrypt($val, $cypher, $key, true);
}
throw new \BadFunctionCallException('No decryption function could be found.');
}
}
我用php函数加密一个值,然后用MySQL函数解密,反之亦然。第一个是十六进制格式,第二个是base64?首先,MySQL使用128位aes,php代码使用256位。
if (!function_exists('mysql_aes_key')) {
/**
* @param string $key
* @return string
*/
function mysql_aes_key($key)
{
$new_key = str_repeat(chr(0), 16);
for ($i = 0, $len = strlen($key); $i < $len; $i++) {
$new_key[$i % 16] = $new_key[$i % 16] ^ $key[$i];
}
return $new_key;
}
}
if (!function_exists('aes_encrypt')) {
/**
* @param string $val
* @param string $cypher
* @param bool $mySqlKey
* @return string
* @throws \BadFunctionCallException
*/
function aes_encrypt($val, $cypher = null, $mySqlKey = true)
{
$salt = getenv('SALT') ?: '1234567890abcdefg';
$key = $mySqlKey ? mysql_aes_key($salt) : $salt;
if (function_exists('mcrypt_encrypt')) {
$cypher = (!$cypher || $cypher == strtolower('aes-128-ecb')) ? MCRYPT_RIJNDAEL_128 : $cypher;
$pad_value = 16 - (strlen($val) % 16);
$val = str_pad($val, (16 * (floor(strlen($val) / 16) + 1)), chr($pad_value));
return @mcrypt_encrypt($cypher, $key, $val, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_DEV_URANDOM));
} elseif (function_exists('openssl_encrypt')) {
//TODO: Create a more comprehensive map of mcrypt <-> openssl cyphers
$cypher = (!$cypher || $cypher == MCRYPT_RIJNDAEL_128) ? 'aes-128-ecb' : $cypher;
return openssl_encrypt($val, $cypher, $key, true);
}
throw new \BadFunctionCallException('No encryption function could be found.');
}
}
if (!function_exists('aes_decrypt')) {
/**
* @param string $val
* @param string $cypher
* @param bool $mySqlKey
* @return string
* @throws \BadFunctionCallException
*/
function aes_decrypt($val, $cypher = null, $mySqlKey = true)
{
$salt = getenv('SALT') ?: '1234567890abcdefg';
$key = $mySqlKey ? mysql_aes_key($salt) : $salt;
if (function_exists('mcrypt_decrypt')) {
$cypher = (!$cypher || $cypher == strtolower('aes-128-ecb')) ? MCRYPT_RIJNDAEL_128 : $cypher;
$val = @mcrypt_decrypt($cypher, $key, $val, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_DEV_URANDOM));
return rtrim($val, chr(0)."..".chr(16));
} elseif (function_exists('openssl_decrypt')) {
//TODO: Create a more comprehensive map of mcrypt <-> openssl cyphers
$cypher = (!$cypher || $cypher == MCRYPT_RIJNDAEL_128) ? 'aes-128-ecb' : $cypher;
return openssl_decrypt($val, $cypher, $key, true);
}
throw new \BadFunctionCallException('No decryption function could be found.');
}
}
putenv('SALT=1234567890abcdefg');
aes_encrypt('some_value') === SELECT AES_ENCRYPT('some_value', '1234567890abcdefg')
aes_decrypt('some_encrypted_value') === SELECT AES_DECRYPT('some_encrypted_value', '1234567890abcdefg')