如何在php中使用AES创建加密/解密函数,并从另一个文件调用该函数
这是我的服务层,包括加密功能如何在php中使用AES创建加密/解密函数,并从另一个文件调用该函数,php,encryption,Php,Encryption,这是我的服务层,包括加密功能 class profileService{ public function passEncrypt($userarray){ $password->setPassword($userarray['password']); $plaintext = 'My secret message 1234'; $password = $password; $method = 'aes-256-cbc'; // Must be exact 32 chars
class profileService{
public function passEncrypt($userarray){
$password->setPassword($userarray['password']);
$plaintext = 'My secret message 1234';
$password = $password;
$method = 'aes-256-cbc';
// Must be exact 32 chars (256 bit)
$password = substr(hash('sha256', $password, true), 0, 32);
echo "Password:" . $password . "\n";
// IV must be exact 16 chars (128 bit)
$iv = chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0);
// av3DYGLkwBsErphcyYp+imUW4QKs19hUnFyyYcXwURU=
$encrypted = base64_encode(openssl_encrypt($plaintext, $method, $password, OPENSSL_RAW_DATA, $iv));
return $encrypted;
// My secret message 1234
//$decrypted = openssl_decrypt(base64_decode($encrypted), $method, $password, OPENSSL_RAW_DATA, $iv);
echo 'plaintext=' . $plaintext . "\n";
echo 'cipher=' . $method . "\n";
echo 'encrypted to: ' . $encrypted . "\n";
// echo 'decrypted to: ' . $decrypted . "\n\n";
}
}
这是我的DAO层,它调用加密函数
$profile = new profileService();
$pass_password= $profile->passEncrypt($userarray);
try {
$conn = $connection;
// our SQL statements
$Pass_user_id = $conn->query("SELECT MAX(id) FROM tb_user")->fetchColumn();
echo "User Last Id from User Table" . $Pass_user_id;
if (!$Pass_user_id) {
die('Could not query:' . mysql_error());
} else {
$sql="INSERT INTO tb_password ( user_id, email,password, status)
VALUES ('$Pass_user_id', '$pass_email','$pass_password','$pass_status' )";
$conn->exec($sql);
}
return 1;
}catch (PDOException $e ) {
/* if ($conn->isTransactionActive()) // this function does NOT exist
$conn->rollBack(); */
echo $e;
throw $e;
}
你可能想看看钠。它是添加到PHP的一个新扩展,基本上为一流的加密函数提供了一个现代接口 在代码中,您自己正在做很多事情,比如构造初始化向量。这是您真正想要做的事情,因此使用PHP内置功能通常是一种更安全的选择。特别是考虑到IV在每次加密时都应该是唯一的,因此您的代码暴露出对密码应该如何工作的严重理解不足。我强烈建议您坚持使用库,而不是自己尝试实现这些相当复杂的概念 见:
(来自PHP的钠集成的作者)感谢您的建议。