Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/257.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何在php中使用AES创建加密/解密函数,并从另一个文件调用该函数_Php_Encryption - Fatal编程技术网
Fatal编程技术网
  • php/
  • 如何在php中使用AES创建加密/解密函数,并从另一个文件调用该函数

如何在php中使用AES创建加密/解密函数,并从另一个文件调用该函数

php encryption

如何在php中使用AES创建加密/解密函数,并从另一个文件调用该函数,php,encryption,Php,Encryption,这是我的服务层,包括加密功能 class profileService{ public function passEncrypt($userarray){ $password->setPassword($userarray['password']); $plaintext = 'My secret message 1234'; $password = $password; $method = 'aes-256-cbc'; // Must be exact 32 chars

这是我的服务层,包括加密功能

class profileService{   

public function passEncrypt($userarray){

$password->setPassword($userarray['password']); 

$plaintext = 'My secret message 1234';
$password = $password;
$method = 'aes-256-cbc';

// Must be exact 32 chars (256 bit)
$password = substr(hash('sha256', $password, true), 0, 32);
echo "Password:" . $password . "\n";

// IV must be exact 16 chars (128 bit)
$iv = chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0) . chr(0x0);

// av3DYGLkwBsErphcyYp+imUW4QKs19hUnFyyYcXwURU=
$encrypted = base64_encode(openssl_encrypt($plaintext, $method, $password, OPENSSL_RAW_DATA, $iv));
return $encrypted;
// My secret message 1234
//$decrypted = openssl_decrypt(base64_decode($encrypted), $method, $password, OPENSSL_RAW_DATA, $iv);

echo 'plaintext=' . $plaintext . "\n";
echo 'cipher=' . $method . "\n";
echo 'encrypted to: ' . $encrypted . "\n";
//  echo 'decrypted to: ' . $decrypted . "\n\n";
}
}
这是我的DAO层,它调用加密函数

    $profile = new profileService();
    $pass_password= $profile->passEncrypt($userarray);

    try {            
        $conn = $connection;

        // our SQL statements

        $Pass_user_id = $conn->query("SELECT MAX(id) FROM tb_user")->fetchColumn();

        echo "User Last Id from User Table" . $Pass_user_id;
        if (!$Pass_user_id) {
            die('Could not query:' . mysql_error());
        } else {
        $sql="INSERT INTO tb_password ( user_id, email,password, status)
        VALUES ('$Pass_user_id', '$pass_email','$pass_password','$pass_status' )";
        $conn->exec($sql); 
        }

        return 1;     

    }catch (PDOException $e )  {
       /* if ($conn->isTransactionActive())  // this function does NOT exist
            $conn->rollBack(); */
            echo $e;
            throw $e;

    }
你可能想看看钠。它是添加到PHP的一个新扩展,基本上为一流的加密函数提供了一个现代接口

在代码中,您自己正在做很多事情,比如构造初始化向量。这是您真正想要做的事情,因此使用PHP内置功能通常是一种更安全的选择。特别是考虑到IV在每次加密时都应该是唯一的,因此您的代码暴露出对密码应该如何工作的严重理解不足。我强烈建议您坚持使用库,而不是自己尝试实现这些相当复杂的概念

见:
(来自PHP的钠集成的作者)

感谢您的建议。