php mcrypt blowfish,php – 从Mcrypt与Blowfish和ECB一起移动到OpenSSL

最新推荐文章于 2025-04-29 09:22:12 发布

小鑫鑫adc

最新推荐文章于 2025-04-29 09:22:12 发布

阅读量232

点赞数

文章标签： php mcrypt blowfish

这很棘手.你可以使用代码.

# cat a.php

function mcrypt_blowfish_encrypt_hex($key, $str)

{

$encrypted = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, $str, MCRYPT_MODE_ECB);

return bin2hex($encrypted);

}

function make_openssl_blowfish_key($key)

{

if("$key" === '')

return $key;

$len = (16+2) * 4;

while(strlen($key) < $len) {

$key .= $key;

}

$key = substr($key, 0, $len);

return $key;

}

function openssl_blowfish_encrypt_hex($key, $str)

{

$blockSize = 8;

$len = strlen($str);

$paddingLen = intval(($len + $blockSize - 1) / $blockSize) * $blockSize - $len;

$padding = str_repeat("\0", $paddingLen);

$data = $str . $padding;

$key = make_openssl_blowfish_key($key);

$encrypted = openssl_encrypt($data, 'BF-ECB', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING);

return bin2hex($encrypted);

}

function openssl_blowfish_decrypt_hex($key, $hex)

{

$key = make_openssl_blowfish_key($key);

$decrypted = openssl_decrypt(hex2bin($hex), 'BF-ECB', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING);

return trim($decrypted);

}

function test()

{

for($i = 1; $i < 32; $i++) {

for($j = 1; $j < 32; $j++) {

$key = str_repeat('' . rand(0, 9), $j);

$str = str_repeat('' . rand(0, 9), $i);

$encoded_openssl = openssl_blowfish_encrypt_hex($key, $str);

$decoded_openssl = openssl_blowfish_decrypt_hex($key, $encoded_openssl);

if($decoded_openssl != $str)

die("encrypt($key, $str) wrong: $encoded_openssl: decrypt failed\n");

if(function_exists('mcrypt_encrypt')) {

$encoded_mcrypt = mcrypt_blowfish_encrypt_hex($key, $str);

if($encoded_openssl != $encoded_mcrypt)

die("encrypt($key, $str) wrong: $encoded_openssl, mcrypt=$encoded_mcrypt\n");

}

echo "key='$key', str='$str', encrypted='$encoded_openssl'\n";

}

echo "openssl: thisismyitemyes:" . openssl_blowfish_encrypt_hex('thisismyitemyes', serialize('6918')) . "\n";

echo "openssl: headphone:" . openssl_blowfish_encrypt_hex('headphone', serialize('581856')) . "\n";

test();

并运行,它的工作原理：

# php a.php

openssl: thisismyitemyes:b192ac0f6105416a710aec3ce92b1085

openssl: headphone:ef057c036eb024865406838c62590a93

key='7', str='3', encrypted='945b638624ecbd5e'

key='22', str='1', encrypted='3daf096bdc744d8a'

key='888', str='0', encrypted='b164bb0b603f439e'

key='2222', str='9', encrypted='d3458df30aef0b4b'

...

key='3333333333333333333333333333333', str='11111111111111111111111111111', encrypted='b0c9bf45d6f5c7b3b0c9bf45d6f5c7b3b0c9bf45d6f5c7b363a25777c712f1d5'

key='4444444444444444444444444444444', str='999999999999999999999999999999', encrypted='dd6aaf466121c0f6dd6aaf466121c0f6dd6aaf466121c0f659a2271369ab6731'

key='7777777777777777777777777777777', str='3333333333333333333333333333333', encrypted='6591e9cc92a6473a6591e9cc92a6473a6591e9cc92a6473a208a7a562babc60c'

问题：

>在ECB模式下忽略IV,因此只需删除代码中的所有IV.

>由于错误：https://bugs.php.net/bug.php?id=72362.在mcrypt中,河豚键由短键循环.但是在openssl中,河豚键是由短键填充零填充.因此,我们需要为openssl创建一个循环密钥来解密mcrypt的加密.>当你使用openssl进行零填充(保持mcrypt的相同输出)时,你应该自己进行填充.好吧,我做了一个获得paddingLen的技巧,但这很简单：只考虑我们应该添加多少字节,使总长度为0/8/16/24/32/40等.