小皮2017-04-11 10:37:421楼
密文一般都是二进制,为了方便存储和传输一般都base64_encode编码为字符串,解密前先base64_decode.其实就算你知道了加密算法,你也得知道密钥才能解密.下面就看看两种常见类型加密里的主流加密算法:
非对称加密中的RSA:
用openssl生成rsa密钥对(私钥/公钥):
openssl genrsa -out rsa_private_key.pem 1024
openssl rsa -pubout -in rsa_private_key.pem -out rsa_public_key.pem
私钥 rsa_private_key.pem 放在服务器端.
公钥 rsa_public_key.pem 放在Android/iOS/浏览器等客户端.
header('Content-Type: text/plain;charset=utf-8');
$data = 'phpbest';
echo '原始内容: '.$data."\n";
openssl_public_encrypt($data, $encrypted, file_get_contents(dirname(__FILE__).'/rsa_public_key.pem'));
echo '公钥加密: '.base64_encode($encrypted)."\n";
openssl_private_decrypt($encrypted, $decrypted, file_get_contents(dirname(__FILE__).'/rsa_private_key.pem'));
echo '私钥解密: '.$decrypted."\n";
对称加密中的AES(比如可以用来加密用于认证用户身份等敏感cookies):
header('Content-Type: text/plain;charset=utf-8');
$data = 'phpbest';
echo '原始内容: '.$data."\n";
//这是一个很长的密钥,即使超过加密算法(cipher)支持的最大长度
//比如AES密钥最大长度为32,BlowFish为56,输出mcrypt_enc_get_key_size($td)可见.
//md5( uniqid(getmypid().'_'.mt_rand().'_', true) ); 自行生成并保存32位AES密钥
$key = '5951fe63c56c60e18a65064819e3101d';
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_ECB, '');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
mcrypt_generic_init($td, $key, $iv);
$encrypted = mcrypt_generic($td, $data);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
echo '密钥加密: '.base64_encode($encrypted)."\n";
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_ECB, '');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$key = substr($key, 0, mcrypt_enc_get_key_size($td));
mcrypt_generic_init($td, $key, $iv);
$encrypted = base64_decode('nMD7Yrx37U5AZRpXukingESUNYiSUHWThekrmRA0oD0=');
$decrypted = mdecrypt_generic($td, $encrypted);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
echo '密钥解密: '.trim($decrypted)."\n";