💎一站式轻松地调用各大LLM模型接口,支持GPT4、智谱、星火、月之暗面及文生图 广告
<article><h1>Laravel 的加密解密机制</h1><ul><li><a href="#introduction">介绍</a></li><li><a href="#configuration">设置</a></li><li><a href="#using-the-encrypter">基本用法</a></li></ul><p><a name="introduction"></a></p><h2><a href="#introduction">介绍</a></h2><p>Laravel 是利用 OpenSSL 去提供 AES-256 和 AES-128 的加密。强烈建议您使用 Laravel 自己的加密机制,而不是尝试自己的「自制」加密算法。 Laravel 所有加密之后的结果都会使用消息认证码 (MAC) 去签署,所以一旦被加密就无法再改变。</p><p><a name="configuration"></a></p><h2><a href="#configuration">设置</a></h2><p>在使用 Laravel 加密之前, 你必须先设置 <code class=" language-php">config<span class="token operator">/</span>app<span class="token punctuation">.</span>php</code> 配置文件中的 <code class=" language-php">key</code> 选项。由于 Artisan 控制台会使用 PHP 的安全机制为你随机生成 key ,你可以直接使用 <code class=" language-php">php artisan key<span class="token punctuation">:</span>generate</code> 命令去生成 key 。如果没有适当地设置这个值,所有被 Laravel 加密的值都将是不安全的。</p><p><a name="using-the-encrypter"></a></p><h2><a href="#using-the-encrypter">基本用法</a></h2><h4>加密一个值</h4><p>你可以借助 <code class=" language-php">encrypt</code> 辅助函数来加密一个值。这些值都会使用 OpenSSL 与 <code class=" language-php"><span class="token constant">AES</span><span class="token number">-256</span><span class="token operator">-</span><span class="token constant">CBC</span></code> 来进行加密。此外,所有加密过后的值都会被签署文件消息验证码 (MAC),以检测加密字符串是否被篡改过:</p><pre class=" language-php"><code class=" language-php"><span class="token delimiter">&lt;?php</span> <span class="token keyword">namespace</span> <span class="token package">App<span class="token punctuation">\</span>Http<span class="token punctuation">\</span>Controllers</span><span class="token punctuation">;</span> <span class="token keyword">use</span> <span class="token package">App<span class="token punctuation">\</span>User</span><span class="token punctuation">;</span> <span class="token keyword">use</span> <span class="token package">Illuminate<span class="token punctuation">\</span>Http<span class="token punctuation">\</span>Request</span><span class="token punctuation">;</span> <span class="token keyword">use</span> <span class="token package">App<span class="token punctuation">\</span>Http<span class="token punctuation">\</span>Controllers<span class="token punctuation">\</span>Controller</span><span class="token punctuation">;</span> <span class="token keyword">class</span> <span class="token class-name">UserController</span> <span class="token keyword">extends</span> <span class="token class-name">Controller</span> <span class="token punctuation">{</span> <span class="token comment" spellcheck="true">/** * 存储用户保密信息 * * @param Request $request * @param int $id * @return Response */</span> <span class="token keyword">public</span> <span class="token keyword">function</span> <span class="token function">storeSecret<span class="token punctuation">(</span></span>Request <span class="token variable">$request</span><span class="token punctuation">,</span> <span class="token variable">$id</span><span class="token punctuation">)</span> <span class="token punctuation">{</span> <span class="token variable">$user</span> <span class="token operator">=</span> <span class="token scope">User<span class="token punctuation">::</span></span><span class="token function">findOrFail<span class="token punctuation">(</span></span><span class="token variable">$id</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token variable">$user</span><span class="token operator">-</span><span class="token operator">&gt;</span><span class="token function">fill<span class="token punctuation">(</span></span><span class="token punctuation">[</span> <span class="token string">'secret'</span> <span class="token operator">=</span><span class="token operator">&gt;</span> <span class="token function">encrypt<span class="token punctuation">(</span></span><span class="token variable">$request</span><span class="token operator">-</span><span class="token operator">&gt;</span><span class="token property">secret</span><span class="token punctuation">)</span> <span class="token punctuation">]</span><span class="token punctuation">)</span><span class="token operator">-</span><span class="token operator">&gt;</span><span class="token function">save<span class="token punctuation">(</span></span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span></code></pre><h4>不进行序列化的加密解密方法</h4><p>加密值在加密期间通过 <code class=" language-php">serialize</code> 传递,这也就允许对对象和数组进行加密。由此,非PHP客户端接收到加密值将需要 <code class=" language-php">unserialize</code> 数据。如果您希望在不进行序列化的情况下加密和解密值,可以使用 <code class=" language-php">Crypt</code> facade的 <code class=" language-php">encryptString</code> 和 <code class=" language-php">decryptString</code> 方法:</p><pre class=" language-php"><code class=" language-php"><span class="token keyword">use</span> <span class="token package">Illuminate<span class="token punctuation">\</span>Support<span class="token punctuation">\</span>Facades<span class="token punctuation">\</span>Crypt</span><span class="token punctuation">;</span> <span class="token variable">$encrypted</span> <span class="token operator">=</span> <span class="token scope">Crypt<span class="token punctuation">::</span></span><span class="token function">encryptString<span class="token punctuation">(</span></span><span class="token string">'Hello world.'</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token variable">$decrypted</span> <span class="token operator">=</span> <span class="token scope">Crypt<span class="token punctuation">::</span></span><span class="token function">decryptString<span class="token punctuation">(</span></span><span class="token variable">$encrypted</span><span class="token punctuation">)</span><span class="token punctuation">;</span></code></pre><h4>解密一个值</h4><p>你可以借助 <code class=" language-php">decrypt</code> 辅助函数来解密一个值。如果值不能被正确解密,例如当 MAC 无效时,将抛出 <code class=" language-php">Illuminate\<span class="token package">Contracts<span class="token punctuation">\</span>Encryption<span class="token punctuation">\</span>DecryptException</span></code> 异常:</p><pre class=" language-php"><code class=" language-php"><span class="token keyword">use</span> <span class="token package">Illuminate<span class="token punctuation">\</span>Contracts<span class="token punctuation">\</span>Encryption<span class="token punctuation">\</span>DecryptException</span><span class="token punctuation">;</span> <span class="token keyword">try</span> <span class="token punctuation">{</span> <span class="token variable">$decrypted</span> <span class="token operator">=</span> <span class="token function">decrypt<span class="token punctuation">(</span></span><span class="token variable">$encryptedValue</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token keyword">catch</span> <span class="token punctuation">(</span><span class="token class-name">DecryptException</span> <span class="token variable">$e</span><span class="token punctuation">)</span> <span class="token punctuation">{</span> <span class="token comment" spellcheck="true"> // </span><span class="token punctuation">}</span></code></pre><h2>译者署名</h2><table><thead><tr><th>用户名</th><th>头像</th><th>职能</th><th>签名</th></tr></thead><tbody><tr><td><a href="https://github.com/GanymedeNil">@GanymedeNil</a></td><td><img class="avatar-66 rm-style" src="https://dn-phphub.qbox.me/uploads/avatars/6859_1487055454.jpg?imageView2/1/w/100/h/100"></td><td>翻译</td><td>我不是Full Stack Developer 2333 <a href="http://weibo.com/jinhongyang">@GanymedeNil</a></td></tr></tbody></table></article>