企业🤖AI智能体构建引擎,智能编排和调试,一键部署,支持私有化部署方案 广告
[TOC] ## openssl_get_cipher_methods 查看加密算法 <details> <summary>openssl_get_cipher_methods 方法列表</summary> ``` Array ( [0] => AES-128-CBC [1] => AES-128-CFB [2] => AES-128-CFB1 [3] => AES-128-CFB8 [5] => AES-128-OFB [6] => AES-192-CBC [7] => AES-192-CFB [8] => AES-192-CFB1 [9] => AES-192-CFB8 [11] => AES-192-OFB [12] => AES-256-CBC [13] => AES-256-CFB [14] => AES-256-CFB1 [15] => AES-256-CFB8 [17] => AES-256-OFB [18] => BF-CBC [19] => BF-CFB [21] => BF-OFB [22] => CAST5-CBC [23] => CAST5-CFB [25] => CAST5-OFB [41] => IDEA-CBC [42] => IDEA-CFB [44] => IDEA-OFB [53] => aes-128-cbc [54] => aes-128-cfb [55] => aes-128-cfb1 [56] => aes-128-cfb8 [58] => aes-128-ofb [59] => aes-192-cbc [60] => aes-192-cfb [61] => aes-192-cfb1 [62] => aes-192-cfb8 [64] => aes-192-ofb [65] => aes-256-cbc [66] => aes-256-cfb [67] => aes-256-cfb1 [68] => aes-256-cfb8 [70] => aes-256-ofb [71] => bf-cbc [72] => bf-cfb [74] => bf-ofb [75] => cast5-cbc [76] => cast5-cfb [78] => cast5-ofb [94] => idea-cbc [95] => idea-cfb [97] => idea-ofb ) ``` </details> <br/> ## openssl_encrypt / openssl_decrypt 加密/解密 ``` openssl_encrypt($data, $method, $key, $options = 0, $iv = "", &$tag = NULL, $aad = "", $tag_length = 16)} $data 待加密的值 $method 密码学方式。openssl_get_cipher_methods() 可获取有效密码方式列表 $key 盐可用 uniqid();生成 $options OPENSSL_RAW_DATA(推荐) 、 OPENSSL_ZERO_PADDING(会填充 0,和进行 base64加密)。 $iv 8位的向量 如: "12345678" ``` ### method 可选值 不用方法 $vi长度不同 ,可通过 `openssl_cipher_iv_length($methods)`获得长度 `openssl_cipher_iv_length('AES-128-CBC'); //16` ## 常用算法 ### RSA 算法 ASE优,但性能差 不适合长字符的加密 在线生成秘钥对 [http://web.chacuo.net/netrsakeypair](http://web.chacuo.net/netrsakeypair) 秘钥位数越多越安全,密钥格式推荐使用`PKCS#8` ,`PKCS#1`支持老的密码 ``` openssl_private_decrypt — 使用私钥解密数据 openssl_private_encrypt — 使用私钥加密数据 openssl_public_decrypt — 使用公钥解密数据 openssl_public_encrypt — 使用公钥加密数据 ``` ## 实例 ### DES 算法 ``` $data = "thsi si a hello woard"; $methods = "DES-CBC"; $key = uniqid(); echo $key."<br/>"; $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA,"12345678"); var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,"12345678")); ``` ### AES 算法 ``` $data = "thsi si a hello woard"; $methods = "AES-128-CBC"; $key = uniqid(); echo $key."<br/>"; $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA,"1234567812345678"); //向量需要 18 位 var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,"1234567812345678")); ``` 优化key 与向量 ``` $data = "thsi si a hello woard"; $methods = "AES-128-CBC"; $id = uniqid(); $key = md5($id); $vi = substr($key, 0, 16); $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA, $vi); //向量需要 18 位 var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,$vi)); ``` ### 公钥加密,私钥解密 <details> <summary>详情</summary> ``` $public='-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2dBfs3VaQtbSrCTLWhgDrq4C8 KuLKJWotrnTTpdwwS9HV7t7hmAXA7d2WRzN4iiCPuDGOe711rQJo7mE2Vs7thPw3 aJ7YrmFKjvs+IfVhV6bWO1puGmoa5MOYHcdIpW1yTTunHqmho/E331oU5uZaYZ1P m+AyyEoVAJRZgj49VwIDAQAB -----END PUBLIC KEY-----'; $private='-----BEGIN PRIVATE KEY----- MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALZ0F+zdVpC1tKsJ MtaGAOurgLwq4solai2udNOl3DBL0dXu3uGYBcDt3ZZHM3iKII+4MY57vXWtAmju YTZWzu2E/DdontiuYUqO+z4h9WFXptY7Wm4aahrkw5gdx0ilbXJNO6ceqaGj8Tff WhTm5lphnU+b4DLIShUAlFmCPj1XAgMBAAECgYEAsrhdh0P4u5+B7dgA2GpDFJbW b3uC04h6zWyKO5fIa/aZAPoPkOOdHzLhT4dHP9fttVo0EOHc4BwstCRtTRETd6bJ 4K0oyvx54w8Ex0WU4T2hCk9CM7msH4pq5eLO/Os1vMs0xqId/fUDjJksWMWjVVHr a+pcGCQ5zgn67MeVIyECQQDbytSZSAVY807NaLfL0dNuUmFuwzUVQp4QWmF8VdNZ p7bWCKqOBiIHjA1UhuKlz8tED9JdJJRnniBYbBa1tS61AkEA1IKYbPJVK8cWoVXy +GjJep6tXFs8CRAZME/RZdihnY8t6U6zzN4idc2n3honvAoGjXqcmRBv2MrDp+Hb hW73WwJBALg3U2M5owm/u++b8liJgA16TKF6SXaNRE/ugMCmaqM9V5gi4VhyOXlb 4BxVhYd2Fybvn+BjdWM3fGLADXS06/UCQDXJyGLrA3vNLIExjAosG7MZrq+NuChj Fr0PtuScbGvA7dH7xa65GufOYgrpe90wfHAa9MAZVPX+fH9lv3aKm7kCQD4uKMh1 PZKnCOJU6Pw9z1Pvp7JMvrpOLwwh/5rO1/ErEsu1ODxR/L+28jW7HkZhhLyCS6mx /8GEL3TrSAoe+aQ= -----END PRIVATE KEY-----'; $content = "this is a hello word"; var_dump(openssl_public_encrypt($content, $res, $public)); //bool var_dump($res);//加密后的值 var_dump(openssl_private_decrypt($res, $res, $private)); var_dump($res); ``` </details> <br/>