openssl
最后更新于:2022-04-02 02:32:18
[TOC]
## openssl_get_cipher_methods 查看加密算法
## openssl_encrypt / openssl_decrypt 加密/解密 ``` openssl_encrypt($data, $method, $key, $options = 0, $iv = "", &$tag = NULL, $aad = "", $tag_length = 16)} $data 待加密的值 $method 密码学方式。openssl_get_cipher_methods() 可获取有效密码方式列表 $key 盐可用 uniqid();生成 $options OPENSSL_RAW_DATA(推荐) 、 OPENSSL_ZERO_PADDING(会填充 0,和进行 base64加密)。 $iv 8位的向量 如: "12345678" ``` ### method 可选值 不用方法 $vi长度不同 ,可通过 `openssl_cipher_iv_length($methods)`获得长度 `openssl_cipher_iv_length('AES-128-CBC'); //16` ## 常用算法 ### RSA 算法 ASE优,但性能差 不适合长字符的加密 在线生成秘钥对 [http://web.chacuo.net/netrsakeypair](http://web.chacuo.net/netrsakeypair) 秘钥位数越多越安全,密钥格式推荐使用`PKCS#8` ,`PKCS#1`支持老的密码 ``` openssl_private_decrypt — 使用私钥解密数据 openssl_private_encrypt — 使用私钥加密数据 openssl_public_decrypt — 使用公钥解密数据 openssl_public_encrypt — 使用公钥加密数据 ``` ## 实例 ### DES 算法 ``` $data = "thsi si a hello woard"; $methods = "DES-CBC"; $key = uniqid(); echo $key."
"; $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA,"12345678"); var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,"12345678")); ``` ### AES 算法 ``` $data = "thsi si a hello woard"; $methods = "AES-128-CBC"; $key = uniqid(); echo $key."
"; $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA,"1234567812345678"); //向量需要 18 位 var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,"1234567812345678")); ``` 优化key 与向量 ``` $data = "thsi si a hello woard"; $methods = "AES-128-CBC"; $id = uniqid(); $key = md5($id); $vi = substr($key, 0, 16); $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA, $vi); //向量需要 18 位 var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,$vi)); ``` ### 公钥加密,私钥解密
';
openssl_get_cipher_methods 方法列表
``` Array ( [0] => AES-128-CBC [1] => AES-128-CFB [2] => AES-128-CFB1 [3] => AES-128-CFB8 [5] => AES-128-OFB [6] => AES-192-CBC [7] => AES-192-CFB [8] => AES-192-CFB1 [9] => AES-192-CFB8 [11] => AES-192-OFB [12] => AES-256-CBC [13] => AES-256-CFB [14] => AES-256-CFB1 [15] => AES-256-CFB8 [17] => AES-256-OFB [18] => BF-CBC [19] => BF-CFB [21] => BF-OFB [22] => CAST5-CBC [23] => CAST5-CFB [25] => CAST5-OFB [41] => IDEA-CBC [42] => IDEA-CFB [44] => IDEA-OFB [53] => aes-128-cbc [54] => aes-128-cfb [55] => aes-128-cfb1 [56] => aes-128-cfb8 [58] => aes-128-ofb [59] => aes-192-cbc [60] => aes-192-cfb [61] => aes-192-cfb1 [62] => aes-192-cfb8 [64] => aes-192-ofb [65] => aes-256-cbc [66] => aes-256-cfb [67] => aes-256-cfb1 [68] => aes-256-cfb8 [70] => aes-256-ofb [71] => bf-cbc [72] => bf-cfb [74] => bf-ofb [75] => cast5-cbc [76] => cast5-cfb [78] => cast5-ofb [94] => idea-cbc [95] => idea-cfb [97] => idea-ofb ) ```## openssl_encrypt / openssl_decrypt 加密/解密 ``` openssl_encrypt($data, $method, $key, $options = 0, $iv = "", &$tag = NULL, $aad = "", $tag_length = 16)} $data 待加密的值 $method 密码学方式。openssl_get_cipher_methods() 可获取有效密码方式列表 $key 盐可用 uniqid();生成 $options OPENSSL_RAW_DATA(推荐) 、 OPENSSL_ZERO_PADDING(会填充 0,和进行 base64加密)。 $iv 8位的向量 如: "12345678" ``` ### method 可选值 不用方法 $vi长度不同 ,可通过 `openssl_cipher_iv_length($methods)`获得长度 `openssl_cipher_iv_length('AES-128-CBC'); //16` ## 常用算法 ### RSA 算法 ASE优,但性能差 不适合长字符的加密 在线生成秘钥对 [http://web.chacuo.net/netrsakeypair](http://web.chacuo.net/netrsakeypair) 秘钥位数越多越安全,密钥格式推荐使用`PKCS#8` ,`PKCS#1`支持老的密码 ``` openssl_private_decrypt — 使用私钥解密数据 openssl_private_encrypt — 使用私钥加密数据 openssl_public_decrypt — 使用公钥解密数据 openssl_public_encrypt — 使用公钥加密数据 ``` ## 实例 ### DES 算法 ``` $data = "thsi si a hello woard"; $methods = "DES-CBC"; $key = uniqid(); echo $key."
"; $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA,"12345678"); var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,"12345678")); ``` ### AES 算法 ``` $data = "thsi si a hello woard"; $methods = "AES-128-CBC"; $key = uniqid(); echo $key."
"; $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA,"1234567812345678"); //向量需要 18 位 var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,"1234567812345678")); ``` 优化key 与向量 ``` $data = "thsi si a hello woard"; $methods = "AES-128-CBC"; $id = uniqid(); $key = md5($id); $vi = substr($key, 0, 16); $content = openssl_encrypt($data,$methods,$key,OPENSSL_RAW_DATA, $vi); //向量需要 18 位 var_dump($content); var_dump(openssl_decrypt($content,$methods,$key,OPENSSL_RAW_DATA,$vi)); ``` ### 公钥加密,私钥解密