Environment Apache PHP-7.0.12
What problems does encryption solve:
1. Prevent communication content from being eavesdropped;
2.Prevent communication content from being tampered with
Encryption type:
1. Symmetric encryption: Encryption and decryption use the same secret key, for example: DES (Data Encryption Standard), 1977-1999, Cracked in 1999; AES (Advance Encryption Standard), currently the most popular symmetric encryption algorithm
2. Asymmetric encryption: RSA
AES encryption/decryption
1. Use the PHP encryption/decryption function openssl_encrypt/openssl_decrypt
Note: There are many examples using the PHP mcrypt_encrypt() function. The official website explained to me: This function has been DEPRECATED as of PHP 7.1 .0. Relying on this function is highly discouraged.
//获取可用的密码加密算法列表 //$methods = openssl_get_cipher_methods(); //var_dump($methods); # AES加密演示 //明文(要加密的内容) $str = "这是测试用例 我是明文"; //秘钥(用例:使用uniqid()函数生成了一个唯一ID) $key = "5d3fb4acb2292"; //加密算法 $method = "AES-128-CBC"; //加密向量(要求18个字节) $iv = "1234567812345678"; $encrypt_str = openssl_encrypt($str, $method, $key, 0, $iv); var_dump("AES加密结果:".$encrypt_str); # AES解密演示 //$encrypt_str AES加密后产生的密文 //$key 秘钥(同上) $decrypt_str = openssl_decrypt($encrypt_str, $method, $key, 0, $iv); var_dump("AES解密结果:".$decrypt_str);
RSA encryption
1. Public/private key encryption algorithm, which is asymmetric encryption:
2. Advantages: extremely difficult to crack;
3. Disadvantages: slow speed, high number of operations, not suitable for encrypting long text;
//公钥(项目中可在线生产亦可自己生成) $PUBLIC_KEY = "-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJJ7D/U9lHLNQdl4LZSr jNvdCelIraMnSD/iujWxyw/QDLXPCtP06ll42JURGlYaO2DU5c5BKEUF0alyzlE9 XiHRXPl0LabI/CjGtrIB4RApy1PjkQ31QOt+9R2Nmb7RUkfZwnCWHBlNVnwj4U6J woccrlUdElBWU5twFc2PNPbMR6nA/ldUwDpcveNHNp57BrgYfUFcLrjmf2LH6c7X ngBNPbG5ha5pmsaXm8MAqBRtAvIwvUsvJLIr+XRc27pCJFe/1MtS4hHhTPE4un/z Y/tIrpqm6MimdJcs8oqEQPoztfs5BTNu2jVgrKwtWExDXODWmHemQoaCwzgt3wMy 3wIDAQAB -----END PUBLIC KEY-----"; //私钥(项目中可在线生产亦可自己生成) $PRIVATE_KEY = "-----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCkknsP9T2Ucs1B 2XgtlKuM290J6UitoydIP+K6NbHLD9AMtc8K0/TqWXjYlREaVho7YNTlzkEoRQXR qXLOUT1eIdFc+XQtpsj8KMa2sgHhECnLU+ORDfVA6371HY2ZvtFSR9nCcJYcGU1W fCPhTonChxyuVR0SUFZTm3AVzY809sxHqcD+V1TAOly940c2nnsGuBh9QVwuuOZ/ YsfpzteeAE09sbmFrmmaxpebwwCoFG0C8jC9Sy8ksiv5dFzbukIkV7/Uy1LiEeFM 8Ti6f/Nj+0iumqboyKZ0lyzyioRA+jO1+zkFM27aNWCsrC1YTENc4NaYd6ZChoLD OC3fAzLfAgMBAAECggEAUcCieW7uREwzQr7xQFNWVQbzavUEMZ2W6gEydCYwSBt2 0pmOXGamh7QioBSNBnQ3W7/igrZPD94Z4ek3Kt6YiaZrBrC00ejEdt8at6791/vb hzIJHgm9B5701nbz3Kg5+5HNzxV2vEalcI0Cle4Z6RSNXtzRMEPQXoAc0ffnZ/tV 033zAN4nWb9zeLw03/D0nbcpaYA/WbwqsNiTxbbi0s54oTsaOTMBBAK9oH9H2M5J 506iINcKniyMi6i0cf/cQ+tP6VUCOMHdWm/zJmQ5s2eU/2SowSKMXMLIGUH2Q4AX Z2htX4YwvdHGlGA5yPuiMznkFidVcERfbVl9yi54YQKBgQDQYqj2bb0bvD8YuvXx htdBQrxiX53pZ1sVoh5SMxD+Lq6tpn4UtOJw6tpE7tgONmWRaKCH10fgX5nQoXPJ 0Y02qiDyk/TkE0OGiYRTjjkjY3yPkBIz9KRCoIUcwirEfWdzmjFLTq9hiaGo9JXN HcLXOgpAbiQe+qXf9x/waWB/hQKBgQDKLQB9Ep9A6UFlumXaEr971A7HcQI2BsfP kRfCcT1rphnENHCa37o+5i6tTImAXI+aayp9Jpv0rXLbzFbBkdUdUDINulXSsLRT bq3ttbu5c+NG21XW1fvVqf4VYOP7u/l0Z2eBIsg9uLswS3zltTG8ikm+RKhMf1DV PDAOoLmMEwKBgDn0po9a9/Rlx5qmLM7OtMFGwUQO2clXYILEwvATmc9HxncvTfOO V0gWWTxAvUA+qsLlOXhuTGQ/0nSu4pgnusGQUXeF5N8l6Grbhj0C2itYeQUoiZd/ m8uX/01/Rwu84O/K25jZOnfDIn3uAFe6xjy7vKwstckT5txCS9S+SgNNAoGAbvLl Sr32cUvQXMA+9r7FIHJOLfsBaJ6t9mW8cTNtrm63wym4BfXzImN1iBrxdmTVVbur 1IRkn5Cz8JUhoxahqnWBEnGIeZgJTaP2hPXvcCV9uzvQzpYdnrKsQhUq59HPYqcA cSiiVOTUrPswLmsSQVJuh6Dr7xcLSAnAobZoPMsCgYEAsJuY5RcB1sjYortRNsKb KHLiLI93P0MFF46V/343d3BU7TZfETg703Mj2AfOAGTM2p2BkHFri3l+4oigMqpr hAp4hNq4KFK2SCjzedrLV7QIgtp/uMZ+q/yhRtiG8kSWlI9c0Un00+KqIwFqfwAB l1zOX5QcMa1X7eWSvZ559ko= -----END PRIVATE KEY-----"; //待加密明文 $data = "这是RSA待加密明文"; //用于接收加密后的密文 $content_encrypt = ""; # 私钥加密 openssl_private_encrypt($data, $content_encrypt, $PRIVATE_KEY, 1); var_dump("私钥加密结果:".$content_encrypt); # 公钥解密 //$content_encrypt 私钥加密后的密文 //用于接收解密后的明文 $content_decrypt = ""; openssl_public_decrypt($content_encrypt, $content_decrypt, $PUBLIC_KEY, 1); var_dump("公钥解密结果:".$content_decrypt);
One of the API interaction methods in the project ---- Signature/Verification
1. Create a new text.php file ------ Generate signature
//根军 MD5()函数的不可逆性进行签名校验 //首先必须要有 $appKey与$secretKey $appKey = "5d3fb4acb2292"; $secretKey = "5d3fb4acb22925d3fb4acb22925d3fb4acb2292"; $url = "localhost/text_sig.php"; //待传递的参数 $params['appKey'] = $appKey; $params['name'] = "张三"; $params['age'] = "26"; $params['sex'] = "男"; $params['root'] = "admin"; $params['password'] = "123456"; $params['time'] = time(); //获取签名 $params['sig'] = createSig($params,$secretKey); $param_str = http_build_query($params); $url = $url.'?'.$param_str; var_dump($url); //生成签名 function createSig($params,$secretKey){ //对参数进行排序 ksort($params); $str = http_build_query($params); $str .= $secretKey; return md5($str); }
2. Use the URL obtained from the text.php file to access -> Server text_sig.php file ------- Verify signature
//获取传值 $get = $_GET; //获取appKey $appKey = $get['appKey']; //根据appKey获取存储在数据库中对应的secretKey $secretKey = "5d3fb4acb22925d3fb4acb22925d3fb4acb2292"; //判断接口是否过期 if (abs($get['time'] - time()) > 100){ die("Time Out"); } //获取签名 $sig = $get['sig']; //将签名从参数中剔除 unset($get['sig']); //对参数进行排序 ksort($get); //将参数数组转为'&'连接的字符串 $str = http_build_query($get); //参数字符串后拼接$secretKey $str .= $secretKey; //使用MD5加密 $md5_str = md5($str); //将得到的加密后的结果与签名对比 if ($sig === $md5_str){ var_dump("验签成功"); }else{ var_dump("验签失败"); }
Note: The above are only study notes, so they are relatively simple and not rigorous enough.
1. The use must be optimized in actual projects;
2. AES and RSA encryption methods are best used in conjunction with signature/signature verification to prevent the secret key from being eavesdropped and tampered with during the interaction process.
The above is the detailed content of PHP data encryption method. For more information, please follow other related articles on the PHP Chinese website!