PHP encryption and decryption, refer to discuz

Time:2021-1-3
<?php

/**
 *Encryption key
 */
define("ENCRYPT_KEY", "sqltest1179631111");

//Encryption
$password  = "123456";
$enCryPass = demoEncode($password);
var_dump($enCryPass);

//Decryption
$deCryPass = demoDecode($enCryPass);
var_dump($deCryPass);


/**
 *Encryption
 *@ param $password string password before encryption
 * @return false|string
 */
function demoEncode($password)
{
    return authCode($password, "ENCODE", ENCRYPT_KEY);
}

/**
 *Encryption
 *@ param $encrypass string password to decrypt
 * @return false|string
 */
function demoDecode($enCryPass)
{
    return authCode($enCryPass, "DECODE", ENCRYPT_KEY);
}

/**
 *Encryption解密函数
 * awesome authcode encryption function, Discuz! Classic code (with detailed explanation)
 *
 *@ param string $string string, plaintext or ciphertext
 *@ param string $operation decode means decryption, others means encryption
 *@ param string $key
 *@ param int $expiry
 * @return false|string
 */
function authCode($string, $operation = 'DECODE', $key = '', $expiry = 0)
{
    //Dynamic key length: the same plaintext will generate different ciphertexts, which depends on the dynamic key
    $ckey_length = 4;

    //Key
    $key = md5($key);

    //Keya会参与加解密
    $keya = md5(substr($key, 0, 16));
    //Keyb会用来做数据完整性验证
    $keyb = md5(substr($key, 16, 16));
    //Keyc用于变化生成的密文
    $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length) : substr(md5(microtime()), -$ckey_length)) : '';
    //Key involved in operation
    $cryptkey   = $keya . md5($keya . $keyc);
    $key_length = strlen($cryptkey);
    //In plaintext, the first 10 bits are used to save the time stamp, verify the validity of the data during decryption, and 10 to 26 bits are used to save $keyb,
    //Decryption时会通过这个密匙验证数据完整性
    //If it's decoding, it will start at $ckey_ Length bit, because the ciphertext before $ckey_ The length bit holds the dynamic key to ensure correct decryption
    $string        = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0) . substr(md5($string . $keyb), 0, 16) . $string;
    $string_length = strlen($string);
    $result        = '';
    $box           = range(0, 255);
    $rndkey        = array();
    //Generate key book
    for ($i = 0; $i <= 255; $i++) {
        $rndkey[$i] = ord($cryptkey[$i % $key_length]);
    }
    //It seems very complicated to use a fixed algorithm to scramble the key book and increase randomness. In fact, it does not increase the strength of the ciphertext
    for ($j = $i = 0; $i < 256; $i++) {
        $j       = ($j + $box[$i] + $rndkey[$i]) % 256;
        $tmp     = $box[$i];
        $box[$i] = $box[$j];
        $box[$j] = $tmp;
    }
    //Core encryption and decryption part
    for ($a = $j = $i = 0; $i < $string_length; $i++) {
        $a       = ($a + 1) % 256;
        $j       = ($j + $box[$a]) % 256;
        $tmp     = $box[$a];
        $box[$a] = $box[$j];
        $box[$j] = $tmp;
        //Get the key from the key book, XOR it, and then convert it into characters
        $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
    }
    if ($operation == 'DECODE') {
        //To verify the validity of the data, see the format of unencrypted plaintext
        if ((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26) . $keyb), 0, 16)) {
            return substr($result, 26);
        } else {
            return '';
        }
    } else {
        //Save the dynamic key in the ciphertext, which is why the same plaintext can be decrypted after producing different ciphertexts
        //Because the encrypted ciphertext may be some special characters, the copy process may be lost, so use Base64 encoding
        return $keyc . str_replace('=', '', base64_encode($result));
    }
}

Recommended Today

SDS of redis data structure

SDS(simple dynamic string), simple dynamic string. S and it’s called hacking string. Where hack is stored is the length of the string and the remaining space in SDS. The implementation of SDS insds.cIn the middle. C language string uses a character array of length N + 1 to represent the string of length N, and […]