我的代码如下所示:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class CardTransaction extends Controller
{
public function store(Request $request) {
$tempToken = $request->token;
$keyValuePair = $request->keyVal;
$protectPayAPI = new ProtectPayApi();
$encryptedString = $protectPayAPI->setUtf8EncodeMd5HashTempToken($tempToken)
->encryptString(utf8_encode($keyValuePair))
->getEncryptedString();
$decryptedString = utf8_decode($protectPayAPI->setUtf8EncodeMd5HashTempToken($tempToken)
->decryptString($encryptedString)
->getDecryptedString());
return response()
->json(['output' => $decryptedString]);
}
}
class ProtectPayApi
{
/* for temp tokens */
private $_tempToken;
/* md5 hash of utf8 encoded temp token */
private $_md5HashUtf8TempToken;
private $_encryptedString;
private $_decryptedString;
/**
* @param string $tempToken
* @return $this
*/
public function setUtf8EncodeMd5HashTempToken($tempToken) {
$this->_tempToken = $tempToken;
$this->_md5HashUtf8TempToken = md5(utf8_encode($tempToken));
return $this;
}
/**
* Encrypts the string using the set $this->_md5HashUtf8TempToken
* @param string $stringToEncrypt
* @return $this
*/
public function encryptString($stringToEncrypt) {
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('AES-128-CBC'));
$this->_encryptedString = openssl_encrypt(
$stringToEncrypt,
'AES-128-CBC',
$this->_md5HashUtf8TempToken,
0,
$iv
);
return $this;
}
public function decryptString($stringToDecrypt) {
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('AES-128-CBC'));
$this->_encryptedString = $stringToDecrypt;
$this->_decryptedString = openssl_decrypt(
$stringToDecrypt,
'AES-128-CBC',
$this->_md5HashUtf8TempToken,
0,
$iv
);
return $this;
}
/**
* @return mixed
*/
public function getEncryptedString() {
return $this->_encryptedString;
}
/**
* @return mixed
*/
public function getDecryptedString() {
return $this->_decryptedString;
}
}
现在我的输入keyVal是:
的authToken = 1f25d31c-e8fe-4d68-be73-f7b439bfa0a329e90de6-4e93-4374-863322cef77467f5&安培; PayerID = 2833955147881261&安培;金额= 10.00&安培;货币代码= USD&安培; ProcessMethod =捕捉&安培; PaymentMethodStorageOption =无&安培; InvoiceNumber = Invoice123&安培;注释1 =注释1&安培; Comment2 = comment2&amp; echo = echotest&amp; ReturnURL = https://il01addproc.propay.com:443/Return.aspx&amp; ProfileId = 3351&amp; PaymentProcessType = CreditCard&amp; StandardEntryClassCode =&amp; DisplayMessage = True&amp; Protected = False。
但我得到的输出是:
?米\吨Q 20 \ u000f 4 X 1C-e8fe-4d68-be73-f7b439bfa0a329e90de6-4e93-4374-863322cef77467f5&安培;??PayerID = 2833955147881261&安培;金额= 10.00&安培;货币代码= USD&安培; ProcessMethod =捕捉&安培; PaymentMethodStorageOption = None&amp; InvoiceNumber = Invoice123&amp; Comment1 = comment1&amp; Comment2 = comment2&amp; echo = echotest&amp; ReturnURL = https://il01addproc.propay.com:443/Return.aspx&amp; ProfileId = 3351&amp; PaymentProcessType = CreditCard&amp; StandardEntryClassCode =&amp; DisplayMessage = True&amp; Protected =假\
现在有什么遗漏因为我得到这个只有95%匹配的字符串吗?
答案 0 :(得分:1)
这是第一个不同的块,这是因为加密和解密的IV不同。
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('AES-128-CBC'));
CBC Mode是自我修复的,所以其余的块都是正确的。
必须在加密和解密时使用相同的IV,在此代码中,为加密和解密创建了一个新的随机IV。
一个普遍接受的方法是使用IV为加密数据添加前缀,它不需要保密。然后在解密时拆分IV和加密数据并使用该IV进行解密。