我在PHP和C ++中都有一个类,只需要一个值字符串和salt字符串来为隐私做一些腌制。这个想法是一个PHP脚本将加密一个字符串,供C ++程序接收和解密。他们使用预共享盐串,同步模式。
问题在于它们看起来是相同的逻辑,它们会为加密相同的字符串生成不同的结果。这意味着对字符串的任何一端进行解密都不会导致它被赋予原始字符串。
这可能是我错过或犯了错误的事情。或者它可能与使用字符编码的PHP相关,其中C ++是原始比特流。 PHP脚本设置为使用纯文本输出,使用'us-ascii'编码。
这是PHP类:
define( 'NUM_STRINGS', 256 );
class CTwEncryption
{
function Crypt( $szValue, $szSalt )
{
$iValueSize = (int)strlen( $szValue );
$iSaltSize = (int)strlen( $szSalt );
$szStrings = array();
$szKeys = array();
$j = 1;
// Init array of 0-255
for ( $i = 0; $i < NUM_STRINGS; $i++ )
$szStrings[ $i ] = $i;
// Init array of 0-255 with a calculated char value
for ( $i = 0; $i < NUM_STRINGS; $i++ )
{
if ( $j > $iSaltSize )
$j = 1;
$szKeys[ $i ] = ord( substr( $szSalt, $j, 1 ) );
$j++;
}
// Shuffle the array values around to give a random value
$j = 0;
for ( $i = 0; $i < NUM_STRINGS; $i++ )
{
$j = ( $j + $szStrings[ $i ] + $szKeys[ $i ] ) % NUM_STRINGS;
$szTemp = $szStrings[ $i ];
$szStrings[ $i ] = $szStrings[ $j ];
$szStrings[ $j ] = $szTemp;
}
// Encrypt/decrypt the string
$szReturnValue = null;
$i = 0;
$j = 0;
for ( $x = 0; $x < $iValueSize; $x++ )
{
$i = ( $i + 1 ) % NUM_STRINGS;
$j = ( $j + $szStrings[ $i ] ) % NUM_STRINGS;
$szTemp = $szStrings[ $i ];
$szStrings[ $i ] = $szStrings[ $j ];
$szStrings[ $j ] = $szTemp;
$t = ( $szStrings[ $i ] + ( $szStrings[ $j ] % NUM_STRINGS ) ) % NUM_STRINGS;
$y = $szStrings[ $t ];
$cCrypt = chr( substr( $szValue, $x, 1 ) ^ $y );
$szReturnValue .= $cCrypt;
}
// Return encrypted/decrypted string
return $szReturnValue;
}
}
这是C ++类:
#define NUM_STRINGS 256
class CTwEncryption
{
private:
char *szWorking;
public:
CTwEncryption() { szWorking = NULL; };
~CTwEncryption() { if ( szWorking != NULL ) { delete szWorking; szWorking = NULL; } };
char *Crypt( const char szValue[], const char szSalt[] )
{
const int iValueSize = (int)strlen( szValue );
const int iSaltSize = (int)strlen( szSalt );
if ( iValueSize == 0 || iSaltSize == 0 )
return NULL;
int j = 1;
char *szStrings[ NUM_STRINGS ];
char *szKeys[ NUM_STRINGS ];
// Init array of 0-255
for ( int i = 0; i < NUM_STRINGS; i++ )
{
char *szString = new char[ iValueSize + 1 ];
itoa( i, szString, 10 );
szString[ iValueSize ] = 0;
szStrings[ i ] = szString;
}
// Init array of 0-255 with a calculated char value
for ( int i = 0; i < NUM_STRINGS; i++ )
{
char *szKey = new char[ iValueSize + 1 ];
if ( j > iSaltSize )
j = 1;
itoa( (int)( szSalt[ j ] ), szKey, 10 );
szKey[ iValueSize ] = 0;
szKeys[ i ] = szKey;
j++;
}
// Shuffle the array values around to give a random value
j = 0;
for ( int i = 0; i < NUM_STRINGS; i++ )
{
j = ( j + atoi( szStrings[ i ] ) + atoi( szKeys[ i ] ) ) % NUM_STRINGS;
char *szTemp = szStrings[ i ];
szStrings[ i ] = szStrings[ j ];
szStrings[ j ] = szTemp;
}
// Encrypt/decrypt the string
szWorking = new char[ iValueSize + 1 ];
for ( int i = 0; i <= iValueSize; i++ )
szWorking[ i ] = 0;
int i = 0;
j = 0;
for ( int x = 0; x <= iValueSize; x++ )
{
i = ( i + 1 ) % NUM_STRINGS;
j = ( j + atoi( szStrings[ i ] ) ) % NUM_STRINGS;
char *szTemp = szStrings[ i ];
szStrings[ i ] = szStrings[ j ];
szStrings[ j ] = szTemp;
int t = ( atoi( szStrings[ i ] ) + ( atoi( szStrings[ j ] ) % NUM_STRINGS ) ) % NUM_STRINGS;
int y = atoi( szStrings[ t ] );
char cCrypt = char( (int)( szValue[ x ] ) ^ y );
szWorking[ x ] = cCrypt;
}
// Clean dynamic memory
for ( int i = 0; i < NUM_STRINGS; i++ )
{
delete szStrings[ i ];
delete szKeys[ i ];
szStrings[ i ] = NULL;
szKeys[ i ] = NULL;
}
// Return encrypted/decrypted string
szWorking[ iValueSize ] = 0;
return szWorking;
}
};
任何帮助都将不胜感激,谢谢:)
答案 0 :(得分:1)
我不确定但是使用mb_*函数可能有所帮助:
strlen使用mb_strlen substr使用mb_substr 要么只提供值,要么只提供编码(但如果没有提供任何人,则每个mb_*函数应检查字符串编码。)
答案 1 :(得分:0)
想出来了。看起来我需要通过HTTP PUT请求将输入发送到PHP脚本,并使用fopen(“php:// input”,“rb”)读取它。似乎PHP并没有以二进制安全的方式处理任何事情。在C ++和PHP上我都将每个字符视为一个整数,这应该允许在二进制安全模式下正确处理UTF-32字符串。
这是我的C ++课程,我在“twencrypt.h”中有我的课程:
#ifndef TWCRYPT_H
#define TWCRYPT_H
/***
*
* Two-way string encryption
* This will encrypt/decrypt a string using a salt.
*
* -AdamR
*
****/
#define NUM_STRINGS 256
class CTwEncryption
{
private:
char *szWorking;
public:
CTwEncryption() { szWorking = NULL; };
~CTwEncryption() { if ( szWorking != NULL ) { delete szWorking; szWorking = NULL; } };
char *Crypt( const char szValue[], const char szSalt[] )
{
const int iValueSize = (int)strlen( szValue );
const int iSaltSize = (int)strlen( szSalt );
if ( iValueSize < 1 || iSaltSize < 1 )
return NULL;
int j = 1;
int iChars[ NUM_STRINGS ];
int iKeys[ NUM_STRINGS ];
// Init array of 0-255
for ( int i = 0; i < NUM_STRINGS; i++ )
iChars[ i ] = i;
// Init array of 0-255 with a calculated char value
for ( int i = 0; i < NUM_STRINGS; i++ )
{
if ( j > iSaltSize )
j = 1;
iKeys[ i ] = szSalt[ j ];
j++;
}
// Shuffle the array values around to give a random value
j = 0;
for ( int i = 0; i < NUM_STRINGS; i++ )
{
j = ( j + iChars[ i ] + iKeys[ i ] ) % NUM_STRINGS;
int iTemp = iChars[ i ];
iChars[ i ] = iChars[ j ];
iChars[ j ] = iTemp;
}
// Encrypt/decrypt the string
szWorking = new char[ iValueSize + 1 ];
for ( int i = 0; i <= iValueSize; i++ )
szWorking[ i ] = 0;
int i = 0;
j = 0;
for ( int x = 0; x <= iValueSize; x++ )
{
i = ( i + 1 ) % NUM_STRINGS;
j = ( j + iChars[ i ] ) % NUM_STRINGS;
int iTemp = iChars[ i ];
iChars[ i ] = iChars[ j ];
iChars[ j ] = iTemp;
int t = ( iChars[ i ] + ( iChars[ j ] % NUM_STRINGS ) ) % NUM_STRINGS;
int y = iChars[ t ];
char cCrypt = char( (int)( szValue[ x ] ) ^ y );
szWorking[ x ] = cCrypt;
}
// Return encrypted/decrypted string
szWorking[ iValueSize ] = 0;
return szWorking;
}
};
#endif
当它返回一个char指针时,我建议你使用strcpy()将它放在一个安全的地方。这是一个示例,请记住,完全相同的代码也用于解密字符串。
const char *szString = "My string to encrypt";
const char *szSalt = "Some salt here :D";
int iStringSize = (int)strlen( szString );
char *szEncrypted = new char( iStringSize ) + 1 );
CTwEncryption *pTwCrypt = new CTwEncryption();
strcpy( szEncrypted, pTwCrypt->Crypt( szString, szSalt );
szEncrypted[ iStringSize ] = 0;
delete pTwCrypt;
这是我的PHP课程:
<?php
define( 'NUM_STRINGS', 256 );
class CTwEncryption
{
function Crypt( $szValue, $szSalt )
{
$iValueSize = strlen( $szValue );
$iSaltSize = strlen( $szSalt );
if ( $iValueSize == 0 || $iSaltSize == 0 )
return null;
$j = 1;
$iChars = array();
$iKeys = array();
// Init array of 0-255
for ( $i = 0; $i < NUM_STRINGS; $i++ )
$iChars[ $i ] = $i;
// Init array of 0-255 with a calculated char value
for ( $i = 0; $i < NUM_STRINGS; $i++ )
{
if ( $j > $iSaltSize )
$j = 1;
$iKeys[ $i ] = ord( $szSalt[ $j ] );
$j++;
}
// Shuffle the array values around to give a random value
$j = 0;
for ( $i = 0; $i < NUM_STRINGS; $i++ )
{
$j = ( $j + $iChars[ $i ] + $iKeys[ $i ] ) % NUM_STRINGS;
$iTemp = $iChars[ $i ];
$iChars[ $i ] = $iChars[ $j ];
$iChars[ $j ] = $iTemp;
}
// Encrypt/decrypt the string
$szReturnValue = null;
$i = 0;
$j = 0;
for ( $x = 0; $x < $iValueSize; $x++ )
{
$i = ( $i + 1 ) % NUM_STRINGS;
$j = ( $j + $iChars[ $i ] ) % NUM_STRINGS;
$iTemp = $iChars[ $i ];
$iChars[ $i ] = $iChars[ $j ];
$iChars[ $j ] = $iTemp;
$t = ( $iChars[ $i ] + ( $iChars[ $j ] % NUM_STRINGS ) ) % NUM_STRINGS;
$y = $iChars[ $t ];
$iValue = str_split( $szValue );
for ( $c = 0; $c < $iValueSize; $c++ )
$iValue[ $c ] = ord( $iValue[ $c ] );
$cCrypt = chr( $iValue[ $x ] ^ $y );
$szReturnValue .= $cCrypt;
}
// Return encrypted/decrypted string
return $szReturnValue;
}
}
$c_TwEncryption = new CTwEncryption;
?>
这个更容易使用。这很简单:
$szString = "My string to hide lollercoaster";
$szSalt = "super duper password of doom";
$szEncrypted = $c_TwEncryption->Crypt( $szString, $szSalt );
$szDecrypted = $c_TwEncryption->Crypt( $szEncrypted, $szSalt );
请记住,您不应通过HTTP GET或POST请求定义$ szString或$ szSalt(PHP端)。安全并使用PUT请求,并按如下方式阅读:
$szString = null;
$hInData = fopen( "php://input", "rb" ) || die( "Unable to open HTTP PUT handle." );
if( $hInData != null )
{
while ( $bData = fread( $hRequest, 1024 ) )
$szString .= $bData;
}
else
die( "Unable to read HTTP PUT data." );
fClose( $hInData ) || die( "Unable to close HTTP PUT handle." );
if( $szString == null || empty( $szString ) )
die( "No data read from HTTP PUT stream." );
享受。