我看了一下this的问题,并希望自己做。当我运行此代码时(直接从this answer获取):
$textToEncrypt = "My super secret information.";
$encryptionMethod = "AES-256-CBC"; // AES is used by the U.S. gov't to encrypt top secret documents.
$secretHash = "25c6c7ff35b9979b151f2136cd13b0ff";
//To encrypt
$encryptedMessage = openssl_encrypt($textToEncrypt, $encryptionMethod, $secretHash, '1234567812345678');
//To Decrypt
$decryptedMessage = openssl_decrypt($encryptedMessage, $encryptionMethod, $secretHash);
//Result
echo "Encrypted: $encryptedMessage <br>Decrypted: $decryptedMessage";
但是我收到了警告
openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended
所以我去看了docs,但没有文档'。我发现了这个comment,但是仍然没有提到初始化矢量应该是什么以及我应该如何使用它。谁能开导我?
我知道我本可以做更多Google,但Stackoverflow首先出现在这么多搜索结果中我认为这个问题可能对其他遇到此问题的人有用。