我已经制作了这个代码来加密数据库中的数据(它在测试期间以纯文本形式存储):
try {
$link = new PDO("mysql:host=localhost;dbname=MAIN", 'USER', 'PASSWORD');
$stmt = $link->prepare("SELECT * FROM workers WHERE crypt = '0'");
$stmt->execute();
$prepared = $stmt->fetchAll(PDO::FETCH_ASSOC);
$sentinel = mcrypt_module_open(MCRYPT_3DES,'',MCRYPT_MODE_CBC,'');
$key_c = substr(sha1(microtime()),0,24);
$iv = substr(sha1(microtime()),24,8);
mcrypt_generic_init($sentinel, $key_c, $iv);
for($key=0; $key<count($prepared); $key++)
{
$sort = mcrypt_generic($sentinel, $prepared[$key]['sort']);
$account = mcrypt_generic($sentinel, $prepared[$key]['account']);
$bank_name = mcrypt_generic($sentinel, $prepared[$key]['bank_name']);
$bank_holder = mcrypt_generic($sentinel, $prepared[$key]['bank_holder']);
$address = mcrypt_generic($sentinel, $prepared[$key]['address']);
$post_code = mcrypt_generic($sentinel, $prepared[$key]['post_code']);
$mobile = mcrypt_generic($sentinel, $prepared[$key]['mobile']);
$phone = mcrypt_generic($sentinel, $prepared[$key]['phone']);
$kin_name = mcrypt_generic($sentinel, $prepared[$key]['kin_name']);
$kin_rel = mcrypt_generic($sentinel, $prepared[$key]['kin_relation']);
$kin_phone = mcrypt_generic($sentinel, $prepared[$key]['kin_phone']);
$stmt = null;
$stmt = $link->prepare("UPDATE workers SET sort = :sort, account = :acc, bank_name = :bank_name, bank_holder = :bank_holder, address = :address, post_code = :post_code, crypt = '1', mobile = :mobile, phone = :phone, kin_name = :kin_name, kin_relation = :kin_rel, kin_phone = :kin_phone WHERE reference = :id");
$stmt->bindParam('sort', base64_encode($sort));
$stmt->bindParam('acc',base64_encode($account));
$stmt->bindParam('bank_name', base64_encode($bank_name));
$stmt->bindParam('bank_holder', base64_encode($bank_holder));
$stmt->bindParam('address', base64_encode($address));
$stmt->bindParam('post_code', base64_encode($post_code));
$stmt->bindParam('mobile', base64_encode($mobile));
$stmt->bindParam('phone', base64_encode($phone));
$stmt->bindParam('kin_name', base64_encode($kin_name));
$stmt->bindParam('kin_rel', base64_encode($kin_rel));
$stmt->bindParam('kin_phone', base64_encode($kin_phone));
$stmt->bindParam('id',$prepared[$key]['reference']);
$stmt->execute();
$stmt=null;
$stmt= $link->prepare('INSERT INTO crypt VALUES (\'\', :id, :key, :iv);');
$stmt->bindParam('id', $prepared[$key]['reference']);
$stmt->bindParam('key', base64_encode($key_c));
$stmt->bindParam('iv',base64_encode($iv));
$stmt->execute();
}
} catch (PDOException $e) {
var_dump($e);
}
数据库中的一切看起来都很好。直到我试图解密数据......:
$lnk=new PDO("mysql:host=localhost;dbname=MAIN", 'USER', 'PASSWORD');
$stmt=$lnk->prepare("SELECT * FROM crypt WHERE reference = :ref");
$stmt->bindValue('ref', $result['reference']);
$stmt->execute();
$crypt = $stmt->fetch(PDO::FETCH_ASSOC);
$key_c = base64_decode($crypt['key']);
$iv = base64_decode($crypt['iv']);
print mcrypt_decrypt ( MCRYPT_3DES , $key_c , base64_decode($result['address']) , MCRYPT_MODE_CBC , $iv)."<br />";
Al数据到位是base64编码的密钥和向量一切都很完美,但地址解密显示如下输出:
8×êêkääseAvenue
这个问题与所有数据有关......
有人可以解释为什么会这样吗?
PHP版本5.3.15 MCrypt版本2.5.8
答案 0 :(得分:1)
编码IV时出了点问题。如果IV值不正确,那么(仅)解密输出的前8个字节将是不正确的,可能是8×Áê kâä。 se Avenue可能是正确的。