Share several common encryption methods for PHP.

The application scenarios are: the unique identification of the user (the article encryption id prevents crawlers), the generation of regular code, and the encryption of the login password

Use hashids to encrypt the demo (user's unique identification, article encryption id to prevent crawling)

Conversion encryption between character string and hexadecimal (generate regular code)

   /**
     * 字符串转十六进制
     * @param $string
     * @return string
     */
    public function str_encode($string)
    {
    
    
        $hex="";
        for($i=0;$i<strlen($string);$i++){
    
    
           $hex.=dechex(ord($string[$i]));
        }
        $hex=strtolower($hex);
        return $hex;
    }

   /**
     * 十六进制转字符串
     * @param $hex
     * @return string
     */
    public function str_decode($hex){
    
    
        $string="";
        for($i=0;$i<strlen($hex)-1;$i+=2){
    
    
            $string.=chr(hexdec($hex[$i].$hex[$i+1]));
        }
        return  $string;
    }

When the user logs in, the account password is transmitted in clear text, as shown in the figure:

So change it to an encrypted password, which is safer

Simple openssl_encrypt encryption

    public function encrypt($string)
    {
    
    
        // openssl_encrypt 加密不同Mcrypt，对秘钥长度要求，超出16加密结果不变
        $method = 'DES-ECB';//加密方法
        $passwd = '12344321';//加密密钥
        $data = openssl_encrypt($string, $method, $passwd);
        return $data;
    }
     public function decrypt($string)
    {
    
    
        $method = 'DES-ECB';//加密方法
        $passwd = '12344321';//加密密钥
        $decrypted = openssl_decrypt($string, $method, $passwd);

        return $decrypted;
    }

Encryption of login password

    /**
     * 生成key和iv的地址：https://asecuritysite.com/encryption/keygen
     *              https://asecuritysite.com/encryption/PBKDF2z
     */
     
    /**
     * @param string $string 需要加密的字符串
     * @return string
     */
    public function encrypt($string)
    {
    
    
        // openssl_encrypt 加密不同Mcrypt，对秘钥长度要求，超出16加密结果不变
        $data = openssl_encrypt($string, 'AES-192-CBC',pack('H*', env('ENCRYPT_KEY')), OPENSSL_RAW_DATA,pack('H*', env('ENCRYPT_IV')));

        $data = base64_encode($data);
        return $data;
    }
    /**
     * @param string $string 需要解密的字符串
     * @return string
     */
    public function decrypt($string)
    {
    
    
        $decrypted = openssl_decrypt(base64_decode($string), 'AES-192-CBC',  pack('H*', env('ENCRYPT_KEY')), OPENSSL_RAW_DATA,pack('H*', env('ENCRYPT_IV')));

        return $decrypted;
    }

ENCRYPT_KEY=ENCRYPT_KEY
ENCRYPT_IV=ENCRYPT_IV

The above uses AES-192-CBC encryption method

AES：

aes is a data block-based encryption method, that is, each processed data is one block (16 bytes), and it is filled when the data is not a multiple of 16 bytes. This is the so-called block cipher (different from the bit-based Stream cipher), 16 bytes is the packet length

Several modes of packet encryption:

ECB: It is a basic encryption method. The ciphertext is divided into blocks of equal length (not enough to fill), and then encrypted one by one, and output one by one to form the ciphertext.

CBC: It is a cyclic mode. The ciphertext of the previous group and the plaintext of the current group are XORed and then encrypted. The purpose of this is to increase the difficulty of cracking.

CFB/OFB: In fact, it is a feedback mode, the purpose is also to increase the difficulty of cracking.

The encryption results of FCB and CBC are different, the modes of the two are different, and CBC will add an initialization vector when the first cipher block is operated.

Continually updated