如何从AES加密字符串中添加/删除PKCS 7填充?
3 回答

<?phpfunction encrypt($str, $key) { $block = mcrypt_get_block_size('des', 'ecb');
aes
rijndael_128
des
16
$pad = $block - (strlen($str) % $block);
strlen($str)
% $block
$block
$block - ...
1
$block
$str .= str_repeat(chr($pad), $pad);
str_repeat
$pad
, $pad
$pad
$pad
. $str .= ...
return mcrypt_encrypt(MCRYPT_DES, $key, $str, MCRYPT_MODE_ECB);
MCRYPT_RIJNDAEL_128
MCRYPT_DES
.
}
function decrypt($str, $key) { $str = mcrypt_decrypt(MCRYPT_DES, $key, $str, MCRYPT_MODE_ECB);
$block = mcrypt_get_block_size('des', 'ecb');
$pad = ord($str[($len = strlen($str)) - 1]);
$len = strlen($str); $pad = ord($str[$len-1]);
$len
$str[$len - 1]
ord
$pad
return substr($str, 0, strlen($str) - $pad);
$pad
strlen($str)
$len
substr($str, 0, $len - $pad)
.).
}?>
substr($str, $len - $pad)
substr($str, -$pad)
substr
substr($str, $len - $pad)
chr($pad)

phpdoc
mcrypt_get_block_size
/** * Right-pads the data string with 1 to n bytes according to PKCS#7, * where n is the block size. * The size of the result is x times n, where x is at least 1. * * The version of PKCS#7 padding used is the one defined in RFC 5652 chapter 6.3. * This padding is identical to PKCS#5 padding for 8 byte block ciphers such as DES. * * @param string $plaintext the plaintext encoded as a string containing bytes * @param integer $blocksize the block size of the cipher in bytes * @return string the padded plaintext */function pkcs7pad($plaintext, $blocksize){ $padsize = $blocksize - (strlen($plaintext) % $blocksize); return $plaintext . str_repeat(chr($padsize), $padsize);}/** * Validates and unpads the padded plaintext according to PKCS#7. * The resulting plaintext will be 1 to n bytes smaller depending on the amount of padding, * where n is the block size. * * The user is required to make sure that plaintext and padding oracles do not apply, * for instance by providing integrity and authenticity to the IV and ciphertext using a HMAC. * * Note that errors during uppadding may occur if the integrity of the ciphertext * is not validated or if the key is incorrect. A wrong key, IV or ciphertext may all * lead to errors within this method. * * The version of PKCS#7 padding used is the one defined in RFC 5652 chapter 6.3. * This padding is identical to PKCS#5 padding for 8 byte block ciphers such as DES. * * @param string padded the padded plaintext encoded as a string containing bytes * @param integer $blocksize the block size of the cipher in bytes * @return string the unpadded plaintext * @throws Exception if the unpadding failed */function pkcs7unpad($padded, $blocksize){ $l = strlen($padded); if ($l % $blocksize != 0) { throw new Exception("Padded plaintext cannot be divided by the block size"); } $padsize = ord($padded[$l - 1]); if ($padsize === 0) { throw new Exception("Zero padding found instead of PKCS#7 padding"); } if ($padsize > $blocksize) { throw new Exception("Incorrect amount of PKCS#7 padding for blocksize"); } // check the correctness of the padding bytes by counting the occurance $padding = substr($padded, -1 * $padsize); if (substr_count($padding, chr($padsize)) != $padsize) { throw new Exception("Invalid PKCS#7 padding encountered"); } return substr($padded, 0, $l - $padsize);}

function removePadding($decryptedText){ $strPad = ord($decryptedText[strlen($decryptedText)-1]); $decryptedText= substr($decryptedText, 0, -$strPad); return $decryptedText;}
相关问题推荐
添加回答
举报