mcrypt

问题 I'm working on a php script and are using mcrypt to encrypt/decrypt arbitrary data. When I decrypt encrypted data, using another key (e.g. I typed in the wrong password), the output won't be correctly decrypted of course. If the wrong key has been used I would like to display an error message, but I'm thinking it's quite hard to validate the output string as correct "plaintext" (since the chars in the encoded data are also valid as input data). Is there any way to get around this? As I was

问题 I was here yesterday and got some really great answers. I took what I got and put together, what I think will be a fairly secure algorithm. I'm having a problem using blowfish with a for loop that generates the salt. I'm using base64 characters and a for loop to get a random string. I want to take this generated string and insert it into the crypt function as the salt. Because the documentation about blowfish is so sparse and the PHP docs don't really even mention it, I'm sort of stabbing in

问题 What are the difference between MCRYPT_RIJNDAEL_128 , MCRYPT_RIJNDAEL_256 , MCRYPT_BLOWFISH , etc. Which one is best suitable for data transfer on web? 回答1: Rijandel is another name for AES, the current "one good standard" algorithm. The number 128 or 256 is the key length. Blowfish is a somewhat older 64 bit block cipher (AES is a 128 bit block cipher). You can't really say that either of them is any "better" or "worse", because none of them has really been broken, but in general AES should

问题 After reinstalling our server, MCRYPT is no longer working and PHP gives the notice Use of undefined constant MCRYPT_BLOWFISH ( Apache 2.4 , PHP 5.5 ). php -m returns mcrypt. ls -al /etc/php5/apache2/conf.d/ 20-mcrypt.ini -> ../../mods-available/mcrypt.ini cat /etc/php5/mods-available/mcrypt.ini ; configuration for php MCrypt module extension=mcrypt.so Why is mcrypt not recognized? How can I make this work? 回答1: No sooner do I speak do I find a solution, heh. This worked for me: mCrypt not

问题 I keep getting this error Mcrypt PHP extension required at the bottom after I run a composer update : Since I am using Mac, I have tried running : brew search mcrypt brew install php56-mcrypt I still get the same error message. 回答1: Steps I solved this by running the following commands brew update brew upgrade brew tap homebrew/dupes brew tap josegonzalez/homebrew-php brew install php54-mcrypt php --version // To Test your php sudo composer update Result No more Mcrypt warning !! Loading

问题 I'm working on a cross language project wrapping a ruby/Sinatra API in PHP to be consumed by another team. None of the information exposed by the API is sensitive, but we would prefer it not be easily accessible to a casual observer guessing the URL. private function generateSliceIDToken($key){ $currentEpoch = time(); $ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); $iv = mcrypt_create_iv($ivSize, MCRYPT_RAND); $encryptedBytes = mcrypt_encrypt( MCRYPT_RIJNDAEL_128, $key,

问题 A PHP application I'm maintaining uses Rijndael_256 with EBC_MODE encryption with mcrypt. Fun has it that the key isn't 256 bits long, but only 160. According to the mcrypt_encrypt documentation the key is padded with \0 to get the required size if it's too small. The key with which the data will be encrypted. If it's smaller than the required keysize, it is padded with '\0'. It is better not to use ASCII strings for keys. This seem to happen at around the start of line 1186 in mcrypt.c and

问题 A PHP application I'm maintaining uses Rijndael_256 with EBC_MODE encryption with mcrypt. Fun has it that the key isn't 256 bits long, but only 160. According to the mcrypt_encrypt documentation the key is padded with \0 to get the required size if it's too small. The key with which the data will be encrypted. If it's smaller than the required keysize, it is padded with '\0'. It is better not to use ASCII strings for keys. This seem to happen at around the start of line 1186 in mcrypt.c and

问题 I'm trying to send encrypted data over the url to another site (using file_get_contents("anotherUrl.php?hash=$encryptedString") . The problem is, sometimes, the encryption contains some special characters, like +, and this causes the decryption to fail. Here are my encryption / decryption methods: public function encrypt($string, $key) { return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key)))); } public function decrypt($encrypted, $key) {

问题 For quite sometime I've been trying to decipher the ASP .ASPXAUTH cookie and decrypt it using PHP. My reasons are huge and I need to do this, there is no alternative. In PHP so far I have successfully managed to read the data from this cookie, but I cannot seem to do it while it is encrypted. Anyway, here it goes... First you need to alter your servers Web.config file (protection needs to be set to Validation): <authentication mode="None"> <forms name=".ASPXAUTH" protection="Validation"