Detailed analysis of php encryption and decryption function authcode usage

Source: Internet
Author: User
The authcode function can be said to have made significant contributions to the PHP field in China. Including kangsheng's own products, and most Chinese companies that use PHP use this function for encryption. authcode uses the exclusive or operation for encryption and

The authcode function can be said to have made significant contributions to the PHP field in China. Including kangsheng's own products, and most Chinese companies that use PHP use this function for encryption. authcode uses the exclusive or operation for encryption and

Core tips: kangsheng's authcode function can be said to have made significant contributions to the Chinese PHP community. Including kangsheng's own products, and most Chinese companies that use PHP use this function for encryption. authcode uses exclusive or operations for encryption and decryption.

KANG Sheng's authcode function can be said to have made significant contributions to the Chinese PHP community. Including kangsheng's own products, and most Chinese companies that use PHP use this function for encryption. authcode uses exclusive or operations for encryption and decryption.

The principle is as follows:

Encryption

Plaintext: 1010 1001

Key: 1110 0011

Ciphertext: 0100 1010

The ciphertext 0100 1010 is obtained, and the decryption must be different from the key or lower.

Decryption

Ciphertext: 0100 1010

Key: 1110 0011

Plaintext: 1010 1001

There is no advanced algorithm, and the key is very important. The key is how to generate the key.

Let's take a look at how kangsheng's authcode works.

The Code is as follows:


// Parameter description
// $ String: plaintext or ciphertext
// $ Operation: DECODE indicates decryption, and others indicates Encryption
// $ Key: key
// $ Expiry: ciphertext Validity Period
Function authcode ($ string, $ operation = 'decode', $ key = '', $ expiry = 0 ){
// The length of the dynamic key. Different ciphertext values are generated for the same plaintext based on the dynamic key.
$ Ckey_length = 4;

// Key
$ Key = md5 ($ key? $ Key: $ GLOBALS ['discuz _ auth_key ']);

// Key a is used for encryption and decryption.
$ Keya = md5 (substr ($ key, 0, 16 ));
// Key B is used for data integrity verification.
$ Keyb = md5 (substr ($ key, 16, 16 ));
// Key c is used to change the generated ciphertext
$ Keyc = $ ckey_length? ($ Operation = 'decode '? Substr ($ string, 0, $ ckey_length ):
Substr (md5 (microtime (),-$ ckey_length )):'';
// Key used for calculation
$ Cryptkey = $ keya. md5 ($ keya. $ keyc );
$ Key_length = strlen ($ cryptkey );
// Plaintext. The first 10 digits are used to save the timestamp. Data Validity is verified during decryption, and 10 to 26 digits are used to save $ keyb (Key B). Data integrity is verified through this key during decryption.
// If it is decoded, it starts from the $ ckey_length bit, because the $ ckey_length bit before the ciphertext stores the dynamic key to ensure correct decryption.
$ String = $ operation = 'decode '? Base64_decode (substr ($ string, $ ckey_length )):
Sprintf ('% 010d', $ expiry? $ Expiry + time (): 0). substr (md5 ($ string. $ keyb), 0, 16). $ string;
$ String_length = strlen ($ string );
$ Result = '';
$ Box = range (1, 0,255 );
$ Rndkey = array ();
// Generate a key book
For ($ I = 0; $ I <= 255; $ I ++ ){
$ Rndkey [$ I] = ord ($ cryptkey [$ I % $ key_length]);
}
// Use a fixed algorithm to disrupt the key book and increase randomness. It seems complicated. In fact, it does not increase the ciphertext strength.
For ($ j = $ I = 0; I I <256; $ I ++ ){
$ J = ($ j + $ box [$ I] + $ rndkey [$ I]) % 256;
$ Tmp = $ box [$ I];
$ Box [$ I] = $ box [$ j];
$ Box [$ j] = $ tmp;
}
// Core encryption/Decryption part
For ($ a = $ j = $ I = 0; $ I <$ string_length; $ I ++ ){
$ A = ($ a + 1) % 256;
$ J = ($ j + $ box [$ a]) % 256;
$ Tmp = $ box [$ a];
$ Box [$ a] = $ box [$ j];
$ Box [$ j] = $ tmp;
// The keys obtained from the key book are different or converted into characters.
$ Result. = chr (ord ($ string [$ I]) ^ ($ box [($ box [$ a] + $ box [$ j]) % 256]);
}
If ($ operation = 'decode '){
// Substr ($ result, 0, 10) = 0 verify Data Validity
// Substr ($ result, 0, 10)-time ()> 0 to verify data Validity
// Substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26). $ keyb), 0, 16) verify data integrity
// Verify the data validity. See the unencrypted plaintext format.
If (substr ($ result, 0, 10) = 0 | substr ($ result, 0, 10)-time ()> 0 )&&
Substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26). $ keyb), 0, 16 )){
Return substr ($ result, 26 );
} Else {
Return '';
}
} Else {
// Save the dynamic key in the ciphertext, Which is why different ciphertext can be decrypted in the same plain text.
// Because the encrypted ciphertext may be special characters, the copying process may be lost, so it is base64-encoded.
Return $ keyc. str_replace ('=', '', base64_encode ($ result ));
}
}

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.