Discuz Cryptographic decryption function using method and Chinese annotation _php instance

Source: Internet
Author: User
Copy CodeThe code is as follows:
/**
* $string Clear text or ciphertext
* $operation encrypt encode or decrypt decode
* $key Key
* $expiry Key Expiration date
*/
function Authcode ($string, $operation = ' DECODE ', $key = ", $expiry = 0) {
Dynamic key length, the same plaintext will generate different ciphertext is dependent on the dynamic key
Join with the secret key, you can make ciphertext no rules, even if the original and key exactly the same, the encryption results will be different each time, increase the difficulty of cracking.
The greater the value, the greater the ciphertext variation, and the ciphertext change = 16 $ckey _length
When this value is 0 o'clock, the random key is not generated
$ckey _length = 4;

Secret key
$GLOBALS [' Discuz_auth_key '] can be modified here according to your needs
$key = MD5 ($key? $key: $GLOBALS [' Discuz_auth_key ']);

Key A will participate in encryption and decryption
$keya = MD5 (substr ($key, 0, 16));
Key B will be used for data integrity verification.
$KEYB = MD5 (substr ($key, 16, 16));
Key C is used to change the generated ciphertext
$KEYC = $ckey _length? ($operation = = ' DECODE '? substr ($string, 0, $ckey _length): substr (MD5 (Microtime ()),-$ckey _length)): ";
Key to participate in the operation
$cryptkey = $keya. MD5 ($keya. $KEYC);
$key _length = strlen ($cryptkey);
PlainText, the first 10 bits are used to hold the timestamp, verify data validation when decrypting, 10 to 26 bits to hold $keyb (key B), and the key to verify the integrity of the data during decryption
If it is decoded, it will start from the $ckey_length bit, because the $ckey_length bit in the ciphertext saves the dynamic key to ensure the decryption is correct.
$string = $operation = = = ' DECODE '? Base64_decode (substr ($string, $ckey _length)): sprintf ('%010d ', $expiry? $expiry + Time (): 0). substr (MD5 ($string. $keyb ), 0, (+). $string;
$string _length = strlen ($string);
$result = ";
$box = Range (0, 255);
$rndkey = Array ();
Generate key Book
for ($i = 0; $i <= 255; $i + +) {
$rndkey [$i] = Ord ($cryptkey [$i% $key _length]);
}
Using a fixed algorithm to disrupt the key book, to increase randomness, seems to be complex, and does not actually increase the intensity of the ciphertext
for ($j = $i = 0; $i < $i + +) {
$j = ($j + $box [$i] + $rndkey [$i])% 256;
$tmp = $box [$i];
$box [$i] = $box [$j];
$box [$j] = $tmp;
}
Core encryption and Decryption section
for ($a = $j = $i = 0; $i < $string _length; $i + +) {
$a = ($a + 1)% 256;
$j = ($j + $box [$a])% 256;
$tmp = $box [$a];
$box [$a] = $box [$j];
$box [$j] = $tmp;
To derive a key from the key book, and then turn it into a character
$result. = Chr (ord ($string [$i]) ^ ($box [($box [$a] + $box [$j])% 256]));
}
if ($operation = = ' DECODE ') {
substr ($result, 0, 10) = = 0 Verify data validity
substr ($result, 0, Ten)-time () > 0 Verifying data validity
SUBSTR ($result, ten, +) = = substr (MD5 ($result, $keyb), 0, 16) Verifying data integrity
To verify data validation, see the format of unencrypted plaintext
if (substr ($result, 0, ten) = = 0 | | substr ($result, 0,)-time () > 0) && substr ($result, ten, +) = = SUBSTR (MD 5 (substr ($result, +). $keyb), 0, 16)) {
Return substr ($result, 26);
} else {
Return ';
}
} else {
The dynamic key is stored in the ciphertext, which is why the same clear text, the production of different ciphertext can be decrypted after the reason
Because the encrypted ciphertext may be some special characters, the copying process may be lost, so the base64 encoding
Return $KEYC. Str_replace (' = ', ' ', Base64_encode ($result));
}
}


$a = www.php.net;
$b = Authcode ($a, "ENCODE", "abc123");
echo $b. "
";
Echo Authcode ($b, "DECODE", "abc123");
?>

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.