Discuz program's PHP encryption function principle Analysis _php skill

The principle is as follows, if:
Encryption
Clear text: 1010 1001
Secret key: 1110 0011
Redaction: 0100 1010
To get the ciphertext 0100 1010, the need to decrypt and the key is different or under the
Decrypt
Redaction: 0100 1010
Secret key: 1110 0011
Clear text: 1010 1001
There is no advanced algorithm, the key importance is very high, so, the key is how to generate the key.
Well, let's see what Kangsheng's Authcode do together.

Copy Code code as follows:

Parameter explanation
$string: Clear text or ciphertext
$operation: Decode means decryption, other means encryption
$key: Secret Spoon
$expiry: Validity of Redaction
function Authcode ($string, $operation = ' DECODE ', $key = ', $expiry = 0) {
Dynamic key length, the same plaintext will generate different ciphertext is depending on the dynamic key
$ckey _length = 4;

Secret Spoon
$key = MD5 ($key $key: $GLOBALS [' Discuz_auth_key ']);

Key A will participate in encryption and decryption
$keya = MD5 (substr ($key, 0, 16));
Key B is used for data integrity verification.
$KEYB = MD5 (substr ($key, 16, 16));
Key C used to change the generated ciphertext
$KEYC = $ckey _length? ($operation = = ' DECODE ' substr ($string, 0, $ckey _length):
SUBSTR (MD5 (Microtime ()),-$ckey _length)): ';
Keys for participating operations
$cryptkey = $keya. MD5 ($keya. $KEYC);
$key _length = strlen ($cryptkey);
PlainText, the first 10 bits are used to hold the timestamp, verify the validity of the data when decrypting, 10 to 26 bits to save $keyb (key B), decryption will verify data integrity through this key
If it is decoded, it will start from the $ckey_length bit, because the ciphertext before the $ckey_length bit to save the dynamic key to ensure that the decryption is correct
$string = $operation = = ' DECODE '? Base64_decode (substr ($string, $ckey _length)):
sprintf ('%010d ', $expiry? $expiry + Time (): 0). substr (MD5 ($string. $keyb), 0). $string;
$string _length = strlen ($string);
$result = ';
$box = Range (0, 255);
$rndkey = Array ();
Create a key book
for ($i = 0; $i <= 255; $i + +) {
$rndkey [$i] = Ord ($cryptkey [$i% $key _length]);
}
Using a fixed algorithm to disrupt the key book, increase the randomness, seems very complex, in fact, will not increase the intensity of the ciphertext
for ($j = $i = 0; $i < 256; $i + +) {
$j = ($j + $box [$i] + $rndkey [$i])% 256;
$tmp = $box [$i];
$box [$i] = $box [$j];
$box [$j] = $tmp;
}
Core Plus decryption section
for ($a = $j = $i = 0; $i < $string _length; $i + +) {
$a = ($a + 1)% 256;
$j = ($j + $box [$a])% 256;
$tmp = $box [$a];
$box [$a] = $box [$j];
$box [$j] = $tmp;
To derive a key from a key book, or to convert it to a character.
$result. = Chr (ord ($string [$i]) ^ ($box [($box [$a] + $box [$j])% 256]);
}
if ($operation = = ' DECODE ') {
substr ($result, 0, 10) = 0 Validating data validity
substr ($result, 0,)-time () > 0 Validate data validation
substr ($result) = = substr (MD5 (substr ($result,). $keyb), 0, 16) validating data integrity
Verify data validation, see the format of unencrypted plaintext
if (substr ($result, 0,) = 0 | | substr ($result, 0)-time () > 0) &&
substr ($result) = = substr (MD5 (substr ($result,). $keyb), 0, 16)) {
Return substr ($result, 26);
} else {
Return ";
}
} else {
Keep the dynamic key in the ciphertext, which is why the same clear text can be decrypted after producing a different cipher.
Because the encrypted ciphertext may be some special characters, the copy process may be lost, so use base64 encoding
Return $KEYC. Str_replace (' = ', ', Base64_encode ($result));
}
}

But unfortunately, this function ownership belongs to Kangsheng, and is not free to use