Kangsheng's Authcode function can be said to make a significant contribution to China's PHP industry. Including Kangsheng's own products, and most Chinese companies using PHP use this function for encryption, Authcode is encrypted and decrypted using XOR.
The principle is as follows, if:
Encryption
Clear text: 1010 1001
Secret key: 1110 0011
Redaction: 0100 1010
To get the ciphertext 0100 1010, the need to decrypt and the key is different or under the
Decrypt
Redaction: 0100 1010
Secret key: 1110 0011
Clear text: 1010 1001
There is no advanced algorithm, the key importance is very high, so, the key is how to generate the key.
Well, let's see what Kangsheng's Authcode do together.
1.//Parameter explanation
2.//$string: Clear text or ciphertext
3.//$operation: Decode means decryption, other means of encryption
4.//$key: Secret key
5.//$expiry: Validity of ciphertext
6. Function Authcode ($string, $operation = ' DECODE ', $key = ', $expiry = 0) {
7.//Dynamic key length, the same plaintext will generate different ciphertext is depending on the dynamic key
8. $ckey _length = 4;
9.
10.//Secret key
$key = MD5 ($key $key: $GLOBALS [' Discuz_auth_key ']);
12.
13.//Key A will participate in encryption and decryption
$keya = MD5 (substr ($key, 0, 16));
15.//key B will be used to do data integrity verification
$KEYB = MD5 (substr ($key, 16, 16));
17.//Key C used to change the generated ciphertext
$KEYC = $ckey _length? ($operation = = ' DECODE ' substr ($string, 0, $ckey _length):
SUBSTR (MD5 (Microtime ()),-$ckey _length)): ';
19.//Participate in the operation of the key
$cryptkey = $keya. MD5 ($keya. $KEYC);
$key _length = strlen ($cryptkey);
22.//Clear, the first 10 bits are used to save the timestamp, verify the data validity when decrypting, 10 to 26 bits are used to save $keyb (key B), decryption will verify the data integrity through this key
23.//If it is decoded, it will start with the $ckey_length bit, because the $ckey_length bit of the ciphertext holds the dynamic key to ensure the decryption is correct
$string = $operation = = ' DECODE '? Base64_decode (substr ($string, $ckey _length)):
sprintf ('%010d ', $expiry? $expiry + Time (): 0). substr (MD5 ($string. $keyb), 0). $string;
$string _length = strlen ($string);
$result = ';
$box = Range (0, 255);
$rndkey = Array ();
29.//Generate key Book
for ($i = 0; $i <= 255; $i + +) {
$rndkey [$i] = Ord ($cryptkey [$i% $key _length]);
32.}
33.//With fixed algorithm, to disrupt the key book, increase randomness, seems very complex, in fact, will not increase the intensity of the ciphertext
for ($j = $i = 0; $i < 256; $i + +) {
$j = ($j + $box [$i] + $rndkey [$i])% 256;
$tmp = $box [$i];
$box [$i] = $box [$j];
$box [$j] = $tmp;
39.}
40.//Core Plus decryption section
for ($a = $j = $i = 0; $i < $string _length; $i + +) {
$a = ($a + 1)% 256;
$j = ($j + $box [$a])% 256;
$tmp = $box [$a];
$box [$a] = $box [$j];
$box [$j] = $tmp;
47.//From the key book to the key to the different or, and then converted to characters
$result. = Chr (ord ($string [$i]) ^ ($box [($box [$a] + $box [$j])% 256]);
49.}
if ($operation = = ' DECODE ') {
Wuyi//substr ($result, 0, 10) = 0 Validating data validity
substr ($result, 0,)-time () > 0 Validate data validation
substr ($result) = = substr (MD5 (substr ($result,). $keyb), 0, 16 Verify data integrity
54.//Verify data validity, please see the format of unencrypted plaintext
if (substr ($result, 0,) = = 0 substr ($result, 0,)-time () > 0) &&
substr ($result) = = substr (MD5 (substr ($result,). $keyb), 0, 16)) {
Return substr ($result, 26);
} else {
Return ";
59.}
.} else {
61.//Keep the dynamic key in the ciphertext, which is why the same clear text, the production of different ciphertext can be decrypted after the reason
62.//Because the encrypted ciphertext may be some special characters, the copy process may be lost, so use base64 encoding
Str_replace return $KEYC. (' = ', ', Base64_encode ($result));
64.}
65.}
But unfortunately, this function ownership belongs to Kangsheng, and is not free to use