KANG Sheng's authcode function can be said to have made significant contributions to the Chinese PHP community. Including kangsheng's own products, and most Chinese companies that use PHP use this function for encryption. authcode uses exclusive or operations for encryption and decryption.
The principle is as follows:
Encryption
Plaintext: 1010 1001
Key: 1110 0011
Ciphertext: 0100 1010
The ciphertext 0100 1010 is obtained, and the decryption must be different from the key or lower.
Decryption
Ciphertext: 0100 1010
Key: 1110 0011
Plaintext: 1010 1001
There is no advanced algorithm, and the key is very important. The key is how to generate the key.
Let's take a look at how kangsheng's authcode works.
1. // parameter explanation
2. // $ string: plaintext or ciphertext
3. // $ operation: DECODE indicates decryption, and others indicates Encryption
4. // $ key: key
5. // $ expiry: ciphertext Validity Period
6. function authcode ($ string, $ operation = 'decode', $ key = '', $ expiry = 0 ){
7. // The length of the dynamic key. Different ciphertext values are generated for the same plaintext based on the dynamic key.
8. $ ckey_length = 4;
9.
10. // key
11. $ key = md5 ($ key? $ Key: $ GLOBALS ['discuz _ auth_key ']);
12.
13. // key a will participate in encryption and decryption
14. $ keya = md5 (substr ($ key, 0, 16 ));
15. // key B is used for data integrity verification.
16. $ keyb = md5 (substr ($ key, 16, 16 ));
17. // The Key c is used to change the generated ciphertext.
18. $ keyc = $ ckey_length? ($ Operation = 'decode '? Substr ($ string, 0, $ ckey_length ):
Substr (md5 (microtime (),-$ ckey_length )):'';
19. // The key involved in the operation
20. $ cryptkey = $ keya. md5 ($ keya. $ keyc );
21. $ key_length = strlen ($ cryptkey );
22. // plaintext. The first 10 digits are used to save the timestamp. Data Validity is verified during decryption, and 10 to 26 digits are used to save $ keyb (Key B). Data integrity is verified through this key during decryption.
23. // if it is decoded, it starts from the $ ckey_length bit, because the $ ckey_length bit before the ciphertext stores the dynamic key to ensure correct decryption.
24. $ string = $ operation = 'decode '? Base64_decode (substr ($ string, $ ckey_length )):
Sprintf ('% 010d', $ expiry? $ Expiry + time (): 0). substr (md5 ($ string. $ keyb), 0, 16). $ string;
25. $ string_length = strlen ($ string );
26. $ result = '';
27. $ box = range (1, 0,255 );
28. $ rndkey = array ();
29. // generate a key book
30. for ($ I = 0; $ I <= 255; $ I ++ ){
31. $ rndkey [$ I] = ord ($ cryptkey [$ I % $ key_length]);
32 .}
33. // use a fixed algorithm to disrupt the key book and increase randomness. It seems complicated. In fact, it does not increase the ciphertext strength.
34. for ($ j = $ I = 0; $ I <256; $ I ++ ){
35. $ j = ($ j + $ box [$ I] + $ rndkey [$ I]) % 256;
36. $ tmp = $ box [$ I];
37. $ box [$ I] = $ box [$ j];
38. $ box [$ j] = $ tmp;
39 .}
40. // core encryption and decryption Section
41. for ($ a = $ j = $ I = 0; $ I <$ string_length; $ I ++ ){
42. $ a = ($ a + 1) % 256;
43. $ j = ($ j + $ box [$ a]) % 256;
44. $ tmp = $ box [$ a];
45. $ box [$ a] = $ box [$ j];
46. $ box [$ j] = $ tmp;
47. // The keys obtained from the key book are different or converted into characters.
48. $ result. = chr (ord ($ string [$ I]) ^ ($ box [($ box [$ a] + $ box [$ j]) % 256]);
49 .}
50. if ($ operation = 'decode '){
51. // substr ($ result, 0, 10) = 0 verify Data Validity
52. // substr ($ result, 0, 10)-time ()> 0 to verify data Validity
53. // substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26). $ keyb), 0, 16) verify data integrity
54. // verify the data validity. See the unencrypted plaintext format.
55. if (substr ($ result, 0, 10) = 0 | substr ($ result, 0, 10)-time ()> 0 )&&
Substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26). $ keyb), 0, 16 )){
56. return substr ($ result, 26 );
57.} else {
58. return '';
59 .}
60.} else {
61. // Save the dynamic key in the ciphertext, Which is why different ciphertext can be decrypted in the same plaintext.
62. // because the encrypted ciphertext may be special characters, the replication process may be lost, so base64 encoding is used.
63. return $ keyc. str_replace ('=', '', base64_encode ($ result ));
64 .}
65 .}
However, it is a pity that the ownership of this function belongs to the idea of KANG Sheng and cannot be freely used.