Convert DX authcode to JS version, high difficulty conversion
Parameter interpretation
$string: Clear Text or redaction
$operation: Decode means decryption, other means encryption
$key: Key
$expiry: Ciphertext validity
function Authcode ($string, $operation = ' DECODE ', $key = ", $expiry = 0) {
Dynamic key length, the same plaintext will generate different ciphertext is dependent on the dynamic key
$ckey _length = 4;
Secret key
$key = MD5 ($key? $key: $GLOBALS [' Discuz_auth_key ']);
Key A will participate in encryption and decryption
$keya = MD5 (substr ($key, 0, 16));
Key B will be used for data integrity verification.
$KEYB = MD5 (substr ($key, 16, 16));
Key C is used to change the generated ciphertext
$KEYC = $ckey _length? ($operation = = ' DECODE '? substr ($string, 0, $ckey _length): substr (MD5 (Microtime ()),-$ckey _length)): ";
Key to participate in the operation
$cryptkey = $keya. MD5 ($keya. $KEYC);
$key _length = strlen ($cryptkey);
PlainText, the first 10 bits are used to hold the timestamp, verify data validation when decrypting, 10 to 26 bits to hold $keyb (key B), and the key to verify the integrity of the data during decryption
If it is decoded, it will start from the $ckey_length bit, because the $ckey_length bit in the ciphertext saves the dynamic key to ensure the decryption is correct.
$string = $operation = = = ' DECODE '? Base64_decode (substr ($string, $ckey _length)): sprintf ('%010d ', $expiry? $expiry + Time (): 0). substr (MD5 ($string. $keyb ), 0, (+). $string;
$string _length = strlen ($string);
$result = ";
$box = Range (0, 255);
$rndkey = Array ();
Generate key Book
for ($i = 0; $i <= 255; $i + +) {
$rndkey [$i] = Ord ($cryptkey [$i% $key _length]);
}
Using a fixed algorithm to disrupt the key book, to increase randomness, seems very complex, in fact, does not increase the intensity of ciphertext
for ($j = $i = 0; $i < $i + +) {
$j = ($j + $box [$i] + $rndkey [$i])% 256;
$tmp = $box [$i];
$box [$i] = $box [$j];
$box [$j] = $tmp;
}
Core encryption and Decryption section
for ($a = $j = $i = 0; $i < $string _length; $i + +) {
$a = ($a + 1)% 256;
$j = ($j + $box [$a])% 256;
$tmp = $box [$a];
$box [$a] = $box [$j];
$box [$j] = $tmp;
To derive a key from the key book, and then turn it into a character
$result. = Chr (ord ($string [$i]) ^ ($box [($box [$a] + $box [$j])% 256]));
}
if ($operation = = ' DECODE ') {
substr ($result, 0, 10) = = 0 Verify data validity
substr ($result, 0, Ten)-time () > 0 Verifying data validity
SUBSTR ($result, ten, +) = = substr (MD5 ($result, $keyb), 0, 16) Verifying data integrity
To verify data validation, see the format of unencrypted plaintext
if (substr ($result, 0, ten) = = 0 | | substr ($result, 0,)-time () > 0) && substr ($result, ten, +) = = SUBSTR (MD 5 (substr ($result, +). $keyb), 0, 16)) {
Return substr ($result, 26);
} else {
Return ';
}
} else {
The dynamic key is stored in the ciphertext, which is why the same clear text, the production of different ciphertext can be decrypted after the reason