解密php中使用aspEncrypt加密的字符串

发布于 2024-11-01 08:37:06 字数 353 浏览 5 评论 0原文

我需要与使用persits 的aspEncrypt 的asp 平台进行通信。 任何人都可以提供一个如何使用 PHP 和 mcrypt 解码通过 aspEncrypt 例程创建的字符串的示例。

此链接提供了 aspEncrypt 的示例页面: http://support.persits.com/encrypt/demo_text.asp

所以如果我使用文本“Test”和键“test”提供了一个base64编码的字符串。我需要一个 php 示例,使用“test”键将此编码字符串转换回文本“Test”。

I need to communicate with a asp platform that uses the aspEncrypt from persits.
Can anyone provide an example how to decode a string with PHP and mcrypt that was created via the aspEncrypt routines.

An example page of aspEncrypt is available at this link:
http://support.persits.com/encrypt/demo_text.asp

So if I use the text "Test" and the key "test" it provides an base64 encoded string. I need a php example that convert this encoded string back to the text "Test" with usage of key "test".

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

浅沫记忆 2024-11-08 08:37:06

这就是我最终解决它的方法:

期望:

  • 密钥已知
  • IV 已知(在我的情况下,编码数据的前 32 个字符)
  • 加密文本已知

在我的特殊情况下,所有接收到的数据都进行了十六进制编码。
这意味着 IV 和加密文本。

function decrypt($sString, $sIv, $sKey, $iCipherAlg) {       
   $sDecrypted = mcrypt_decrypt($iCipherAlg, $sKey, $sString, MCRYPT_MODE_CBC, $sIv);
    return trim($sDecrypted);
}

function hex2bin($sData) {
    $iLen = strlen($sData);
    $sNewData = '';
    for($iCount=0;$iCount<$iLen;$iCount+=2) {
        $sNewData .= pack("C",hexdec(substr($sData,$iCount,2)));
    }
    return $sNewData;
} 

$sKey = 'this is my key';
// first 32 chars are IV
$sIv = hex2bin(substr($sEncodedData, 0, 32));
$sEncodedData = substr($sEncodedData, 32);
$sEncodedRaw = hex2bin($sEncodedData);
$sDecrypted = decrypt($sEncodedRaw, $sIv, $sKey, MCRYPT_RIJNDAEL_128);

相应的加密工作原理如下:

$sIv = mcrypt_create_iv(mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_RAND);
$sKey = 'this is my key';
$sContent = 'a lot of content';
$sEncrypted = bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $sKey, $sContent, MCRYPT_MODE_CBC, $sIv));
$sFullEncodedText = bin2hex($sIv) . $sEncrypted;

This is how i finally solved it:

Expectation:

  • Key is known
  • IV is known (in my case, first 32 characters of encoded data)
  • Encrypted Text is known

In my special case all received data hex encoded.
This means IV and encrypted text.

function decrypt($sString, $sIv, $sKey, $iCipherAlg) {       
   $sDecrypted = mcrypt_decrypt($iCipherAlg, $sKey, $sString, MCRYPT_MODE_CBC, $sIv);
    return trim($sDecrypted);
}

function hex2bin($sData) {
    $iLen = strlen($sData);
    $sNewData = '';
    for($iCount=0;$iCount<$iLen;$iCount+=2) {
        $sNewData .= pack("C",hexdec(substr($sData,$iCount,2)));
    }
    return $sNewData;
} 

$sKey = 'this is my key';
// first 32 chars are IV
$sIv = hex2bin(substr($sEncodedData, 0, 32));
$sEncodedData = substr($sEncodedData, 32);
$sEncodedRaw = hex2bin($sEncodedData);
$sDecrypted = decrypt($sEncodedRaw, $sIv, $sKey, MCRYPT_RIJNDAEL_128);

A corresponding encryption works like that:

$sIv = mcrypt_create_iv(mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_RAND);
$sKey = 'this is my key';
$sContent = 'a lot of content';
$sEncrypted = bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $sKey, $sContent, MCRYPT_MODE_CBC, $sIv));
$sFullEncodedText = bin2hex($sIv) . $sEncrypted;
蔚蓝源自深海 2024-11-08 08:37:06

我遇到一个旧的 VBScript 项目,它使用 AspEncrypt 加密字符串,如下所示:

Function EncryptString(data, base64Iv)
    Set CM = Server.CreateObject("Persits.CryptoManager")
    Set Context = CM.OpenContextEx("Microsoft Enhanced RSA and AES Cryptographic Provider", "", True)
    Set Key = Context.GenerateKeyFromPassword("secret encryption password", calgSHA512, calgAES256)

    Set IVblob = CM.CreateBlob
    IVblob.Base64 = base64Iv
    Key.SetIV IVblob

    Set Blob = Key.EncryptText(data)
    EncryptString = Blob.Base64 & ":" & base64Iv
End Function

基于 GenerateKeyFromPassword 的参数,通过使用 SHA-512 对密码进行哈希处理来创建二进制密钥,并使用 aes 加密数据-256-cbc 算法。随机 Base64 编码的初始化向量附加到加密值的冒号后面。

这可以使用 OpenSSL 扩展在 PHP 中复制:

class Aes256Cbc
{
    private string $algo = 'aes-256-cbc';
    private string $key;
    private int $ivLen;

    public function __construct(string $password)
    {
        $this->key = hash('sha512', $password, true);
        $this->ivLen = openssl_cipher_iv_length($this->algo);
    }

    public function encrypt(string $data): string
    {
        $iv = random_bytes($this->ivLen);
        $ciphertext = openssl_encrypt($data, $this->algo, $this->key, OPENSSL_RAW_DATA, $iv);
        return base64_encode($ciphertext) . ':' . base64_encode($iv);
    }

    public function decrypt(string $encrypted): string
    {
        [$ctPart, $ivPart] = explode(':', $encrypted);
        $iv = base64_decode($ivPart);
        $ciphertext = base64_decode($ctPart);
        return openssl_decrypt($ciphertext, $this->algo, $this->key, OPENSSL_RAW_DATA, $iv);
    }
}

示例用法:

$aes = new Aes256Cbc("secret encryption password");
$decrypted = $aes->decrypt($someValue);

注意:如果在未设置初始化向量的情况下使用 AspEncrypt,则 IV 将是空字节序列。这个固定的 IV 可以在上面的 PHP 类中生成,如下所示:

$iv = str_repeat("\0", $this->ivLen);

I encountered an old VBScript project which was encrypting strings with AspEncrypt like this:

Function EncryptString(data, base64Iv)
    Set CM = Server.CreateObject("Persits.CryptoManager")
    Set Context = CM.OpenContextEx("Microsoft Enhanced RSA and AES Cryptographic Provider", "", True)
    Set Key = Context.GenerateKeyFromPassword("secret encryption password", calgSHA512, calgAES256)

    Set IVblob = CM.CreateBlob
    IVblob.Base64 = base64Iv
    Key.SetIV IVblob

    Set Blob = Key.EncryptText(data)
    EncryptString = Blob.Base64 & ":" & base64Iv
End Function

Based on the arguments to GenerateKeyFromPassword, a binary key is created by hashing the password with SHA-512, and data is encrypted with the aes-256-cbc algorithm. The random Base64-encoded initialization vector is appended to the encrypted value after a colon.

This can be replicated in PHP using the OpenSSL extension:

class Aes256Cbc
{
    private string $algo = 'aes-256-cbc';
    private string $key;
    private int $ivLen;

    public function __construct(string $password)
    {
        $this->key = hash('sha512', $password, true);
        $this->ivLen = openssl_cipher_iv_length($this->algo);
    }

    public function encrypt(string $data): string
    {
        $iv = random_bytes($this->ivLen);
        $ciphertext = openssl_encrypt($data, $this->algo, $this->key, OPENSSL_RAW_DATA, $iv);
        return base64_encode($ciphertext) . ':' . base64_encode($iv);
    }

    public function decrypt(string $encrypted): string
    {
        [$ctPart, $ivPart] = explode(':', $encrypted);
        $iv = base64_decode($ivPart);
        $ciphertext = base64_decode($ctPart);
        return openssl_decrypt($ciphertext, $this->algo, $this->key, OPENSSL_RAW_DATA, $iv);
    }
}

Example usage:

$aes = new Aes256Cbc("secret encryption password");
$decrypted = $aes->decrypt($someValue);

Note: if AspEncrypt was used without setting an initialization vector, the IV will be sequence of null bytes. This fixed IV could be generated in the above PHP class as follows:

$iv = str_repeat("\0", $this->ivLen);
兰花执着 2024-11-08 08:37:06

这取决于它使用的密码,看看 mcrypt 只要你知道密码和密钥应该很容易解密。

It depends on which cipher it uses, take a look at mcrypt as long as you know the cipher and key it should be easy to decrypt.

沦落红尘 2024-11-08 08:37:06

如果您知道加密所使用的密码和模式,函数mcrypt_decrypt可以解密它。

https://www.php.net/manual/en/function。 mcrypt-decrypt.php

If you know the cipher and mode used by the encryption, the function mcrypt_decrypt can decrypt it.

https://www.php.net/manual/en/function.mcrypt-decrypt.php

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文