如何修复OpenSSL_ENCRYPT():使用空的初始化向量(IV)可能是不安全的,而不是在Laravel中建议?
我试图对查询字符串进行加密,但它给出了此错误。
<?php
class DES
{
var $key;
var $iv;
function DES( $key, $iv=0 ) {
$this->key = $key;
if( $iv == 0 ) {
$this->iv = $key;
} else {
$this->iv = $iv;
}
}
function encrypt($str) {
return base64_encode( openssl_encrypt($str, 'DES-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv ) );
}
}
?>
$str="method=GetUserStatusDV&Key=01234567789ABCDEF0123456789ABCDE&Time=20150101012345&Username=abd12345"; // for example
$key = 'ZyXw4321'; // for example
$crypt = new DES($key);
$mstr = $crypt->encrypt($str);
$urlemstr = urlencode($mstr);
echo "[ $str ] Encrypted: [ $mstr ] UrlEncoded encrypted string: [ $urlemstr ]";
OPENSSL_ENCRYPT():使用空的初始化向量(IV)可能是不安全的,不建议
I tried to DES encryption a Query String but it give this error.
<?php
class DES
{
var $key;
var $iv;
function DES( $key, $iv=0 ) {
$this->key = $key;
if( $iv == 0 ) {
$this->iv = $key;
} else {
$this->iv = $iv;
}
}
function encrypt($str) {
return base64_encode( openssl_encrypt($str, 'DES-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv ) );
}
}
?>
$str="method=GetUserStatusDV&Key=01234567789ABCDEF0123456789ABCDE&Time=20150101012345&Username=abd12345"; // for example
$key = 'ZyXw4321'; // for example
$crypt = new DES($key);
$mstr = $crypt->encrypt($str);
$urlemstr = urlencode($mstr);
echo "[ $str ] Encrypted: [ $mstr ] UrlEncoded encrypted string: [ $urlemstr ]";
openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
即使您正在使用折衷的方法来实例化类(使用相同名称而不是__ -construct方法),您提供的示例代码正在工作。
您可以这样改善班级。
Even though you are using a deprecated way to instantiate your class (using same name instead of __construct method) the sample code you provided is working.
You can improve your class like this.