- [1. 对称加密](#1-对称加密)
  - [1.1. 国密算法SM系列](#11-国密算法sm系列)
  - [1.2. 3DES 加密](#12-3des-加密)
  - [1.3. AES 加密](#13-aes-加密)
  - [1.4. RSA加密](#14-rsa加密)
  - [1.5. 单向加密](#15-单向加密)


加密是指将明文直接可见的数据以特定的算法进行混淆，以保证数据的安全掩蔽性常见的加密算法可以分为对称加密、非对称加密以及单向加密（哈希算法）

# 1. 对称加密

- 对称加密指的是采用单密钥进行加密，并且该密钥可以对数据进行加密和解密处理
- 目前这类加密算法安全性均比较高，数据的实际安全性取决于密钥的管理
- 常用的算法有DES、3DES、TDEA、Blowfish、RC2、RC4、RC5、IDEA、SKIPJACK、AES 等

## 1.1. 国密算法SM系列

- 国密算法是国家密码管理局制定标准的一系列算法。
- SM1，对称加密算法，加密强度为128位，采用硬件实现
- SM2，非对称算法，椭圆曲线公钥密码，其加密强度为256位
- SM3，密码杂凑（哈希）算法，杂凑值长度为32字节
- SM4，对称加密算法，可使用软件实现，加密强度为128位。
- SM7，对称加密算法，加密强度为128位SM9，标识密码算法，非对称

## 1.2. 3DES 加密

- 在 php.ini 中打开 php_mcrypt.dll 以及php_mcrypt_filter.dll 两个lib库的引用
- 即去掉代码前面的分号;
- extension=php_mcrypt.dll;

phpinfo 中会有对应的显示

![image-20251030174105509](img/image-20251030174105509.png)

```php
<?php
    header("Content-Type:text/html;charset=utf-8");//PHP显示中文
	echo "PHP使用3DES加密算法举例："."<br />";
	
	class Crypt3Des{
		public $key = "123456789";//加密密钥
		function Crypt3Des($key){
			$this->key=$key;
		}
		//加密函数
		function encrypt($input){
			$size = mcrypt_get_block_size(MCRYPT_3DES,'ecb');
			$input = $this->pkcs5_pad($input,$size);
			$key = str_pad($this->key,24,'0');
			$td = mcrypt_module_open(MCRYPT_3DES,'','ecb','');
			$iv = @mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND); 
			@mcrypt_generic_init($td, $key, $iv);
			$data = mcrypt_generic($td, $input);
			mcrypt_generic_deinit($td);
			mcrypt_module_close($td); 
			// var_dump($data);
			// exit();
			$data = base64_encode($data);			
			return $data;
		}
		//解密函数
		function decrypt($encrypted){
			$encrypted = base64_decode($encrypted);
			$key = str_pad($this->key,24,'0');
			$td = mcrypt_module_open(MCRYPT_3DES,'','ecb','');
			$iv = @mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_RAND);
			$ks = mcrypt_enc_get_key_size($td);
			@mcrypt_generic_init($td, $key, $iv);
			$decrypted = mdecrypt_generic($td, $encrypted); 
			mcrypt_generic_deinit($td);
			mcrypt_module_close($td);
			$y=$this->pkcs5_unpad($decrypted); 
			return $y;
		}
		
		function pkcs5_pad($text, $blocksize){
			$pad = $blocksize - (strlen($text) % $blocksize); 
			return $text . str_repeat(chr($pad), $pad);
		}
		
		function pkcs5_unpad($text){
			$pad = ord($text{strlen($text)-1});
			if ($pad > strlen($text)) {
				return false;
			}
			if (strspn($text, chr($pad), strlen($text) - $pad) != $pad){ 
				return false;
			}
			return substr($text,0,-1*$pad);
		}
		
		function PaddingPKCS7($data){
			$block_size = mcrypt_get_block_size(MCRYPT_3DES, MCRYPT_MODE_CBC); $padding_char = $block_size - (strlen($data) % $block_size);
			$data .= str_repeat(chr($padding_char), $padding_char); 
			return $data;
		}
	}

//使用方法很简单，只要实例化这个类，直接调用相应函数即可，如下所示:
	$rep=new Crypt3Des('123456789');
	$input="hello 3des";
	echo "原文：" . $input . "<br />";
	$encrypt_card = $rep->encrypt($input);
	echo "加密：" . $encrypt_card . "<br />";
	echo "解密：" . $rep->decrypt($rep->encrypt($input));

?>
```

```
http://localhost/2020CodeAudit/c10/10-1-1-3des.php
```

结果：

```
PHP使用3DES加密算法举例：
原文：hello 3des
加密：o9f/220Jb4GFSTHV9NL7mQ==
解密：hello 3des
```

## 1.3. AES 加密

```php
<?php
    header("Content-Type:text/html;charset=utf-8");//PHP显示中文
	echo "PHP使用AES加密算法举例："."<br />";
	
	class Aes{
		public $_secrect_key='123456789';//密钥
		function Aes($key){
			$this->_secrect_key = $key;
		}
		/**
		* 加密方法
		* @param string $str
		* return string
		*/
		function encrypt($str){
		//AES, 128 ECB 模式加密数据
			$screct_key = $this->_secrect_key;
			$screct_key = base64_decode($screct_key);
			$str = trim($str);
			$str = $this->addPKCS7Padding($str);
			$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,MCRYPT_MODE_ECB),MCRYPT_RAND);
			$encrypt_str =	mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$screct_key,$str,MCRYPT_MODE_ECB, $iv);
			return base64_encode($encrypt_str);
		}
		/**解密方法
		* @param string $str
		* @return string
		*/
		function decrypt($str){
		//AES, 128 ECB 模式加密数据
			$screct_key = $this->_secrect_key;
			$str = base64_decode($str);
			$screct_key = base64_decode($screct_key);
			$iv = mcrypt_create_iv (mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB),MCRYPT_RAND);
			$encrypt_str =	mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$screct_key,$str, MCRYPT_MODE_ECB,$iv);
			$encrypt_str = trim($encrypt_str);
			$encrypt_str = $this->stripPKSC7Padding($encrypt_str);
			return $encrypt_str;
		}
		/**填充算法
		* @param string $source
		* @return string
		*/
		function addPKCS7Padding($source){
			$source = trim($source);
			$block = mcrypt_get_block_size('rijndael-128', 'ecb'); 
			$pad = $block - (strlen($source) % $block);
			if ($pad <= $block){
				$char = chr($pad);
				$source .= str_repeat($char,$pad);
			}
			return $source;
			
		}
		/**移去填充算法
		* Qparam string $source
		* return string
		*/
		function stripPKSC7Padding($source){
			$source = trim($source);
			$char = substr($source,-1);
			$num = ord($char);
			if($num==62) return $source;
			$source = substr($source,0,-$num); 
			return $source;
		}
	}
//这个加密类使用起来也相当简单:
	$rep=new Aes('123456789');
	$input="hello aes";
	echo "原文：" . $input. "<br />";
	$encrypt_card=$rep->encrypt($input);
	echo "加密：" . $encrypt_card. "<br />";
	echo "解密：" . $rep->decrypt($rep->encrypt($input));
?>
```

```
http://localhost/2020CodeAudit/c10/10-1-2-aes.php
```

结果：

```
PHP使用AES加密算法举例：
原文：hello aes
加密：108Ts7vcLcvkhfDv1PgIMA==
解密：hello aes
```

## 1.4. RSA加密

```php
<?php
    header("Content-Type:text/html;charset=utf-8");//PHP显示中文
	echo "PHP生成RSA密钥："."<br />";
	set_time_limit(0);
	include("./Crypt/RSA.php");
	$rsa = new Crypt_RSA();
	extract($rsa->createKey());
	echo "$privatekey" . '<br />' . "$publickey";
?>
```

```
http://localhost/2020CodeAudit/c10/phpseclib/10-2-generateRSAkey.php
```

```
PHP生成RSA密钥：
-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQDVPFtEVTY/ANoohAq3k5VrRJuQpQbcd7lq5dFgPm3Rkkvi31nG zGVm4BKjice3HYX82aT+dbzV/B4AoHcGwarbT0cRL5Pl12x4vFRFevC/NU7fES4z WRRar4ZSY+iBKxDJuMkvXsrAWo3LLRWj+aJHKZ9pUZHJmD2Aqysm+6rWEQIDAQAB AoGAXvOsdGY5bJ61hnsdxpc6XvTDDQrfXkcV0ssZi/DguAScNB9e+85CjSfUROxy eVD1PB2ygfjtqJ/GwGKz/dc5e/SpFGBJGjPMwqElHsXhHUMbai8rODJQ9Fp1HOy/ shLM3rsVMPcG3tQYIbq23fp46xrtTN2LH6pRp8qRHUsQP5ECQQD0sHZRK19gFyCn FZzqULuQrimJZhHAszVYwUmTuCJqKGDILkScSjNlnGPe1ZMcin4R8Np6gy2lJRPN x6A+BDfFAkEA3xewISSq82G+hqMFsyCR7T0E2AJQcWlygTAmFl7AHvbV6K87rEQX +rumG39ncUz3a4X2P50GRh8rjbhfYNX93QJAJWc8DthUcfnXEfNp0x+YLFuTGd+y YwSB6RlSx/PjvtqBQNhhwIpPJP8s/Qkkvb4l21Q38XZP6eirCE+1nQVECQJAbzl+ JGgFmuXmeXWZh977Ig5D9fXhaUmrPuFke86tdkKWDzYeSBqC4gzgGeGBDynSSRc2 2CxPTnKH4lZDpyHJOQJBANMqS0nTJQ1tNRBvGybAT6fkIkcyZFATqqJy77Z3BbAP N2ox9li4mxXQsN32cY5U1DanGGjfjfsX0twYQ0igzbs= -----END RSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVPFtEVTY/ANoohAq3k5VrRJuQ pQbcd7lq5dFgPm3Rkkvi31nGzGVm4BKjice3HYX82aT+dbzV/B4AoHcGwarbT0cR L5Pl12x4vFRFevC/NU7fES4zWRRar4ZSY+iBKxDJuMkvXsrAWo3LLRWj+aJHKZ9p UZHJmD2Aqysm+6rWEQIDAQAB -----END PUBLIC KEY-----
```



用 $rsa->encrypt($plaintext);函数用来加密用 $rsa->decrypt($ciphertext) 来解密并输出明文字符串“cuit.edu.cn"

```php
<?php
    header("Content-Type:text/html;charset=utf-8");//PHP显示中文
	echo "PHP RSA加解密示例："."<br />";
	set_time_limit(0);

	$PUBLIC_KEY = '-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCG2OewYkM9hQOJdthogOoj+8HO rJiZ+HXw8C3wbeu4cDcz0P/XgqneyfXpEFadEanRlCRySzAlz0ki7xI0lhFzqw1K OmsUTaOCrtGMsDFQ72io6Ln98hbqFnS3Pc8S0DhYAHrdvFmUyh/QcRJrWRbcQsV4 sG1ThpqjzwTgJLhYjwIDAQAB -----END PUBLIC KEY-----';
	$PRIVATE_KEY = '-----BEGIN RSA PRIVATE KEY----- MIICWwIBAAKBgQCG2OewYkM9hQOJdthogOoj+8HOrJiZ+HXw8C3wbeu4cDcz0P/X gqneyfXpEFadEanRlCRySzAlz0ki7xI0lhFzqw1KOmsUTaOCrtGMsDFQ72io6Ln9 8hbqFnS3Pc8S0DhYAHrdvFmUyh/QcRJrWRbcQsV4sG1ThpqjzwTgJLhYjwIDAQAB AoGAFW+oDnvjE4Wwb8BNm6ND//oMBPZJVfn6NGsslQgW951txmtxgvQPBqRqq/pA bTylwclqgnlzCyJTY93HB5wEOaDjJBSa/niHyRVnPQM51eIlNAmE18Lq77V/2QXh eL/fjmLc8MSjvfdbHJd/de4UewXE0N9fhc/TFXhqqtO1+X0CQQCKsYYmdDj2mkpy VZs/1Zn4xysocjw3OBp7dDG4Zihzik07qdLDmx9skFyxsMVw6igIPuIPvrbf1fLf SotKaHfDAkEA+OaXytfOwAYUbOqwbeJfigXDSjAgpqzU4LqmM3PeFGFSCgRShlJy lhypxYPb2tJaR3JWUzhPuyl0oJ4Wbe+bRQJASGMBLj7IoETFCEmP3tBALWzeJJ0C uptIjxiE/sYq5KrRRouLGlZzHzl1d7RYSGed/ze6yxbx4X+L5GjGrE47+wJAVeKL wiyRZOU0KxkYY/JW8TNn3bOZsKm2kw0UyHBU00d5nYc8SqksbOvbERKczHcFO94S N4kYygZV/g5OwwSI2QJAdGV4N43bK6DwWcpvAVD/KTlprvGUdHHol5Pe8CtipMr9 oE9qljXzppyzS9vVrf+6KtTDgIIivosxnrHHPyIOmQ== -----END RSA PRIVATE KEY-----';
	
	include('./Crypt/RSA.php');
	$rsa = new Crypt_RSA();
	$rsa->loadKey($PUBLIC_KEY) ; // 载入公钥
	$plaintext = 'cuit.edu.cn';
	$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
	$ciphertext = $rsa->encrypt($plaintext);//加密函数
	$rsa->loadKey($PRIVATE_KEY) ; // 载入私钥 
	echo $ciphertext."<br /> "."<br />"."<br /> "; 
	echo $rsa->decrypt($ciphertext);//解密函数

?>
```



```
http://localhost/2020CodeAudit/c10/phpseclib/10-2-RSAdecode.php
```

运行结果

```
PHP RSA加解密示例：
2�Ȁ-���
�������:�[�� 'Er0�p�����Fc��, ���Ә��?v�H.r$9�?�@,��-���- !ި�Z��<<���e��\�%x


cuit.edu.cn
```

## 1.5. 单向加密

MD系列(md4、md5) 和shal等

```php
<?php
    header("Content-Type:text/html;charset=utf-8");//PHP显示中文
	echo "PHP使用MD5和sha1加密算法举例："."<br />";
	
	echo 'phpsec md5: '.md5('xinan');
	echo '<br /> ';
	echo 'phpsec sha1: '.sha1('xinan');

?>
```



```
http://localhost/2020CodeAudit/c10/10-3-md5.php
```

结果：

```
PHP使用MD5和sha1加密算法举例：
phpsec md5: d71e1f2ea8307656a8a02136116e1b7b
phpsec sha1: 28c2e7fbf2f6f121a2643d620424b6f9bf6b8d10
```