php加密

The key types of cryptography with which a PHP developer should be familiar are as follows:
Symmetric cryptography
Asymmetric (public key) cryptography
Cryptographic hash functions (message digests)
Message authentication codes (MACs)

The majority of this appendix focuses on symmetric cryptography using the  mcryptextension. Other good resources that you should review
are as follows:
Applied Cryptography, by Bruce Schneier (Wiley)
http://www.schneier.com/blog/
http://wikipedia.org/wiki/Cryptography
http://phpsec.org/articles/2005/password-hashing.html
http://pear.php.net/package/Crypt_HMAC
http://pear.php.net/package/Crypt_RSA

1. Storing Passwords
You should never store cleartext passwordsin a database. Instead, store the hash of the password, and use a salt for best results :
<?php
/* $password contains the password. */
$salt = 'SHIFLETT';
$password_hash = md5($salt . md5($password . $salt));
/* Store password hash. */
?>
When you want to determine whether a user has provided the correct password, hash the provided password using the same technique, and
compare the hashes:
<?php
$salt = 'SHIFLETT';
$password_hash = md5($salt . md5($_POST['password'] . $salt));
/* Compare password hashes. */
?>
If the hashes are identical, you are reasonably assured that the passwords are also identical.
Using this technique, it is not possible to remind users what their passwords are. When a user forgets
her password, you instead let her create a new one, and you store the hash of the new password in the
database. Of course, you want to be very careful to identify the user correctlypassword-reminder
mechanisms are frequent targets of attack and a common source of security vulnerabilities.

2.Using mcrypt

查看支持的加密方式

<?php
echo "<pre>".print_r(mcrypt_list_algorithms(),TRUE).'</pre>';

Encrypting and decrypting data are achieved by using mcrypt_encrypt( )and  mcrypt_decrypt( ), respectively. Each of these functions accepts
five arguments, the first of which is the algorithm to use:

 

 

<?php
header('Content-type:text/html;charset=utf8');
class crypt
{
private $algorithm;
private $mode;
private $random_source;
public $cleartext;
public $ciphertext;
public $iv;
private $key;
public function setKey($key){
     $this->key=$key;
}
public function __construct($algorithm = MCRYPT_TWOFISH,
$mode = MCRYPT_MODE_CBC,
$random_source = MCRYPT_DEV_URANDOM)
{
$this->algorithm = $algorithm;
$this->mode = $mode;
$this->random_source = $random_source;
}
public function generate_iv()
{
$this->iv = mcrypt_create_iv(mcrypt_get_iv_size($this->algorithm,
$this->mode), $this->random_source);
}
public function encrypt()
{
$this->ciphertext = mcrypt_encrypt($this->algorithm,
$this->key, $this->cleartext, $this->mode, $this->iv);
}
public function decrypt()
{
$this->cleartext = mcrypt_decrypt($this->algorithm,
$this->key, $this->ciphertext, $this->mode, $this->iv);
}
}

$crypt=new crypt();
$crypt->setKey("ddafd");
$crypt->cleartext="this is a string";
$crypt->generate_iv();
$crypt->encrypt();
echo $crypt->ciphertext;
$ciphertext=base64_encode($crypt->ciphertext);
$iv=base64_encode($crypt->iv);
unset($crypt);
$ciphertext=base64_decode($ciphertext);
$iv=base64_decode($iv);
$crypt=new crypt();
$crypt->setKey("ddafd");
$crypt->iv=$iv;
$crypt->ciphertext=$ciphertext;
$crypt->decrypt();
$cleartext=$crypt->cleartext;
echo "<hr/>".$cleartext;
?>

4.