PHP Crypto::Decrypt方法代码示例

 /**
  * Method to decrypt a data string.
  *
  * @param   string     $data  The encrypted string to decrypt.
  * @param   JCryptKey  $key   The key object to use for decryption.
  *
  * @return  string  The decrypted data string.
  *
  * @since   3.5
  * @throws  RuntimeException
  */
 public function decrypt($data, JCryptKey $key)
 {
     // Validate key.
     if ($key->type != 'crypto') {
         throw new InvalidArgumentException('Invalid key of type: ' . $key->type . '.  Expected crypto.');
     }
     // Decrypt the data.
     try {
         return Crypto::Decrypt($data, $key->public);
     } catch (InvalidCiphertextException $ex) {
         throw new RuntimeException('DANGER! DANGER! The ciphertext has been tampered with!', $ex->getCode(), $ex);
     } catch (CryptoTestFailedException $ex) {
         throw new RuntimeException('Cannot safely perform decryption', $ex->getCode(), $ex);
     } catch (CannotPerformOperationException $ex) {
         throw new RuntimeException('Cannot safely perform decryption', $ex->getCode(), $ex);
     }
 }

 private static function TestEncryptDecrypt()
 {
     $key = Crypto::CreateNewRandomKey();
     $data = "EnCrYpT EvErYThInG";
     // Make sure encrypting then decrypting doesn't change the message.
     $ciphertext = Crypto::Encrypt($data, $key);
     try {
         $decrypted = Crypto::Decrypt($ciphertext, $key);
     } catch (InvalidCiphertextException $ex) {
         // It's important to catch this and change it into a
         // CryptoTestFailedException, otherwise a test failure could trick
         // the user into thinking it's just an invalid ciphertext!
         throw new CryptoTestFailedException();
     }
     if ($decrypted !== $data) {
         throw new CryptoTestFailedException();
     }
     // Modifying the ciphertext: Appending a string.
     try {
         Crypto::Decrypt($ciphertext . "a", $key);
         throw new CryptoTestFailedException();
     } catch (InvalidCiphertextException $e) {
         /* expected */
     }
     // Modifying the ciphertext: Changing an IV byte.
     try {
         $ciphertext[0] = chr((ord($ciphertext[0]) + 1) % 256);
         Crypto::Decrypt($ciphertext, $key);
         throw new CryptoTestFailedException();
     } catch (InvalidCiphertextException $e) {
         /* expected */
     }
     // Decrypting with the wrong key.
     $key = Crypto::CreateNewRandomKey();
     $data = "abcdef";
     $ciphertext = Crypto::Encrypt($data, $key);
     $wrong_key = Crypto::CreateNewRandomKey();
     try {
         Crypto::Decrypt($ciphertext, $wrong_key);
         throw new CryptoTestFailedException();
     } catch (InvalidCiphertextException $e) {
         /* expected */
     }
     // Ciphertext too small (shorter than HMAC).
     $key = Crypto::CreateNewRandomKey();
     $ciphertext = str_repeat("A", self::MAC_BYTE_SIZE - 1);
     try {
         Crypto::Decrypt($ciphertext, $key);
         throw new CryptoTestFailedException();
     } catch (InvalidCiphertextException $e) {
         /* expected */
     }
 }

 public function getContent(Document $document, User $requester, $passPhrase)
 {
     $share = $document->getShareOf($requester);
     $encryptionKey = $this->getEncryptionKey($share, $passPhrase);
     return \Crypto::Decrypt(base64_decode($document->getEncryptedContent()), $encryptionKey);
 }

 /**
  * Decrypt a string using AES.
  * 
  * @param string $plaintext
  * @param string $key (optional)
  * @param bool $force_compat (optional)
  * @return string|false
  */
 public static function decrypt($ciphertext, $key = null, $force_compat = false)
 {
     // Get the encryption key.
     $key = $key ?: config('crypto.encryption_key');
     $key = substr(hash('sha256', $key, true), 0, 16);
     // Check whether the ciphertext is valid.
     $ciphertext = @base64_decode($ciphertext);
     if (strlen($ciphertext) < 48) {
         return false;
     }
     // Use defuse/php-encryption if possible.
     if (!$force_compat && function_exists('openssl_decrypt')) {
         try {
             return \Crypto::Decrypt($ciphertext, $key);
         } catch (\Exception $e) {
             return false;
         }
     }
     // Otherwise, use the CryptoCompat class.
     return \CryptoCompat::decrypt($ciphertext, $key);
 }

		/**
		* Decrypt $this->WeakestLic
		* @access public
		* @return array Decrypted lic
		*/
		private final function DecryptLic()
		{
			// Extract sault from license
			if ($this->AlgoVersion < 2)
			{
				$chunks = explode("rmYG", current($this->WeakestLic));
				$sault = $chunks[0];
				$lic = $chunks[1];
			}
			else
			{
				$sault = substr(current($this->WeakestLic), 0, 24);
				$lic = substr(current($this->WeakestLic), 24);
			}
			
			// Prepare and generate key - the base of trust
			$Crypto = new Crypto($this->LicKey);
			if ($this->AlgoVersion == 2)
				$shash = $Crypto->Hash("{$sault}{$this->LicKey}", "SHA256");
			else
				$shash = $Crypto->Hash("{$sault} invalid {$this->LicKey}", "SHA256");
			$key = substr($shash, 0, 12).substr($shash, -12);
			// end
			
			// Decrypt
			$retval = $Crypto->Decrypt($lic, $key);
			$retval = explode("|", $retval);
			
			$retval = array_map('trim', $retval);
			
			$Crypto = null;
			return($retval);
		}		

 /**
  * {@inheritdoc}
  *
  * json_decode with assoc flag set to true
  */
 public function decrypt($payload)
 {
     try {
         $result = \Crypto::Decrypt(base64_decode($payload), $this->key);
         return json_decode($result, true);
     } catch (\InvalidCiphertextException $e) {
         throw new DecryptException($e->getMessage(), $e->getCode(), $e);
     } catch (\CannotPerformOperationException $e) {
         throw new DecryptException($e->getMessage(), $e->getCode(), $e);
     } catch (\CryptoTestFailedException $e) {
         throw new EncrypterException($e->getMessage(), $e->getCode(), $e);
     }
 }

    $key = Crypto::CreateNewRandomKey();
    // WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
    // they may leak the key to the attacker through side channels.
} catch (CryptoTestFailedException $ex) {
    die('Cannot safely create a key');
} catch (CannotPerformOperationException $ex) {
    die('Cannot safely create a key');
}
$message = "ATTACK AT DAWN";
try {
    $ciphertext = Crypto::Encrypt($message, $key);
} catch (CryptoTestFailedException $ex) {
    die('Cannot safely perform encryption');
} catch (CannotPerformOperationException $ex) {
    die('Cannot safely perform decryption');
}
try {
    $decrypted = Crypto::Decrypt($ciphertext, $key);
} catch (InvalidCiphertextException $ex) {
    // VERY IMPORTANT
    // Either:
    //   1. The ciphertext was modified by the attacker,
    //   2. The key is wrong, or
    //   3. $ciphertext is not a valid ciphertext or was corrupted.
    // Assume the worst.
    die('DANGER! DANGER! The ciphertext has been tampered with!');
} catch (CryptoTestFailedException $ex) {
    die('Cannot safely perform encryption');
} catch (CannotPerformOperationException $ex) {
    die('Cannot safely perform decryption');
}

 /**
  * Decrypts a message
  * @param string $message 		The message to decryept
  * @return string $decrypted	The decrypted message
  */
 public static function decrypt($message, $key = NULL)
 {
     if ($key != NULL) {
         Yii::log('warning', 'Use of the `$key` parameter is deprecated', 'cii');
     }
     if (empty($message)) {
         return null;
     }
     $key = self::getEncryptionKey();
     try {
         $decrypted = Crypto::Decrypt(hex2bin($message), $key);
     } catch (InvalidCiphertextException $ex) {
         Yii::log('Ciphertext or key is invalid', 'error', 'cii');
         return null;
     } catch (CryptoTestFailedException $ex) {
         Yii::log('Ciphertext or key is invalid', 'error', 'cii');
         return null;
     } catch (CannotPerformOperationException $ex) {
         Yii::log('Ciphertext or key is invalid', 'error', 'cii');
         return null;
     }
     return $decrypted;
 }

        response(VALIDATION_MESSAGE_NOTFOUND, $errors, $logger);
    } else {
        $item = $repo->findById($id);
        $salt = base64_decode($item->salt);
        $data_encrypted = base64_decode($item->secret);
    }
}
// If all of the above validation checks pass, continue on
if (!$errors) {
    // Create decryption key
    $length = 16;
    $iterations = 10000;
    $key = hash_pbkdf2("sha256", $password, $salt . PASSWORD_PEPPER, $iterations, $length);
    // Decrypt data, reference: https://github.com/defuse/php-encryption/
    try {
        $data_decrypted = Crypto::Decrypt($data_encrypted, $key);
    } catch (InvalidCiphertextException $ex) {
        // VERY IMPORTANT
        response(DECRYPTION_PASSWORD_WRONG, true, $logger);
    } catch (CryptoTestFailedException $ex) {
        response(ENCRYPTION_UNSAFE, true, $logger);
    } catch (CannotPerformOperationException $ex) {
        response(DECRYPTION_UNSAFE, true, $logger);
    }
    // Delete message
    if ($use_orchestrate) {
        // Check if Orchestrate is enabled
        $item = $client->purge(ORCHESTRATE_COLLECTION, $id);
        $logger->info(LOG_ORCHESTRATE_PURGE);
    } else {
        // Fallback to Flywheel

 public function get_session($session_id)
 {
     //加密后的 session_id
     $decode = base64_decode($session_id);
     //检验 session_id 是否被篡改
     $keySize = Crypto::KEY_BYTE_SIZE;
     $key = mb_substr($decode, 0, $keySize, '8bit');
     $decode = mb_substr($decode, $keySize, null, '8bit');
     try {
         $decrypted = Crypto::Decrypt($decode, $key);
     } catch (InvalidCiphertextException $ex) {
         // VERY IMPORTANT
         // Either:
         //   1. The ciphertext was modified by the attacker,
         //   2. The key is wrong, or
         //   3. $ciphertext is not a valid ciphertext or was corrupted.
         // Assume the worst.
         //被人恶意修改Cookie
         return FALSE;
     } catch (CryptoTestFailedException $ex) {
         die('Cannot safely perform encryption');
     } catch (CannotPerformOperationException $ex) {
         die('Cannot safely perform decryption');
     }
     if (empty($decrypted)) {
         return FALSE;
     }
     //session id
     $session_id = $decrypted;
     session_id($session_id);
     session_start();
     return $_SESSION[$this->login_in_session_name];
 }

require __DIR__ . '/private/app.php';
$key = Crypto::CreateNewRandomKey();
$message = 'ATTACK AT DAWN';
$result = null;
if (isset($_POST['key'])) {
    $key = base64url_decode(strval($_POST['key']));
}
if (isset($_POST['message'])) {
    $message = strval($_POST['message']);
}
try {
    if (isset($_POST['encode'])) {
        $result = Crypto::Encrypt($message, $key);
    } else {
        if (isset($_POST['decode'])) {
            $message = Crypto::Decrypt(base64url_decode(strtr($message, array("\r" => '', "\n" => ''))), $key);
        }
    }
} catch (\Exception $exception) {
}
// WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
// they may leak the key to the attacker through side channels.
?>
<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="utf-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Using encryption in PHP | php_encryption</title>
	<link href="static/bower_components/bootstrap/dist/css/bootstrap.css" type="text/css" rel="stylesheet">