<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML ><HEAD ><TITLE >加密过滤器</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK REL="HOME" TITLE="PHP 手册" HREF="index.html"><LINK REL="UP" TITLE="可用过滤器列表" HREF="filters.html"><LINK REL="PREVIOUS" TITLE="压缩过滤器" HREF="filters.compression.html"><LINK REL="NEXT" TITLE="所支持的套接字传输器(Socket Transports)列表" HREF="transports.html"><META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=UTF-8"></HEAD ><BODY CLASS="section" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >PHP 手册</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="filters.compression.html" ACCESSKEY="P" >上一页</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" >附录 O. 可用过滤器列表</TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="transports.html" ACCESSKEY="N" >下一页</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="section" ><H1 CLASS="section" ><A NAME="filters.encryption" >加密过滤器</A ></H1 ><P > <TT CLASS="literal" >mcrypt.*</TT > 和 <TT CLASS="literal" >mdecrypt.*</TT > 使用 libmcrypt 提供了对称的加密和解密。这两组过滤器都支持 <A HREF="ref.mcrypt.html" >mcrypt 扩展库</A >中相同的算法,格式为 <TT CLASS="literal" >mcrypt.ciphername</TT >,其中 <CODE CLASS="parameter" >ciphername</CODE > 是密码的名字,将被传递给 <A HREF="function.mcrypt-module-open.html" ><B CLASS="function" >mcrypt_module_open()</B ></A >。有以下五个过滤器参数可用: </P ><P > <DIV CLASS="table" ><A NAME="AEN303658" ></A ><P ><B >表 O-1. mcrypt 过滤器参数</B ></P ><TABLE BORDER="1" CLASS="CALSTABLE" ><COL><COL><COL><COL><THEAD ><TR ><TH >参数</TH ><TH >是否必须</TH ><TH >默认值</TH ><TH >取值举例</TH ></TR ></THEAD ><TBODY ><TR ><TD >mode</TD ><TD >可选</TD ><TD >cbc</TD ><TD >cbc, cfb, ecb, nofb, ofb, stream</TD ></TR ><TR ><TD >algorithms_dir</TD ><TD >可选</TD ><TD >ini_get('mcrypt.algorithms_dir')</TD ><TD >algorithms 模块的目录</TD ></TR ><TR ><TD >modes_dir</TD ><TD >可选</TD ><TD >ini_get('mcrypt.modes_dir')</TD ><TD >modes 模块的目录</TD ></TR ><TR ><TD >iv</TD ><TD >必须</TD ><TD >N/A</TD ><TD >典型为 8,16 或 32 字节的二进制数据。根据密码而定</TD ></TR ><TR ><TD >key</TD ><TD >必须</TD ><TD >N/A</TD ><TD >典型为 8,16 或 32 字节的二进制数据。根据密码而定</TD ></TR ></TBODY ></TABLE ></DIV > </P ><TABLE WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" CLASS="EXAMPLE" ><TR ><TD ><DIV CLASS="example" ><A NAME="AEN303693" ></A ><P ><B >例 O-10. 用 3DES 将文件加密输出</B ></P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" CELLPADDING="5" ><TR ><TD ><code><font color="#000000"> <font color="#0000BB"><?php<br />$passphrase </font><font color="#007700">= </font><font color="#DD0000">'My secret'</font><font color="#007700">;<br /><br /></font><font color="#FF8000">/* Turn a human readable passphrase<br /> * into a reproducable iv/key pair<br /> */<br /></font><font color="#0000BB">$iv </font><font color="#007700">= </font><font color="#0000BB">substr</font><font color="#007700">(</font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'iv'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">), </font><font color="#0000BB">0</font><font color="#007700">, </font><font color="#0000BB">8</font><font color="#007700">);<br /></font><font color="#0000BB">$key </font><font color="#007700">= </font><font color="#0000BB">substr</font><font color="#007700">(</font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'pass1'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">) .<br /> </font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'pass2'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">), </font><font color="#0000BB">0</font><font color="#007700">, </font><font color="#0000BB">24</font><font color="#007700">);<br /></font><font color="#0000BB">$opts </font><font color="#007700">= array(</font><font color="#DD0000">'iv'</font><font color="#007700">=></font><font color="#0000BB">$iv</font><font color="#007700">, </font><font color="#DD0000">'key'</font><font color="#007700">=></font><font color="#0000BB">$key</font><font color="#007700">);<br /><br /></font><font color="#0000BB">$fp </font><font color="#007700">= </font><font color="#0000BB">fopen</font><font color="#007700">(</font><font color="#DD0000">'secert-file.enc'</font><font color="#007700">, </font><font color="#DD0000">'wb'</font><font color="#007700">);<br /></font><font color="#0000BB">stream_filter_append</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">, </font><font color="#DD0000">'mcrypt.tripledes'</font><font color="#007700">, </font><font color="#0000BB">STREAM_FILTER_WRITE</font><font color="#007700">, </font><font color="#0000BB">$opts</font><font color="#007700">);<br /></font><font color="#0000BB">fwrite</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">, </font><font color="#DD0000">'Secret secret secret data'</font><font color="#007700">);<br /></font><font color="#0000BB">fclose</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">);<br /></font><font color="#0000BB">?></font> </font> </code></TD ></TR ></TABLE ></DIV ></TD ></TR ></TABLE ><TABLE WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" CLASS="EXAMPLE" ><TR ><TD ><DIV CLASS="example" ><A NAME="AEN303696" ></A ><P ><B >例 O-11. 读取加密的文件</B ></P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" CELLPADDING="5" ><TR ><TD ><code><font color="#000000"> <font color="#0000BB"><?php<br />$passphrase </font><font color="#007700">= </font><font color="#DD0000">'My secret'</font><font color="#007700">;<br /><br /></font><font color="#FF8000">/* Turn a human readable passphrase<br /> * into a reproducable iv/key pair<br /> */<br /></font><font color="#0000BB">$iv </font><font color="#007700">= </font><font color="#0000BB">substr</font><font color="#007700">(</font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'iv'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">), </font><font color="#0000BB">0</font><font color="#007700">, </font><font color="#0000BB">8</font><font color="#007700">);<br /></font><font color="#0000BB">$key </font><font color="#007700">= </font><font color="#0000BB">substr</font><font color="#007700">(</font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'pass1'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">) .<br /> </font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'pass2'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">), </font><font color="#0000BB">0</font><font color="#007700">, </font><font color="#0000BB">24</font><font color="#007700">);<br /></font><font color="#0000BB">$opts </font><font color="#007700">= array(</font><font color="#DD0000">'iv'</font><font color="#007700">=></font><font color="#0000BB">$iv</font><font color="#007700">, </font><font color="#DD0000">'key'</font><font color="#007700">=></font><font color="#0000BB">$key</font><font color="#007700">);<br /><br /></font><font color="#0000BB">$fp </font><font color="#007700">= </font><font color="#0000BB">fopen</font><font color="#007700">(</font><font color="#DD0000">'secert-file.enc'</font><font color="#007700">, </font><font color="#DD0000">'rb'</font><font color="#007700">);<br /></font><font color="#0000BB">stream_filter_append</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">, </font><font color="#DD0000">'mdecrypt.tripledes'</font><font color="#007700">, </font><font color="#0000BB">STREAM_FILTER_WRITE</font><font color="#007700">, </font><font color="#0000BB">$opts</font><font color="#007700">);<br /></font><font color="#0000BB">$data </font><font color="#007700">= </font><font color="#0000BB">rtrim</font><font color="#007700">(</font><font color="#0000BB">stream_get_contents</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">));<br /></font><font color="#0000BB">fclose</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">);<br /><br />echo </font><font color="#0000BB">$data</font><font color="#007700">;<br /></font><font color="#0000BB">?></font> </font> </code></TD ></TR ></TABLE ></DIV ></TD ></TR ></TABLE ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="filters.compression.html" ACCESSKEY="P" >上一页</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >起始页</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="transports.html" ACCESSKEY="N" >下一页</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >压缩过滤器</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="filters.html" ACCESSKEY="U" >上一级</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >所支持的套接字传输器(Socket Transports)列表</TD ></TR ></TABLE ></DIV ></BODY ></HTML >