<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>加密过滤器</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="PHP 手册"
HREF="index.html"><LINK
REL="UP"
TITLE="可用过滤器列表"
HREF="filters.html"><LINK
REL="PREVIOUS"
TITLE="压缩过滤器"
HREF="filters.compression.html"><LINK
REL="NEXT"
TITLE="所支持的套接字传输器(Socket Transports)列表"
HREF="transports.html"><META
HTTP-EQUIV="Content-type"
CONTENT="text/html; charset=UTF-8"></HEAD
><BODY
CLASS="section"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>PHP 手册</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="filters.compression.html"
ACCESSKEY="P"
>上一页</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>附录 O. 可用过滤器列表</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="transports.html"
ACCESSKEY="N"
>下一页</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="section"
><H1
CLASS="section"
><A
NAME="filters.encryption"
>加密过滤器</A
></H1
><P
> <TT
CLASS="literal"
>mcrypt.*</TT
> 和 <TT
CLASS="literal"
>mdecrypt.*</TT
>
使用 libmcrypt 提供了对称的加密和解密。这两组过滤器都支持
<A
HREF="ref.mcrypt.html"
>mcrypt 扩展库</A
>中相同的算法,格式为
<TT
CLASS="literal"
>mcrypt.ciphername</TT
>,其中 <CODE
CLASS="parameter"
>ciphername</CODE
>
是密码的名字,将被传递给 <A
HREF="function.mcrypt-module-open.html"
><B
CLASS="function"
>mcrypt_module_open()</B
></A
>。有以下五个过滤器参数可用:
</P
><P
> <DIV
CLASS="table"
><A
NAME="AEN303658"
></A
><P
><B
>表 O-1. mcrypt 过滤器参数</B
></P
><TABLE
BORDER="1"
CLASS="CALSTABLE"
><COL><COL><COL><COL><THEAD
><TR
><TH
>参数</TH
><TH
>是否必须</TH
><TH
>默认值</TH
><TH
>取值举例</TH
></TR
></THEAD
><TBODY
><TR
><TD
>mode</TD
><TD
>可选</TD
><TD
>cbc</TD
><TD
>cbc, cfb, ecb, nofb, ofb, stream</TD
></TR
><TR
><TD
>algorithms_dir</TD
><TD
>可选</TD
><TD
>ini_get('mcrypt.algorithms_dir')</TD
><TD
>algorithms 模块的目录</TD
></TR
><TR
><TD
>modes_dir</TD
><TD
>可选</TD
><TD
>ini_get('mcrypt.modes_dir')</TD
><TD
>modes 模块的目录</TD
></TR
><TR
><TD
>iv</TD
><TD
>必须</TD
><TD
>N/A</TD
><TD
>典型为 8,16 或 32 字节的二进制数据。根据密码而定</TD
></TR
><TR
><TD
>key</TD
><TD
>必须</TD
><TD
>N/A</TD
><TD
>典型为 8,16 或 32 字节的二进制数据。根据密码而定</TD
></TR
></TBODY
></TABLE
></DIV
>
</P
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
CLASS="EXAMPLE"
><TR
><TD
><DIV
CLASS="example"
><A
NAME="AEN303693"
></A
><P
><B
>例 O-10. 用 3DES 将文件加密输出</B
></P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><code><font color="#000000">
<font color="#0000BB"><?php<br />$passphrase </font><font color="#007700">= </font><font color="#DD0000">'My secret'</font><font color="#007700">;<br /><br /></font><font color="#FF8000">/* Turn a human readable passphrase<br /> * into a reproducable iv/key pair<br /> */<br /></font><font color="#0000BB">$iv </font><font color="#007700">= </font><font color="#0000BB">substr</font><font color="#007700">(</font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'iv'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">), </font><font color="#0000BB">0</font><font color="#007700">, </font><font color="#0000BB">8</font><font color="#007700">);<br /></font><font color="#0000BB">$key </font><font color="#007700">= </font><font color="#0000BB">substr</font><font color="#007700">(</font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'pass1'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">) .<br /> </font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'pass2'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">), </font><font color="#0000BB">0</font><font color="#007700">, </font><font color="#0000BB">24</font><font color="#007700">);<br /></font><font color="#0000BB">$opts </font><font color="#007700">= array(</font><font color="#DD0000">'iv'</font><font color="#007700">=></font><font color="#0000BB">$iv</font><font color="#007700">, </font><font color="#DD0000">'key'</font><font color="#007700">=></font><font color="#0000BB">$key</font><font color="#007700">);<br /><br /></font><font color="#0000BB">$fp </font><font color="#007700">= </font><font color="#0000BB">fopen</font><font color="#007700">(</font><font color="#DD0000">'secert-file.enc'</font><font color="#007700">, </font><font color="#DD0000">'wb'</font><font color="#007700">);<br /></font><font color="#0000BB">stream_filter_append</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">, </font><font color="#DD0000">'mcrypt.tripledes'</font><font color="#007700">, </font><font color="#0000BB">STREAM_FILTER_WRITE</font><font color="#007700">, </font><font color="#0000BB">$opts</font><font color="#007700">);<br /></font><font color="#0000BB">fwrite</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">, </font><font color="#DD0000">'Secret secret secret data'</font><font color="#007700">);<br /></font><font color="#0000BB">fclose</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">);<br /></font><font color="#0000BB">?></font>
</font>
</code></TD
></TR
></TABLE
></DIV
></TD
></TR
></TABLE
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
CLASS="EXAMPLE"
><TR
><TD
><DIV
CLASS="example"
><A
NAME="AEN303696"
></A
><P
><B
>例 O-11. 读取加密的文件</B
></P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><code><font color="#000000">
<font color="#0000BB"><?php<br />$passphrase </font><font color="#007700">= </font><font color="#DD0000">'My secret'</font><font color="#007700">;<br /><br /></font><font color="#FF8000">/* Turn a human readable passphrase<br /> * into a reproducable iv/key pair<br /> */<br /></font><font color="#0000BB">$iv </font><font color="#007700">= </font><font color="#0000BB">substr</font><font color="#007700">(</font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'iv'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">), </font><font color="#0000BB">0</font><font color="#007700">, </font><font color="#0000BB">8</font><font color="#007700">);<br /></font><font color="#0000BB">$key </font><font color="#007700">= </font><font color="#0000BB">substr</font><font color="#007700">(</font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'pass1'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">) .<br /> </font><font color="#0000BB">md5</font><font color="#007700">(</font><font color="#DD0000">'pass2'</font><font color="#007700">.</font><font color="#0000BB">$passphrase</font><font color="#007700">, </font><font color="#0000BB">true</font><font color="#007700">), </font><font color="#0000BB">0</font><font color="#007700">, </font><font color="#0000BB">24</font><font color="#007700">);<br /></font><font color="#0000BB">$opts </font><font color="#007700">= array(</font><font color="#DD0000">'iv'</font><font color="#007700">=></font><font color="#0000BB">$iv</font><font color="#007700">, </font><font color="#DD0000">'key'</font><font color="#007700">=></font><font color="#0000BB">$key</font><font color="#007700">);<br /><br /></font><font color="#0000BB">$fp </font><font color="#007700">= </font><font color="#0000BB">fopen</font><font color="#007700">(</font><font color="#DD0000">'secert-file.enc'</font><font color="#007700">, </font><font color="#DD0000">'rb'</font><font color="#007700">);<br /></font><font color="#0000BB">stream_filter_append</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">, </font><font color="#DD0000">'mdecrypt.tripledes'</font><font color="#007700">, </font><font color="#0000BB">STREAM_FILTER_WRITE</font><font color="#007700">, </font><font color="#0000BB">$opts</font><font color="#007700">);<br /></font><font color="#0000BB">$data </font><font color="#007700">= </font><font color="#0000BB">rtrim</font><font color="#007700">(</font><font color="#0000BB">stream_get_contents</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">));<br /></font><font color="#0000BB">fclose</font><font color="#007700">(</font><font color="#0000BB">$fp</font><font color="#007700">);<br /><br />echo </font><font color="#0000BB">$data</font><font color="#007700">;<br /></font><font color="#0000BB">?></font>
</font>
</code></TD
></TR
></TABLE
></DIV
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="filters.compression.html"
ACCESSKEY="P"
>上一页</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>起始页</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="transports.html"
ACCESSKEY="N"
>下一页</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>压缩过滤器</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="filters.html"
ACCESSKEY="U"
>上一级</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>所支持的套接字传输器(Socket Transports)列表</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
