php encryption and decryption function authcode usage detail analysis

  • 2020-10-23 20:54:55
  • OfStack

Core tip: Comson authcode function can be said to China's PHP made a significant contribution to the community. Both Comson's own products and most Chinese companies that use PHP, which encrypts and decrypts using xor, use this function.

Kangsheng's authcode function can be said to have made a great contribution to China's PHP field. Comson's own products, as well as most Chinese companies that use PHP, which encrypts and decrypts using xor, use this function.

The principle is as follows, if:

encryption

Clear text: 1010 1001

Key: 1110 0011

Ciphertext: 0100 1010

Get the cipher text 0100 1010, decrypt the need and the key is different or under it

decryption

Ciphertext: 0100 1010

Key: 1110 0011

Clear text: 1010 1001

There's no fancy algorithm, the key is important, so the key is how to generate the key.

Let's take a look at how Comson authcode makes it from 1 onwards


 //  Parameter interpretation   
 // $string :   clear   or   cipher   
 // $operation : DECODE Said the decryption , Other representation encryption   
 // $key :   The key   
 // $expiry : Expiry date of ciphertext   
 function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) {  
   //  Dynamic key length, same plaintext will generate different ciphertext depending on the dynamic key   
   $ckey_length = 4;  
     
   //  The key   
   $key = md5($key ? $key : $GLOBALS['discuz_auth_key']);  
     
   //  The key a Will participate in the decryption   
   $keya = md5(substr($key, 0, 16));  
   //  The key b Will be used for data integrity verification   
   $keyb = md5(substr($key, 16, 16));  
   //  The key c Ciphertext for change generation   
   $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): 
substr(md5(microtime()), -$ckey_length)) : '';  
   //  The key that takes part in the operation   
   $cryptkey = $keya.md5($keya.$keyc);  
   $key_length = strlen($cryptkey);  
   //  Before the clear, 10 Bits are used to hold timestamps, verify data validity when decrypting, 10 to 26 Bits for storing $keyb( The key b) This key is used to verify data integrity when decrypted   
   //  If it's decoding, it's going to start at number one $ckey_length Bits start as ciphertext precedes $ckey_length A save   Dynamic key to ensure correct decryption   
   $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : 
sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string;  
   $string_length = strlen($string);  
   $result = '';  
   $box = range(0, 255);  
   $rndkey = array();  
   //  Generate the keybook   
   for($i = 0; $i <= 255; $i++) {  
     $rndkey[$i] = ord($cryptkey[$i % $key_length]);  
   }  
   //  Using a fixed algorithm, shuffling the keybook, increasing randomness, seems complicated, but it doesn't actually increase the strength of the ciphertext   
   for($j = $i = 0; $i < 256; $i++) {  
     $j = ($j + $box[$i] + $rndkey[$i]) % 256;  
     $tmp = $box[$i];  
     $box[$i] = $box[$j];  
     $box[$j] = $tmp;  
   }  
   //  Core encryption and decryption part   
   for($a = $j = $i = 0; $i < $string_length; $i++) {  
     $a = ($a + 1) % 256;  
     $j = ($j + $box[$a]) % 256;  
     $tmp = $box[$a];  
     $box[$a] = $box[$j];  
     $box[$j] = $tmp;  
     //  Get the key from the keybook for xor, and then convert to characters   
     $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));  
   }  
   if($operation == 'DECODE') {  
     // substr($result, 0, 10) == 0  Verify data validity   
     // substr($result, 0, 10) - time() > 0  Verify data validity   
     // substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)  Verify data integrity   
     //  To verify the validity of the data, see unencrypted plaintext format   
     if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && 
substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) {  
       return substr($result, 26);  
     } else {  
       return '';  
     }  
   } else {  
     //  Keep the dynamic key in ciphertext, which is why the same plaintext can be decrypted by producing different ciphertext   
     //  Because the encrypted ciphertext could be 1 Some special characters may be lost in the copying process, so use base64 coding   
     return $keyc.str_replace('=', '', base64_encode($result));  
   }  
 }

Related articles: