PHP 和 mcrypt_decrypt():关于 "initialization vector size" 的警告
PHP and mcrypt_decrypt(): warning about "initialization vector size"
为什么我收到此代码的警告消息 "Warning: mcrypt_decrypt(): Received initialization vector of size 44, but size 32 is required for this encryption mode in..."?
$sessionKey = "Secr3t_Sess1on!Key_4t6ydv98*w8ds";
$data = "clear text";
$ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$keySize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
// Encode data
$iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM);
$key = mb_substr (hash('sha256', $sessionKey), 0, $keySize);
$encryptedData = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv);
$encryptedB64Data = base64_encode($iv.$encryptedData);
// Decode data
$data = base64_decode($encryptedB64Data, true);
$key = mb_substr (hash('sha256', $sessionKey), 0, $keySize);
$iv = mb_substr ($data, 0, $ivSize);
$data = mb_substr ($data, $ivSize);
$data = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv);
$decodedData = rtrim($data, "[=13=]");
我认为问题出在 mb_substr 方法上。
$iv = mb_substr ($data, 0, $ivSize);
$data 被视为多字节字符串。这就是为什么将多个字符计为一个多字节字符的原因。只需使用正常的 substr 函数即可。
为什么我收到此代码的警告消息 "Warning: mcrypt_decrypt(): Received initialization vector of size 44, but size 32 is required for this encryption mode in..."?
$sessionKey = "Secr3t_Sess1on!Key_4t6ydv98*w8ds";
$data = "clear text";
$ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$keySize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
// Encode data
$iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM);
$key = mb_substr (hash('sha256', $sessionKey), 0, $keySize);
$encryptedData = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv);
$encryptedB64Data = base64_encode($iv.$encryptedData);
// Decode data
$data = base64_decode($encryptedB64Data, true);
$key = mb_substr (hash('sha256', $sessionKey), 0, $keySize);
$iv = mb_substr ($data, 0, $ivSize);
$data = mb_substr ($data, $ivSize);
$data = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv);
$decodedData = rtrim($data, "[=13=]");
我认为问题出在 mb_substr 方法上。
$iv = mb_substr ($data, 0, $ivSize);
$data 被视为多字节字符串。这就是为什么将多个字符计为一个多字节字符的原因。只需使用正常的 substr 函数即可。