我有一个对文本进行加密和解密的函数。每次刷新时,加密始终不同,解密后始终与原始字符串相同。我更新了sql数据库的加密。我无法使用简单的 "SELECT * FROM mytable WHERE MyField = 'Myencryption';" 因为 'Myencryption' 每次都会不同。如何在 SQL 中搜索 Mycrypt 加密?有什么建议么?
我的代码如下:(我有一个 PDO SQL 类)
// Encrypt Function
private function encrypt($encrypt, $key){
$encrypt = serialize($encrypt);
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC), MCRYPT_DEV_URANDOM);
$mac = hash_hmac('sha256', $encrypt, substr(bin2hex($key), -32));
$passcrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $encrypt.$mac, MCRYPT_MODE_CBC, $iv);
$encoded = base64_encode($passcrypt).'|'.base64_encode($iv);
return $encoded;
}
// Decrypt Function
private function decrypt($decrypt, $key){
$decrypt = explode('|', $decrypt.'|');
$decoded = base64_decode($decrypt[0]);
$iv = base64_decode($decrypt[1]);
if(strlen($iv)!==mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC)){ return false; }
$decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded, MCRYPT_MODE_CBC, $iv));
$mac = substr($decrypted, -64);
$decrypted = substr($decrypted, 0, -64);
$calcmac = hash_hmac('sha256', $decrypted, substr(bin2hex($key), -32));
if($calcmac!==$mac){ return false; }
$decrypted = unserialize($decrypted);
return $decrypted;
} // End Decrypt
$this->db->query("SELECT * FROM `$this->main_db`.`$this->apps_tbl` WHERE `2` = ':db_name'");
$this->db->bind(':db_name', $app_id);
$row = $this->db->single();
最佳答案
SELECT * FROM mytable WHERE 'text' = AES_DECRYPT(MyField, 'Your 256 key');
但是如果表中有很多行或者服务器较弱,这种方式可能会很慢。
关于PHP mcrypt 和 SQL 加密信息在哪里?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28216443/