我要再次尝试在这个网站上发帖。我之前的问题被忽视或批评了,因为我想人们认为我没有花太多精力来解决问题,而不是只是寻找一些简单的代码来复制!
我的目标是编写PHP函数,这些函数可以被调用来加密和解密存储在服务器上的数据,加密密钥存储在USB加密狗上。我一直在玩Sodium,但网上似乎没有太多关于它的信息。我也不是一个受过高等教育的程序员,因为我已经自学了我所知道的一切。
以下是测试代码示例:
<?php
//set variables
$key="";
$passedkey="";
$name="";
$nonce="";
$ciphertext="";
$encoded="";
$encodeddata="";
$datatoencode="";
$decodeddata="";
$decodedkey="";
function encodedata($passedkey, $datatoencode){
$decodedkey = base64_decode($passedkey);
$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
$ciphertext = sodium_crypto_secretbox($datatoencode, $nonce, $decodedkey);
$encodeddata = base64_encode($nonce . $ciphertext);
}
function decodedata($passedkey, $datatodecode, $decodeddata){
$decodedkey = base64_decode($passedkey);
$nonce = mb_substr($datatodecode, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, '8bit');
$ciphertext = mb_substr($datatodecode, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit');
$decodeddata = sodium_crypto_secretbox_open($ciphertext, $nonce, $decodedkey);
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// collect value of input field
$encodedata = $_POST['encodedata'];
$passedkey = base64_decode($_POST['skey']);
echo $encodeddata . "<br>";
//call function to encode the data
encodedata($passedkey, $datatoencode);
// now decode the data
decodedata($passedkey, $encodeddata, $decodeddata);
echo $decodeddata;
}
?>
<html>
<body>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
Data to encode: <input type="text" name="encodedata">
Key: <input type="text" name="skey">
<input type="submit">
</form>
</body>
</html>
我在服务器错误日志中得到这个错误消息:
[06-Mar-2020 16:16:11 UTC] PHP Fatal error: Uncaught SodiumException: key size should be SODIUM_CRYPTO_SECRETBOX_KEYBYTES bytes in /home/.../test/keytest.php:17
Stack trace:
#0 /home/.../test/keytest.php(17): sodium_crypto_secretbox()
#1 /home/.../test/keytest.php(35): encodedata()
#2 {main}
thrown in /home/.../test/keytest.php on line 17
[06-Mar-2020 16:16:24 UTC] PHP Fatal error: Uncaught SodiumException: key size should be SODIUM_CRYPTO_SECRETBOX_KEYBYTES bytes in /home/.../test/keytest.php:17
Stack trace:
#0 /home/.../test/keytest.php(17): sodium_crypto_secretbox()
#1 /home/.../test/keytest.php(35): encodedata()
#2 {main}
thrown in /home/.../test/keytest.php on line 17
[06-Mar-2020 16:30:38 UTC] PHP Fatal error: Uncaught SodiumException: key size should be SODIUM_CRYPTO_SECRETBOX_KEYBYTES bytes in /home/.../test/keytest.php:18
Stack trace:
#0 /home/.../test/keytest.php(18): sodium_crypto_secretbox()
#1 /home/.../test/keytest.php(36): encodedata()
#2 {main}
thrown in /home/.../test/keytest.php on line 18
任何帮助调试代码的提示都将不胜感激!
您的变量太离谱了。这段代码中有一些地方不对劲,老实说,我花了几分钟才注意到您的$encodedata没有设置为function encodedata()。不管怎样,我相信你的变量已经设置好了,这是我的错。请耐心等待,因为这是一个很长的解释。
我注意到的第一件事是,您解码了$passedkey两次(或者三次,如果两个函数都计算在内的话(。当您调用函数/s时,在if($_SERVER("REQUEST_METHOD") == "POST")中,$passedkey已经通过base64_decode解码,并放置在变量$passedkey中。在encodedata和decodedata这两个函数中,您再次对其进行解码,因此在尝试调用函数时会出现错误。由于参数$passedkey的值是在达到函数之前已经解码的值,因此不需要再次解码。它和我一样是多余的。因此,不再需要$decodedkey = base64_decode($passedkey);,$decodedkey变量应该在两个function上都改为$passedkey。
第二,您的$encodedata没有被调用。在if($_SERVER("REQUEST_METHOD") == "POST")中,$encodedata的值是$_POST['encodedata'],因此是要编码的input数据的值。然而,当您调用函数encodedata时,却找不到$encodedata。
第三个问题是你的函数不是";返回";任何东西不能期望CCD_ 22或CCD_;内部";函数的。嗯,我不知道你是否在使用一个可以的平台,但你可以。
基本上,示例代码的问题是变量的错误放置以及没有注意值和参数。无论如何,我的建议是,USB加密狗中保存的skey应该在base64_encode()中,并且是正确的钠密钥值,否则,这将不起作用。
这是一个经过编辑的代码,我不知道这是否会对你有用,但它对我有用。
<?php
//set variables
$key="";
$passedkey="";
$name="";
$nonce="";
$ciphertext="";
$encoded="";
$encodeddata="";
$datatoencode="";
$decodeddata="";
$decodedkey="";
function encodedata($passedkey, $datatoencode){
//no need to decode $passedkey since it is already decoded before calling the function
//you can still retain $decodedkey = base64_decode($passedkey) but should REPLACE $passedkey = base64_decode($_POST['skey']); WITH $passedkey = $_POST['skey']; below
$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
//change $decodedkey to $passedkey
$ciphertext = sodium_crypto_secretbox($datatoencode, $nonce, $passedkey);
$encodeddata = base64_encode($nonce . $ciphertext);
//return the encrypted data when the function is called
return $encodeddata;
}
function decodedata($passedkey, $datatodecode){
//decode the encrypted data since it is stored as base64_encode()
//you can still retain $decodedkey = base64_decode($passedkey) but should REPLACE $passedkey = base64_decode($_POST['skey']); WITH $passedkey = $_POST['skey']; below
$datatodecode = base64_decode($datatodecode);
$nonce = mb_substr($datatodecode, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, '8bit');
$ciphertext = mb_substr($datatodecode, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit');
//change $decodedkey to $passedkey
$decodeddata = sodium_crypto_secretbox_open($ciphertext, $nonce, $passedkey);
//return the plaintext when the function is called
return $decodeddata;
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// collect value of input field
$encodedata = $_POST['encodedata'];
$passedkey = base64_decode($_POST['skey']);
//call function to encode the data
//you can't fetch the value of a variable from outside of the function hence we will make the function itself a variable.
//the returned data from the function is now the value of the variabl
$encrypted = encodedata($passedkey, $encodedata);
echo $encrypted.'<br />';
// now decode the data
$decypted = decodedata($passedkey, $encrypted);
echo $decypted.'<br />';
}
?>
<html>
<body>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
Data to encode: <input type="text" name="encodedata">
Key: <input type="text" name="skey">
<input type="submit">
</form>
</body>
</html>
我不知道你的意思,也不知道你到底想做什么,但这是让你的给定代码工作的方法。