关于php des 加密 密钥长度问题

Posted 2023-03-09

请教下,参考了网上的代码例子：
function des_encrypt($str, $key)
$block = mcrypt_get_block_size('des', 'ecb');
$pad = $block - (strlen($str) % $block);
$str .= str_repeat(chr($pad), $pad);
return mcrypt_encrypt(MCRYPT_DES, $key, $str, MCRYPT_MODE_ECB);


$str = '13800138000';
$key = '12345678';
echo strtoupper(bin2hex(des_encrypt($str, $key)));

这样子的话是没有问题的，问题是 $key 也就是密钥后来变成 1234567890 超过8个字数的长度后 这个方法就报错了：
Warning: mcrypt_encrypt(): Size of key is too large for this algorithm

环境是php5.6的，请问要怎么处理。求各路大神指导

php5.6的key长度要求是32字节的，你这个明显不满足要求的。
参考以下写法：
<?php
# --- ENCRYPTION ---

# the key should be random binary, use scrypt, bcrypt or PBKDF2 to
# convert a string into a key
# key is specified using hexadecimal
$key = pack(\'H*\', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");

# show key size use either 16, 24 or 32 byte keys for AES-128, 192
# and 256 respectively
$key_size = strlen($key);
echo "Key size: " . $key_size . "\\n";

$plaintext = "This string was AES-256 / CBC / ZeroBytePadding encrypted.";

# create a random IV to use with CBC encoding
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

# creates a cipher text compatible with AES (Rijndael block size = 128)
# to keep the text confidential
# only suitable for encoded input that never ends with value 00h
# (because of default zero padding)
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,
$plaintext, MCRYPT_MODE_CBC, $iv);

# prepend the IV for it to be available for decryption
$ciphertext = $iv . $ciphertext;

# encode the resulting cipher text so it can be represented by a string
$ciphertext_base64 = base64_encode($ciphertext);

echo $ciphertext_base64 . "\\n";

# === WARNING ===

# Resulting cipher text has no integrity or authenticity added
# and is not protected against padding oracle attacks.

# --- DECRYPTION ---

$ciphertext_dec = base64_decode($ciphertext_base64);

# retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
$iv_dec = substr($ciphertext_dec, 0, $iv_size);

# retrieves the cipher text (everything except the $iv_size in the front)
$ciphertext_dec = substr($ciphertext_dec, $iv_size);

# may remove 00h valued characters from end of plain text
$plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,
$ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);

echo $plaintext_dec . "\\n";
?> 参考技术A mcrypt_encrypt函数的参数key是一个数字，表示长度。比如你要加密的是123456，那这个参数你就传6，表示加密的字符串的长度是6，而不是123456.