This commit is contained in:
parent
a015d57348
commit
5f737cb5ab
|
@ -0,0 +1,36 @@
|
|||
<?php
|
||||
//Mcrypt已经在新版php中移除且处于不再维护状态
|
||||
//后续会使用sodium代替
|
||||
use Random\RandomException;
|
||||
|
||||
$str = '你好世界';
|
||||
$password = "123456";
|
||||
$salt = null;
|
||||
|
||||
try {
|
||||
$salt = random_bytes(SODIUM_CRYPTO_PWHASH_SALTBYTES); // 生成盐值
|
||||
// 使用相同的盐值生成密钥
|
||||
$key = sodium_crypto_pwhash(
|
||||
SODIUM_CRYPTO_SECRETBOX_KEYBYTES,
|
||||
$password,
|
||||
$salt,
|
||||
SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
|
||||
SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE
|
||||
);
|
||||
|
||||
$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
|
||||
$encrypted = sodium_crypto_secretbox($str, $nonce, $key);
|
||||
echo $encrypted.'<br>';
|
||||
// 在解密时需要使用相同的盐值和密钥
|
||||
$decrypted = sodium_crypto_secretbox_open($encrypted, $nonce, $key);
|
||||
|
||||
echo $decrypted; // 输出:你好世界
|
||||
} catch (RandomException $e) {
|
||||
// 处理随机数生成失败的异常
|
||||
error_log('Random number generation failed: ' . $e->getMessage());
|
||||
exit(1);
|
||||
} catch (SodiumException $e) {
|
||||
// 处理其他sodium相关的异常
|
||||
error_log('Sodium error: ' . $e->getMessage());
|
||||
}
|
||||
|
|
@ -0,0 +1,113 @@
|
|||
<?php
|
||||
//实现对用户上传的文件进行加密存储以及处理用户下载请求解密文件
|
||||
use Random\RandomException;
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
if (!empty($_POST['upload'])) { //接收文件并加密
|
||||
if ($_FILES['uploadFile']['error'] > 0) {
|
||||
echo '上传失败';
|
||||
} else {
|
||||
$file = $_FILES['uploadFile'];
|
||||
$fileName = $file['name'];
|
||||
$fileTmp = $file['tmp_name'];
|
||||
$fileSize = $file['size'];
|
||||
$fileType = $file['type'];
|
||||
try {
|
||||
$fileContent = file_get_contents($fileTmp);
|
||||
$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
|
||||
$key = sodium_crypto_secretbox_keygen();
|
||||
$encrypted = sodium_crypto_secretbox($fileContent, $nonce, $key);
|
||||
$protectedFileName = 'data/' . $fileName . '.protected';
|
||||
$fp = fopen($protectedFileName, 'w');
|
||||
fwrite($fp, $encrypted);
|
||||
fclose($fp);
|
||||
echo '上传成功';
|
||||
$showOnce = true;
|
||||
} catch (RandomException $e) {
|
||||
error_log('Random number generation failed: ' . $e->getMessage());
|
||||
exit(1);
|
||||
} catch (SodiumException $e) {
|
||||
error_log('Sodium error: ' . $e->getMessage());
|
||||
}
|
||||
}
|
||||
} elseif (!empty($_POST['filename'])) {
|
||||
|
||||
if (!empty($_POST['key']) && !empty($_POST['nonce'])) {
|
||||
$fileName = urldecode($_POST['filename']);
|
||||
$file = file_get_contents('data/' . $fileName . '.protected');
|
||||
$key = urldecode($_POST['key']);
|
||||
$nonce = urldecode($_POST['nonce']);
|
||||
$decrypted = null;
|
||||
try {
|
||||
$decrypted = sodium_crypto_secretbox_open($file, $nonce, $key) or die('解密失败');
|
||||
} catch (SodiumException $e) {
|
||||
error_log('Sodium error: ' . $e->getMessage());
|
||||
}
|
||||
if ($decrypted == null) {
|
||||
echo '解密失败';
|
||||
exit;
|
||||
}
|
||||
header('Content-Description: File Transfer');
|
||||
header('Content-Type: application/octet-stream');
|
||||
header('Content-Disposition: attachment; filename="' . basename($fileName) . '"');
|
||||
header('Expires: 0');
|
||||
header('Cache-Control: must-revalidate');
|
||||
header('Pragma: public');
|
||||
header('Content-Length: ' . strlen($decrypted));
|
||||
echo $decrypted;
|
||||
exit;
|
||||
} else {
|
||||
echo '下载参数不完整';
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
?>
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>test1</title>
|
||||
</head>
|
||||
<body>
|
||||
<form action="" method="post" enctype="multipart/form-data">
|
||||
<label for="file1">要上传的文件:</label>
|
||||
<input type="file" id="file1" name="uploadFile" required>
|
||||
<input type="submit" name="upload" id="submit1" value="上传文件">
|
||||
</form>
|
||||
<?php
|
||||
if (isset($showOnce) && isset($fileName) && isset($key) && isset($nonce)) {
|
||||
unset($showOnce);
|
||||
echo '<button onclick="downloadFile()">下载文件</button>';
|
||||
}
|
||||
?>
|
||||
<script>
|
||||
function downloadFile() {
|
||||
const xhr = new XMLHttpRequest();
|
||||
xhr.open('POST', '15.test4.php', true);
|
||||
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
|
||||
xhr.responseType = 'blob';
|
||||
|
||||
const params = 'filename=<?php echo urlencode(($fileName ?? '')); ?>&key=<?php echo urlencode($key ?? ''); ?>&nonce=<?php echo urlencode($nonce ?? ''); ?>';
|
||||
xhr.send(params);
|
||||
|
||||
xhr.onload = function () {
|
||||
if (xhr.status === 200) {
|
||||
const blob = xhr.response;
|
||||
const url = window.URL.createObjectURL(blob);
|
||||
const a = document.createElement('a');
|
||||
a.href = url;
|
||||
a.download = '<?php echo $fileName ?? ''; ?>';
|
||||
document.body.appendChild(a);
|
||||
a.click();
|
||||
window.URL.revokeObjectURL(url);
|
||||
} else {
|
||||
console.error('下载失败');
|
||||
}
|
||||
};
|
||||
}
|
||||
</script>
|
||||
</body>
|
|
@ -0,0 +1,3 @@
|
|||
/010 Editor 12.0.1 (1) (1).exe.protected
|
||||
/010 Editor 12.0.1 (1).exe.protected
|
||||
/010 Editor 12.0.1.exe.protected
|
Loading…
Reference in New Issue