PHP Warning: openssl_encrypt(): IV passed is 16 bytes long which is longer than the 0 expected by selected cipher
不同的加密算法需要不同的初始化向量(IV),也就是 openssl_encrypt 的第 5 个参数 $iv:openssl_encrypt ( string $data , string $method , string $key , int $options = 0 , string $iv = "" , string &$tag = NULL , string $aad = "" , int $tag_length = 16 ) : string看错误信息,你用的加密算法是不需要初始化向量的(多半是不安全的 ECB 模式),不传 $iv 就可以了。不同算法需要的IV长度可以通过 openssl_cipher_iv_length 获取:foreach (openssl_get_cipher_methods(true) as $m) { echo $m . ' => ' . openssl_cipher_iv_length($m) . PHP_EOL; }结果:aes-128-cbc => 16 aes-128-cbc-hmac-sha1 => 16 aes-128-cbc-hmac-sha256 => 16 aes-128-ccm => 12 aes-128-cfb => 16 aes-128-cfb1 => 16 aes-128-cfb8 => 16 aes-128-ctr => 16 aes-128-ecb => 0 aes-128-gcm => 12 aes-128-ocb => 12 aes-128-ofb => 16 aes-128-xts => 16 aes-192-cbc => 16 aes-192-ccm => 12 aes-192-cfb => 16 aes-192-cfb1 => 16 aes-192-cfb8 => 16 aes-192-ctr => 16 aes-192-ecb => 0 aes-192-gcm => 12 aes-192-ocb => 12 aes-192-ofb => 16 aes-256-cbc => 16 aes-256-cbc-hmac-sha1 => 16 aes-256-cbc-hmac-sha256 => 16 aes-256-ccm => 12 aes-256-cfb => 16 aes-256-cfb1 => 16 aes-256-cfb8 => 16 aes-256-ctr => 16 aes-256-ecb => 0 aes-256-gcm => 12 aes-256-ocb => 12 aes-256-ofb => 16 aes-256-xts => 16 aes128 => 16 aes128-wrap => 8 aes192 => 16 aes192-wrap => 8 aes256 => 16 aes256-wrap => 8 aria-128-cbc => 16 aria-128-ccm => 12 aria-128-cfb => 16 aria-128-cfb1 => 16 aria-128-cfb8 => 16 aria-128-ctr => 16 aria-128-ecb => 0 aria-128-gcm => 12 aria-128-ofb => 16 aria-192-cbc => 16 aria-192-ccm => 12 aria-192-cfb => 16 aria-192-cfb1 => 16 aria-192-cfb8 => 16 aria-192-ctr => 16 aria-192-ecb => 0 aria-192-gcm => 12 aria-192-ofb => 16 aria-256-cbc => 16 aria-256-ccm => 12 aria-256-cfb => 16 aria-256-cfb1 => 16 aria-256-cfb8 => 16 aria-256-ctr => 16 aria-256-ecb => 0 aria-256-gcm => 12 aria-256-ofb => 16 aria128 => 16 aria192 => 16 aria256 => 16 bf => 8 bf-cbc => 8 bf-cfb => 8 bf-ecb => 0 bf-ofb => 8 blowfish => 8 camellia-128-cbc => 16 camellia-128-cfb => 16 camellia-128-cfb1 => 16 camellia-128-cfb8 => 16 camellia-128-ctr => 16 camellia-128-ecb => 0 camellia-128-ofb => 16 camellia-192-cbc => 16 camellia-192-cfb => 16 camellia-192-cfb1 => 16 camellia-192-cfb8 => 16 camellia-192-ctr => 16 camellia-192-ecb => 0 camellia-192-ofb => 16 camellia-256-cbc => 16 camellia-256-cfb => 16 camellia-256-cfb1 => 16 camellia-256-cfb8 => 16 camellia-256-ctr => 16 camellia-256-ecb => 0 camellia-256-ofb => 16 camellia128 => 16 camellia192 => 16 camellia256 => 16 cast => 8 cast-cbc => 8 cast5-cbc => 8 cast5-cfb => 8 cast5-ecb => 0 cast5-ofb => 8 chacha20 => 16 chacha20-poly1305 => 12 des => 8 des-cbc => 8 des-cfb => 8 des-cfb1 => 8 des-cfb8 => 8 des-ecb => 0 des-ede => 0 des-ede-cbc => 8 des-ede-cfb => 8 des-ede-ecb => 0 des-ede-ofb => 8 des-ede3 => 0 des-ede3-cbc => 8 des-ede3-cfb => 8 des-ede3-cfb1 => 8 des-ede3-cfb8 => 8 des-ede3-ecb => 0 des-ede3-ofb => 8 des-ofb => 8 des3 => 8 des3-wrap => 0 desx => 8 desx-cbc => 8 id-aes128-CCM => 12 id-aes128-GCM => 12 id-aes128-wrap => 8 id-aes128-wrap-pad => 4 id-aes192-CCM => 12 id-aes192-GCM => 12 id-aes192-wrap => 8 id-aes192-wrap-pad => 4 id-aes256-CCM => 12 id-aes256-GCM => 12 id-aes256-wrap => 8 id-aes256-wrap-pad => 4 id-smime-alg-CMS3DESwrap => 0 idea => 8 idea-cbc => 8 idea-cfb => 8 idea-ecb => 0 idea-ofb => 8 rc2 => 8 rc2-128 => 8 rc2-40 => 8 rc2-40-cbc => 8 rc2-64 => 8 rc2-64-cbc => 8 rc2-cbc => 8 rc2-cfb => 8 rc2-ecb => 0 rc2-ofb => 8 rc4 => 0 rc4-40 => 0 rc4-hmac-md5 => 0 seed => 16 seed-cbc => 16 seed-cfb => 16 seed-ecb => 0 seed-ofb => 16 sm4 => 16 sm4-cbc => 16 sm4-cfb => 16 sm4-ctr => 16 sm4-ecb => 0 sm4-ofb => 16知道长度之后用 random_bytes 对应生成长度的 iv 就可以了。(有些算法对 iv 还有特殊的要求,例如 AES-GCM 需要保证唯一,但不要求随机)
不同的加密算法需要不同的初始化向量(IV),也就是
openssl_encrypt的第 5 个参数$iv:看错误信息,你用的加密算法是不需要初始化向量的(多半是不安全的 ECB 模式),不传
$iv就可以了。不同算法需要的IV长度可以通过
openssl_cipher_iv_length获取:结果:
知道长度之后用
random_bytes对应生成长度的 iv 就可以了。(有些算法对 iv 还有特殊的要求,例如 AES-GCM 需要保证唯一,但不要求随机)