swoole 郭新华 - PHP代码加密技术
PHP作为一门脚本语言,部署的方式一般都是源码部署,这种方式无法安全的分发代码,黑客拿到源码后也很容易知道你的业务逻辑,实施有针对性的攻击,代码加密部署无疑会大大提高整个应用的安全性,我将逐一讲述如何实现PHP代码的加密,加密后有什么负面影响,以及数据加密相关的内容。
展开查看详情

1.PHP —@swoole

2.• pecl • swoole-src • • php-cp swoole-mysql-proxy swoole-serialize swoole-compiler

3.• • • • etc…

4.php AST opcodes vm PHP_OS opcodes

5.—

6.• ( ) • ( )

7.— • $reflection->getDocComment ()

8. — radius circum hash • $$var_name !0 => $radius • compact extract !1 => $circum • include stack stack • etc… Notice: Undefined variable: $_432345234

9. — pass opcodes /* CSE, STRING construction */ /* Constant conversion and jumps */ /* ++, +=, series of jumps */ /* INIT_FCALL_BY_NAME -> DO_FCALL */ /* CFG based optimization */ /* DFA based optimization */ /* CALL GRAPH optimization */ /* SCCP (constant propagation) */ • optimize /* TMP VAR usage */ /* NOP removal */ • /* Merge equal constants */ /* Adjust used stack */ /* Remove unused variables */ separate /* DCE (dead code elimination) */ /* Collect constants */ /* Inline functions */ /* etc…*/ vm

10.- • need to migrate from php72

11.— ( )

12. 1 3 4 2 • • recv send return • copy • jmp jmpz jmpnz • init fcall do fcall • opcodes • etc… • • etc… • etc… • • • etc…

13.( )

14. — llvm bitcode opcode llvm IR llvm pass bitcode llvm

15.——————- ——————

16.

17. if(a==1) echo 1 if(a==2) echo 2 if(a==3) echo 3 echo ‘end’

18. switch next if(a==1) if(a==2) if(a==2) if(a==3) next =1; echo 1; next =3; echo 2; next =3; echo 2; next =5; echo 3; else next = 6; else next = 6; else next = 6; else next = 6; next =2; next =4; next =4; next =6; echo ’end’; return;

19. md5 _8739482343 hash hash zif_md5 zif_md5

20./ opcode handler vm handler opcode handler ZEND_ECHO echo_handler ZEND_MUL mul_handler ZEND_RETURN return_handler opcode / c .. .. .

21.handler opcode handler c opcode handler opcode handler opcode handler opcode handler opcode handler .. c .. .

22. (vmp) my_vm my_opcode my_handler my_opcode my_handler • zend_vm my_opcode my_handler • • my_opcode my_handler • handler my_opcode my_handler .. .. .

23.my_jmpz_handler

24.my_echo_handler

25.• • • • •

26.• •

27.swoole compiler —---- + +

28. swoole compiler php( + php git )

29.thanks