橙风
/
发布于
/
2205
人观看
PHP作为一门脚本语言,部署的方式一般都是源码部署,这种方式无法安全的分发代码,黑客拿到源码后也很容易知道你的业务逻辑,实施有针对性的攻击,代码加密部署无疑会大大提高整个应用的安全性,我将逐一讲述如何实现PHP代码的加密,加密后有什么负面影响,以及数据加密相关的内容。
展开查看详情
2.• pecl
• swoole-src
•
• php-cp swoole-mysql-proxy
swoole-serialize swoole-compiler
�
4.php AST opcodes vm
PHP_OS
opcodes
�
7.—
• $reflection->getDocComment ()
�
8. —
radius circum
hash • $$var_name
!0 => $radius
• compact extract
!1 => $circum • include
stack stack • etc…
Notice: Undefined variable: $_432345234
�
9. —
pass
opcodes /* CSE, STRING construction */
/* Constant conversion and jumps */
/* ++, +=, series of jumps */
/* INIT_FCALL_BY_NAME -> DO_FCALL */
/* CFG based optimization */
/* DFA based optimization */
/* CALL GRAPH optimization */
/* SCCP (constant propagation) */ •
optimize /* TMP VAR usage */
/* NOP removal */ •
/* Merge equal constants */
/* Adjust used stack */
/* Remove unused variables */
separate /* DCE (dead code elimination) */
/* Collect constants */
/* Inline functions */
/* etc…*/
vm
�
10.-
• need to migrate from php72
�
12. 1 3 4
2
•
• recv send return • copy • jmp jmpz jmpnz
•
init fcall do fcall • opcodes • etc…
• • etc…
• etc…
•
•
• etc…
�
14. — llvm bitcode
opcode llvm IR llvm pass bitcode llvm
�
17. if(a==1)
echo 1 if(a==2)
echo 2 if(a==3)
echo 3 echo ‘end’
�
18. switch next
if(a==1) if(a==2) if(a==2) if(a==3)
next =1; echo 1; next =3; echo 2; next =3; echo 2; next =5; echo 3;
else next = 6; else next = 6; else next = 6; else next = 6;
next =2; next =4; next =4; next =6;
echo ’end’;
return;
�
19. md5 _8739482343
hash hash
zif_md5 zif_md5
�
20./ opcode handler
vm handler
opcode handler
ZEND_ECHO echo_handler
ZEND_MUL mul_handler
ZEND_RETURN return_handler
opcode /
c
..
..
.
�
21.handler opcode
handler c
opcode handler
opcode handler
opcode handler
opcode handler
opcode handler
..
c
..
.
�
22. (vmp)
my_vm
my_opcode my_handler
my_opcode my_handler • zend_vm
my_opcode my_handler •
•
my_opcode my_handler
• handler
my_opcode my_handler
..
..
.
�
27.swoole compiler —----
+ +
�
28. swoole compiler
php( +
php git
)
�
