为什么 MySQL 的 ENCRYPT 每次调用都会返回不同的结果?
我有一个丑陋的服务器问题,我试图不忽略这方面的任何细节。
我的虚拟电子邮件用户的密码存储在 MySQL 的 加密功能。我的基本想法是我将从旧机器中转储虚拟用户表,然后将其导入新机器中。
只是为了仔细检查,我再次尝试使用 ENCRYPT 存储字符串,并且存储的数据不同。这是否意味着我不能像我想象的那样导出/导入我的用户?
I have an ugly server issue, and i'm trying not to overlook any details on this.
My virtual email users' passwords are stored with MySQL's ENCRYPT function. My basic idea was I'll dump my virtual users' table from the old machine, then import it in the new one.
Just for double-check I tried to store a string with ENCRYPT then again, and the stored data was different. Does this mean I can't export/import my users simply as I thought?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
正是出于这个原因,ENCRYPT 函数可能会使用随机值对输入加盐 - 您想要将相同的数据加密两次以给出不同的密文。
It's likely that the ENCRYPT function salts the input with a random value for just that reason - you want encrypting the same data twice to give different ciphertext.
MySQL 的 ENCRYPT() 函数有一个可选的第二个参数来定义哈希算法使用的盐。如果您不提供盐,那么即使对于相同的输入字符串,结果也会不同。
如果您正在迁移数据库并希望保留相同的哈希值,只需确保您也使用相同的盐值即可。
ENCRYPT()应该使用相同的输入字符串和盐值给出相同的结果。MySQL's
ENCRYPT()function has an optional second argument to define the salt used by the hashing algorithm. If you do not provide a salt then the result will be different, even for the same input string.If you are migrating a database and want to retain the same hashes, just make sure you also use the same salt value.
ENCRYPT()should give the same result with the same input string and salt value.Datajam 已经描述的是正确的。这是一些进一步的解释。
如果您不向
ENCRYPT()函数提供盐,则会生成一个随机盐并用于加密字符串。盐只有两个字节/字符。首先,我将演示如果我使用相同的字符串运行
ENCRYPT()两次,它将给出不同的值(因为随机盐不同)现在,如果我使用最后一个条目并尝试
ENCRYPT()再次使用我们已有的值作为盐,我们将得到相同的结果:只是为了证明,如果我们使用相同的盐得到错误的字符串(密码),我们将得到不同的值。请注意,在此示例中,前两个字符(只是盐)保持不变。
使用此信息,您应该尝试在指定相同盐的两个 MySQL 服务器上运行
ENCRYPT()函数,您应该得到相同的结果。如果不是,那么 crypt() 的实现可能在两者之间有所不同。What Datajam has already described is correct. Here's some further explanation.
If you don't supply a salt to the
ENCRYPT()function then a random one will be generated and used to encrypt the string. The salt is just two bytes/characters.First I'll demonstrate that if I run
ENCRYPT()twice with the same string it'll give different values (because the random salt differs)Now if I use the last entry and attempt to
ENCRYPT()again using the value we have already as the salt we'll get the same result back:Just to prove that if we get the string (password) wrong with the same salt we'll get a different value. Note that in this example the two first characters (which are just the salt) remain the same.
Using this information you should try to run the
ENCRYPT()function both of the MySQL servers specifying the same salt with both you should get the same result back. If not then the implementation of crypt() likely varies between the two.我知道这是一篇旧帖子,但如果您遇到类似的问题,则无需重建所有加密密码。盐是前两个字符。
I understand this is an old post but if you have a similar problem you don't need to rebuild all the encrypted passwords. The salt is the first two characters.