使用 MCRYPT_BLOWFISH 模拟 CRYPT_BLOWFISH
我的问题是如何从 mcrypt 获得与从 crypt 获得的河豚相同的结果?
我想使用 phpass 框架 进行密码哈希和验证。只要您有 PHP 5.3,它就可以很好地工作,因为 crypt() 中包含了 Blowfish。 我的主机正在运行带有 mcrypt 库的 PHP 5.2.x。
浏览文档并用 crypt 谷歌搜索河豚,结果似乎是 '$a2$',两个字符迭代值,'$',盐 (填充或剪切为 22 个字符),然后是表示哈希值的 32 个 base64 字符串。
我的问题是我找不到对我有意义的 MCRYPT_MODE_modenames 解释。如何为 mcrypt() 提供我想要的迭代次数?或者这两个函数是否使用不交叉翻译的不同形式的河豚?
My question is how do I get the same result from mcrypt as I would get from crypt, with respect to blowfish?
I am wanting to use the phpass framework for password hashing and verifying. Which works really well as long has you have PHP 5.3 because blowfish is included with crypt().
My host is running PHP 5.2.x with the mcrypt library.
Going through the docs and googling about blowfish with crypt, it appears that the result is '$a2$', the two character iteration value, '$', the salt ( padded or cut to 22 characters ), then a 32 base64 string representing the hash.
My problem is I can't find explanations of the MCRYPT_MODE_modenames that make sense to me. And how do I feed mcrypt() the number of iterations I want? Or are the two functions using different forms of blowfish that dont cross translate?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
Mcrypt 和 crypt() 是两个完全不同的函数。 Mcrypt 是双向加密,而 crypt 是单向加密。据我所知 crypt() 位于 php 5.2 内部。另外,如果我是你,我只会引用 crypt() 本身。我还会使用其中的 bcrypt 。
最后,只需更改 $2a$ 后面两位数内的两位数成本系数即可。这将允许您更改所需的 cputime 量。请记住,它呈对数上升(如果我没记错的话)。默认值为07。
最后,crypt_blowfish 是blowfish 的双向加密算法,密钥最大为448 位。 crypt 内部的blowfish 是bcrypt,基于blowfish,但设计用于在散列密码时存储密码。这称为单向加密。
Mcrypt, and crypt() are two totally different functions. Mcrypt is two-way encryption, whereas crypt is one-way encryption. As far as I am aware crypt() is inside of php 5.2. Also, if I was you I'd just reference crypt() itself. And I'd also use bcrypt from it.
Finally, just change the two digit cost factor inside of the two digits after the $2a$. That will allow you to change the amount of cputime that is going to be required for it. Remember it goes up logarithmically(if i remember correctly). The default value is 07.
Finally crypt_blowfish is the two-way encryption algorithm of blowfish that takes keys up to 448 bits. The blowfish inside of crypt is bcrypt, is based upon blowfish but was designed for storing passwords as it hashes them. This is known as one-way encryption.