为什么kohana 3 Encrypt类的encode()方法每次返回不同的字符串?
我正在从 Encrypt 类执行 encode() ,每次它都会为同一输入字符串返回不同的字符串。 我的 application/config/encrypt.php:
return array(
'default' => array(
/**
* The following options must be set:
*
* string key secret passphrase
* integer mode encryption mode, one of MCRYPT_MODE_*
* integer cipher encryption cipher, one of the Mcrpyt cipher constants
*/
'cipher' => MCRYPT_RIJNDAEL_128,
'key' => 'df58e28f',
'mode' => MCRYPT_MODE_NOFB,
),
);
使用:
$str = Encrypt::instance()->encode('test');
$str 始终具有不同的值。这是一个错误还是应该这样工作?为什么?
另外我必须补充一点,我总是可以 decode() 该值并每次都获取 test 字符串。
更新:以下是示例输出:0vahDa/2Qu3XQWObkjwLPoL73g==
非常感谢。
I'm doing a encode() from the Encrypt class and each time it returns a different string for the same input string.
My application/config/encrypt.php:
return array(
'default' => array(
/**
* The following options must be set:
*
* string key secret passphrase
* integer mode encryption mode, one of MCRYPT_MODE_*
* integer cipher encryption cipher, one of the Mcrpyt cipher constants
*/
'cipher' => MCRYPT_RIJNDAEL_128,
'key' => 'df58e28f',
'mode' => MCRYPT_MODE_NOFB,
),
);
Use:
$str = Encrypt::instance()->encode('test');
$str has always a different value. Is that an error or it's supposed to work that way? Why?
Also I must add that I can always decode() that value and get the test string each time.
UPDATE: Here is a sample output: 0vahDa/2Qu3XQWObkjwLPoL73g==
Thank you very much.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
每次都不同的原因是,当调用
encode()时,会使用新的随机 IV 来加密数据。下面是执行此操作的代码行:然后,它最终返回一个由加密数据和 IV 组成的 Base 64 编码字符串。
这是故意的行为,并不是坏事。正如您所指出的,您总是会得到相同的未加密数据 - 所以它正在完成它的工作。
The reason it's different each time is that when
encode()is called a new random IV is used to encrypt the data. Here's the line that does it:It then ultimately returns a base 64 encoded string consisting of the encrypted data and IV.
It's intentional behaviour, and not a bad thing. As you noted, you always get the same unencrypted data back - so it's doing its job.
其实这是故意的行为。
恕我直言,这样加密更安全。大多数伪黑客会认为不同的加密值意味着不同的实际值。
重要的是解密后你总是得到相同的值。
您必须小心:当您想两次使用相同的加密字符串时,您应该单独存储它,因为再次加密不会产生相同的结果。
Actually this is intentional behaviour.
IMHO this way the encryption is more secure. Most pseudo hackers would think different encrypted values mean different actual values.
The important thing is that you always get the same value upon decryption.
You have to be careful with that: when you want to use the same encrypted string twice you should store it separately, because encrypting again would not produce the same thing.