英文:
PHP implementation of JAVA's StandardStringDigester
问题
以下是翻译好的内容:
在PHP中,我尝试了一些方法:
$n = 854;
$x = 'XUXoV2VYc7zYJ8UN';
return hash_pbkdf2('sha1', $x, null, $n);
我还尝试了将上述代码中的 $n - 1 作为参数。在上面的示例中,x 是消息,n 是迭代次数。我并不确定我在这里在做什么。也许有一个PHP库可以指导我,或者任何方向都将不胜感激。
英文:
I am trying to implement Java's StandardStringDigester digest function in PHP to digest a string with the SHA-1 algorithm. I do not have experience with encryption, so I have tried a few things without understanding them. The Working Java example is following:
import java.net.URLEncoder;
import org.jasypt.digest.StandardStringDigester;
import java.io.UnsupportedEncodingException;
public class Main
{
public static void main (String[]args)
{
String x = "XUXoV2VYc7zYJ8UN";
int n = 854;
StandardStringDigester clientsd = new StandardStringDigester ();
clientsd.setIterations (n - 1);
clientsd.setAlgorithm ("SHA-1");
clientsd.setSaltSizeBytes (0); //no salt
String clientDigest = clientsd.digest (x);
String URLclientDigest = "a";
try {
URLclientDigest = URLEncoder.encode (clientDigest, "UTF-8");
} catch(UnsupportedEncodingException ex){
System.out.println("Encoding not supported");
ex.printStackTrace();
}
System.out.println (URLclientDigest);
}
}
In PHP I tried few things:
$n = 854;
$x = 'XUXoV2VYc7zYJ8UN';
return hash_pbkdf2('sha1', $x, null, $n);
I also tried the above code with $n -1.
In above examples x is the message and n is the iterations.
I am not really sure what I am doing here. Perhaps there is a PHP library someone can point me to or any direcction will be appreciated.
答案1
得分: 3
根据 StandardStringDigester 的文档(它是 Jasypt 库的一部分),哈希生成过程如下:
> 创建摘要的步骤如下:
>
> 1. 字符串消息被转换为字节数组。
> 2. 生成指定大小的盐(请参阅 SaltGenerator)。
> 3. 盐字节被添加到消息中。
> 4. 哈希函数被应用于盐和消息,然后再次应用于函数本身的结果,次数为指定的次数(迭代次数)。
> 5. 如果由盐生成器指定(参见 SaltGenerator.includePlainSaltInEncryptionResults()),则未经消化的盐和哈希函数的最终结果被串联起来,并作为结果返回。
> 6. 串联的结果以 BASE64 或 HEXADECIMAL 编码,并作为 ASCII 字符串返回。
由于在您的情况下未使用盐,可能的 PHP 实现如下:
$n = 854;
$x = 'XUXoV2VYc7zYJ8UN';
$hash = $x;
for ($counter = 0; $counter < $n - 1; $counter++){
$hash = hash('sha1', $hash, true);
}
print(base64_encode($hash)); // QGFgek+pfZ6nMk8Jn3stOe5KeEY=
与 Java 代码的结果类似(在 URL 编码之前),结果为 QGFgek+pfZ6nMk8Jn3stOe5KeEY=。
注意:如果 Java 代码中使用了盐(例如使用 ByteArrayFixedSaltGenerator),则 PHP 代码中的盐必须在循环之前与消息串联:$hash = $salt . $x;(而不是 $hash = $x;)。
英文:
According to the documentation of StandardStringDigester (which is part of the Jasypt library), the hash is generated as follows:
> The steps taken for creating digests are:
>
> 1. The String message is converted to a byte array
> 2. A salt of the specified size is generated (see SaltGenerator).
> 3. The salt bytes are added to the message.
> 4. The hash function is applied to the salt and message altogether, and then to the results of the function itself, as many times as
> specified (iterations).
> 5. If specified by the salt generator (see SaltGenerator.includePlainSaltInEncryptionResults()), the undigested
> salt and the final result of the hash function are concatenated and
> returned as a result.
> 6. The result of the concatenation is encoded in BASE64 or HEXADECIMAL and returned as an ASCII String.
Since no salt is used in your case, a possible PHP implementation is:
$n = 854;
$x = 'XUXoV2VYc7zYJ8UN';
$hash = $x;
for ($counter = 0; $counter < $n - 1; $counter++){
$hash = hash('sha1', $hash, true);
}
print(base64_encode($hash)); // QGFgek+pfZ6nMk8Jn3stOe5KeEY=
with the result QGFgek+pfZ6nMk8Jn3stOe5KeEY= analogous to the Java code (before the URL encoding).
Note: If a salt is used in the Java code (e.g. with ByteArrayFixedSaltGenerator), the salt in the PHP code must be concatenated with the message before the loop: $hash = $salt . $x; (instead of $hash = $x;).
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论