PHP实现JAVA的StandardStringDigester

huangapple go评论87阅读模式
英文:

PHP implementation of JAVA's StandardStringDigester

问题

以下是翻译好的内容:

在PHP中,我尝试了一些方法:

$n = 854;
$x = 'XUXoV2VYc7zYJ8UN';

return hash_pbkdf2('sha1', $x, null, $n);

我还尝试了将上述代码中的 $n - 1 作为参数。在上面的示例中,x 是消息,n 是迭代次数。我并不确定我在这里在做什么。也许有一个PHP库可以指导我,或者任何方向都将不胜感激。

英文:

I am trying to implement Java's StandardStringDigester digest function in PHP to digest a string with the SHA-1 algorithm. I do not have experience with encryption, so I have tried a few things without understanding them. The Working Java example is following:

import java.net.URLEncoder;
import org.jasypt.digest.StandardStringDigester;
import java.io.UnsupportedEncodingException;

public class Main
{

  public static void main (String[]args)
  {
    String x = "XUXoV2VYc7zYJ8UN";
    int n = 854;
    StandardStringDigester clientsd = new StandardStringDigester ();
      clientsd.setIterations (n - 1);
      clientsd.setAlgorithm ("SHA-1");
      clientsd.setSaltSizeBytes (0);	//no salt
    String clientDigest = clientsd.digest (x);
    String URLclientDigest = "a";
    try {
         URLclientDigest = URLEncoder.encode (clientDigest, "UTF-8");
    } catch(UnsupportedEncodingException ex){
							System.out.println("Encoding not supported");
							ex.printStackTrace();
			}
      System.out.println (URLclientDigest);
  }
}

In PHP I tried few things:

$n = 854;
$x = 'XUXoV2VYc7zYJ8UN';

return hash_pbkdf2('sha1', $x, null, $n);

I also tried the above code with $n -1.
In above examples x is the message and n is the iterations.
I am not really sure what I am doing here. Perhaps there is a PHP library someone can point me to or any direcction will be appreciated.

答案1

得分: 3

根据 StandardStringDigester 的文档(它是 Jasypt 库的一部分),哈希生成过程如下:

> 创建摘要的步骤如下:
>
> 1. 字符串消息被转换为字节数组。
> 2. 生成指定大小的盐(请参阅 SaltGenerator)。
> 3. 盐字节被添加到消息中。
> 4. 哈希函数被应用于盐和消息,然后再次应用于函数本身的结果,次数为指定的次数(迭代次数)。
> 5. 如果由盐生成器指定(参见 SaltGenerator.includePlainSaltInEncryptionResults()),则未经消化的盐和哈希函数的最终结果被串联起来,并作为结果返回。
> 6. 串联的结果以 BASE64 或 HEXADECIMAL 编码,并作为 ASCII 字符串返回。

由于在您的情况下未使用盐,可能的 PHP 实现如下:

$n = 854;
$x = 'XUXoV2VYc7zYJ8UN';

$hash = $x;
for ($counter = 0; $counter < $n - 1; $counter++){
    $hash = hash('sha1', $hash, true);
}

print(base64_encode($hash)); // QGFgek+pfZ6nMk8Jn3stOe5KeEY=

与 Java 代码的结果类似(在 URL 编码之前),结果为 QGFgek+pfZ6nMk8Jn3stOe5KeEY=

注意:如果 Java 代码中使用了盐(例如使用 ByteArrayFixedSaltGenerator),则 PHP 代码中的盐必须在循环之前与消息串联:$hash = $salt . $x;(而不是 $hash = $x;)。

英文:

According to the documentation of StandardStringDigester (which is part of the Jasypt library), the hash is generated as follows:

> The steps taken for creating digests are:
>
> 1. The String message is converted to a byte array
> 2. A salt of the specified size is generated (see SaltGenerator).
> 3. The salt bytes are added to the message.
> 4. The hash function is applied to the salt and message altogether, and then to the results of the function itself, as many times as
> specified (iterations).
> 5. If specified by the salt generator (see SaltGenerator.includePlainSaltInEncryptionResults()), the undigested
> salt and the final result of the hash function are concatenated and
> returned as a result.
> 6. The result of the concatenation is encoded in BASE64 or HEXADECIMAL and returned as an ASCII String.

Since no salt is used in your case, a possible PHP implementation is:

$n = 854;
$x = &#39;XUXoV2VYc7zYJ8UN&#39;;

$hash = $x;
for ($counter = 0; $counter &lt; $n - 1; $counter++){
	$hash = hash(&#39;sha1&#39;, $hash, true);
}

print(base64_encode($hash)); // QGFgek+pfZ6nMk8Jn3stOe5KeEY=

with the result QGFgek+pfZ6nMk8Jn3stOe5KeEY= analogous to the Java code (before the URL encoding).

Note: If a salt is used in the Java code (e.g. with ByteArrayFixedSaltGenerator), the salt in the PHP code must be concatenated with the message before the loop: $hash = $salt . $x; (instead of $hash = $x;).

huangapple
  • 本文由 发表于 2020年9月15日 14:26:35
  • 转载请务必保留本文链接:https://go.coder-hub.com/63896274.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定