Laravel 5 Crypt 函数中预期的字符长度
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/30439059/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Character length to be expected in Laravel 5 Crypt function
提问by Kenny Yap
Just a quick question if I'm using the Laravel 5 Crypt::encrypt()function and I would like to save it into a database, how many characters am i expecting? Does the character length depends on the length of my message or would it be at a fixed length?
只是一个简单的问题,如果我使用 Laravel 5Crypt::encrypt()函数并且我想将它保存到数据库中,我期望多少个字符?字符长度取决于我的消息的长度还是固定长度?
Currently I am using varchar 255 in my database and from time to time there are missing characters here and there thus causing problems during decryption.
目前我在我的数据库中使用 varchar 255 并且不时在这里和那里丢失字符,从而导致解密过程中出现问题。
Thank You
谢谢你
回答by Harry Geo
From the official Laravel documentation:
来自 Laravel 官方文档:
Laravel provides facilities for strong AES encryption via the Mcrypt PHP extension.
Laravel 通过 Mcrypt PHP 扩展提供强大的 AES 加密功能。
From official PHP documentation using mcrypt_generic.
来自使用 mcrypt_generic 的官方 PHP 文档。
If you want to store the encrypted data in a database make sure to store the entire string as returned by mcrypt_generic, or the string will not entirely decrypt properly. If your original string is 10 characters long and the block size is 8 (use mcrypt_enc_get_block_size() to determine the blocksize), you would need at least 16 characters in your database field. Note the string returned by mdecrypt_generic() will be 16 characters as well...use rtrim($str, "\0") to remove the padding.
如果要将加密数据存储在数据库中,请确保存储 mcrypt_generic 返回的整个字符串,否则该字符串将无法完全正确解密。如果您的原始字符串长度为 10 个字符且块大小为 8(使用 mcrypt_enc_get_block_size() 确定块大小),则您的数据库字段中至少需要 16 个字符。请注意, mdecrypt_generic() 返回的字符串也将是 16 个字符...使用 rtrim($str, "\0") 删除填充。
More here
更多在这里
So I guess the correct answer, is that the size of characters generated by the encrypt function depends on the size of the text you are parsing through the encrypt function.
所以我猜正确的答案是 encrypt 函数生成的字符大小取决于您通过 encrypt 函数解析的文本的大小。
Assuming you are using MySQL,why don't you just use a TEXT if you are parsing a lot of information? More info about MySQL field types here
假设您使用的是 MySQL,如果您正在解析大量信息,为什么不只使用 TEXT?关于 MySQL 字段类型的更多信息在这里
回答by jdforsythe
The answer is difficult to define because it does depend on your input size. But even a fixed input size yields different size output.
答案很难定义,因为它确实取决于您的输入大小。但即使是固定的输入大小也会产生不同大小的输出。
I created a simple script to test real-world sizes for different string lengths.
我创建了一个简单的脚本来测试不同字符串长度的实际大小。
Here's sample output:
这是示例输出:
Testing Laravel Crypt::encrypt() result length
Number of passes: 1000000
Minimum input length: 1
Maximum input length: 32
Input length: 1 - Output length 188 - 200
Input length: 2 - Output length 188 - 200
Input length: 3 - Output length 188 - 200
Input length: 4 - Output length 188 - 200
Input length: 5 - Output length 188 - 200
Input length: 6 - Output length 188 - 200
Input length: 7 - Output length 188 - 200
Input length: 8 - Output length 188 - 200
Input length: 9 - Output length 216 - 228
Input length: 10 - Output length 216 - 228
Input length: 11 - Output length 216 - 228
Input length: 12 - Output length 216 - 228
Input length: 13 - Output length 216 - 228
Input length: 14 - Output length 216 - 228
Input length: 15 - Output length 216 - 228
Input length: 16 - Output length 216 - 228
Input length: 17 - Output length 216 - 228
Input length: 18 - Output length 216 - 228
Input length: 19 - Output length 216 - 228
Input length: 20 - Output length 216 - 228
Input length: 21 - Output length 216 - 228
Input length: 22 - Output length 216 - 228
Input length: 23 - Output length 216 - 228
Input length: 24 - Output length 244 - 256
Input length: 25 - Output length 244 - 256
Input length: 26 - Output length 244 - 256
Input length: 27 - Output length 244 - 256
Input length: 28 - Output length 244 - 256
Input length: 29 - Output length 244 - 256
Input length: 30 - Output length 244 - 256
Input length: 31 - Output length 244 - 256
Input length: 32 - Output length 244 - 256
Note - if you're running this yourself, you'll need to set it to around 1 million passes per string length to get the actual hard min and max limits. 500,000 wasn't enough in my testing. Also, the get_random_inputfunction only outputs a maximum 32 character string, so it would have to be modified to test longer strings.
注意 - 如果你自己运行它,你需要将它设置为每个字符串长度大约 100 万遍,以获得实际的最小和最大限制。500,000 在我的测试中是不够的。此外,该get_random_input函数最多只能输出 32 个字符的字符串,因此必须对其进行修改以测试更长的字符串。
回答by omarjebari
The output DOES depend on the size of the input so it is safer to use a TEXT datatype for your column instead of a VARCHAR. To test it take the largest possible string in your db column and run it through the encrypt() function to see how large the resulting string is. Note that if you are enforcing a length limit on raw text (before encryption) then you may get away with using VARCHAR.
输出确实取决于输入的大小,因此对列使用 TEXT 数据类型而不是 VARCHAR 更安全。要测试它,请在您的 db 列中使用尽可能大的字符串并通过 encrypt() 函数运行它以查看结果字符串有多大。请注意,如果您对原始文本(加密前)强制执行长度限制,那么您可能会使用 VARCHAR。
