在 PHP 中生成盐
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2513734/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Generating a salt in PHP
提问by qster
What's the best way to generate a cryptographically secure 32 bytes salt in PHP, without depending on libraries seldom included in typical PHP installations?
在不依赖典型 PHP 安装中很少包含的库的情况下,在 PHP 中生成加密安全的 32 字节盐的最佳方法是什么?
After some googling I discovered that mt_randis not considered secure enough, but I haven't found a suggestion for a replacement. One article suggested reading from /dev/randombut not only this won't work on windows; it is also veryslow.
经过一番谷歌搜索后,我发现这mt_rand被认为不够安全,但我还没有找到替代建议。一篇文章建议阅读/dev/random但不仅在 Windows 上不起作用;它也很慢。
I want a reasonable balance between security and speed (ie, it shouldn't take 20 seconds to generate 512 bytes, like /dev/randomusually does)
我希望在安全性和速度之间取得合理的平衡(即,生成 512 字节不应花费 20 秒,就像/dev/random通常那样)
采纳答案by Amber
Note:
mcrypthas been deprecated in PHP 7.1. Skip to the up-to-date answer.
注意:
mcrypt已在 PHP 7.1 中弃用。跳到最新答案。
You might want to take a look at the documentation (and comments) for mcrypt_create_iv().
您可能需要查看mcrypt_create_iv().
回答by Scott Arciszewski
This is easier in PHP 7:
Just use $salt = random_bytes($numberOfDesiredBytes);to generate a salt.
这在 PHP 7 中更容易:只需用于$salt = random_bytes($numberOfDesiredBytes);生成盐。
What do you need a salt for, anyway? If it's for passwords, just use password_hash()and password_verify().
无论如何,你需要盐做什么?如果是密码,只需使用password_hash()和password_verify()。
回答by martinstoeckli
Note:
mcrypthas been deprecated in PHP 7.1. Skip to the up-to-date answer.
注意:
mcrypt已在 PHP 7.1 中弃用。跳到最新答案。
You can use the function mycrypt_create_iv(), since PHP Version 5.3 it also uses the random source on a Windows server (not only on Unix). Before using it, you should check if the constant MCRYPT_DEV_URANDOMis defined.
您可以使用该函数mycrypt_create_iv(),因为 PHP 版本 5.3 它还使用 Windows 服务器上的随机源(不仅在 Unix 上)。在使用它之前,您应该检查是否MCRYPT_DEV_URANDOM定义了常量。
mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
Unlike random, urandom does not block the server, if there is not enough entropy available. Since the password salt should be unique (not necessarily random), urandom seems to be a good choice to me.
与 random 不同,如果没有足够的可用熵,urandom 不会阻塞服务器。由于密码 salt 应该是唯一的(不一定是随机的),因此 urandom 对我来说似乎是一个不错的选择。
回答by Lorenz Lo Sauer
uniqueidis not well suited for generating a random string as it too is microtimebased.
A CPU Cycle is generally much shorter than a microtime-tick, which may lead to possible constancy for a given variable within loops.
Setting the second parameter "entropy" to true,
uniqueid不太适合生成随机字符串,因为它也是microtime基于的。CPU Cycle 通常比 microtime-tick 短得多,这可能导致循环内给定变量的恒定性。将第二个参数“entropy”设置为true,
uniqid('', true)
will provide increased randomness.
将提供增加的随机性。
To get a random string that is well compatible with most character-sets,one may apply base64 encoding to the mcryptinitilization vector function mcrypt_create_iv:
要获得与大多数字符集兼容的随机字符串,可以将 base64 编码应用于mcrypt初始化向量函数mcrypt_create_iv:
$length = 16;
base64_encode(mcrypt_create_iv(ceil(0.75*$length), MCRYPT_DEV_URANDOM))
//> hlZuRJypdHFQPtI2oSFrgA==
strlen(base64_encode(mcrypt_create_iv(ceil(0.75*$length), MCRYPT_DEV_URANDOM)))
//> 16
Reducing the character-alphabet to 2^6Bit increases the size, which is accounted for above.
将字符字母表减少到 2^6Bit 会增加大小,这在上面已经说明了。
回答by D.W.
Read from /dev/urandom, or use openssl_random_pseudo_bytes().
从 读取/dev/urandom,或使用openssl_random_pseudo_bytes().
回答by Justin Grant
Looks like this question has an accepted answer but I just want to additionally state after a bit of research and reading this thread that you might add some security if you don't put all your eggs in one basket.
看起来这个问题有一个公认的答案,但我只是想在经过一些研究和阅读这个帖子后另外声明,如果你不把所有的鸡蛋放在一个篮子里,你可能会增加一些安全性。
I might suggest not relying solely on PHP to create your salts and hashing your passwords. You can obfuscate your solution a little more if you let the database do part of the work.
我可能建议不要仅仅依靠 PHP 来创建盐和散列密码。如果您让数据库完成部分工作,您可以稍微混淆一下您的解决方案。
Someone suggested just using password_hash() and password_verify(). While those are great methods, I strongly recommend sticking to the idea of incorporating a salt in addition to these.
有人建议只使用 password_hash() 和 password_verify()。虽然这些都是很好的方法,但我强烈建议坚持在这些方法之外加入盐的想法。
To answer the question, a salt can be anything that is truly random and enforced as unique to the user. You can technically generate it however you wish as long as you adhere to those 2 rules.
为了回答这个问题,salt 可以是任何真正随机并强制执行为用户独有的东西。只要您遵守这 2 条规则,您就可以按照自己的意愿在技术上生成它。
a couple of good resources:
几个不错的资源:
https://www.codeproject.com/Articles/704865/Salted-Password-Hashing-Doing-it-Righthttps://auth0.com/blog/adding-salt-to-hashing-a-better-way-to-store-passwords/
https://www.codeproject.com/Articles/704865/Salted-Password-Hashing-Doing-it-Right https://auth0.com/blog/adding-salt-to-hashing-a-better-way-to -存储密码/
回答by Your Common Sense
I think microtime()is enough.
我觉得microtime()就够了。
Strangely, but I am still getting downvotes for this answer.
奇怪的是,但我仍然对这个答案投反对票。
Though the only explanation I get is that microtime is predictable.
It sounds strange to me as salt always assumed as openly known- so, there is no use for prediction at all.
虽然我得到的唯一解释是微时间是可预测的。
这对我来说听起来很奇怪,因为盐总是被认为是公开的——所以,预测根本没有用。
