额外尾随零(或缺零)Java / PHP

时间:2013-09-10 00:40:15

标签: java php passwords zero

背景

我正在开发一个Bukkit插件(Minecraft服务器端)。该插件允许玩家相互发送消息。我也在开发一个Web界面。为了查看他们的“收件箱”,他们必须首先登录游戏中设置的密码。

此密码不是原始存储的,而是转换为长字符串的unicode值,然后分解为多个片段,每个片段都转换为十六进制并附加到不同的字符串。

Java版

//This isn't the best method, I know, but it's still going to take a genius to crack it.
//The resulting number (before somewhat converted to hex) is really
//long, there isn't an easy way of knowing the sequence of characters.
//This conversion is much different than straight up converting to hex,
//as PHP has certain limitations
public static String encodePassword(String password) {
    String longNumber = "";
    for(int i = 0; i < password.length(); i++) {
        longNumber += ((int) password.charAt(i));
    }
    //System.out.println("long = " + longNumber);
    String result = "";
    int splitLength = 5;
    int iterations = longNumber.length() / splitLength;
    if(longNumber.length() % splitLength > 0)
        iterations++;
    for(int i = 0; i < iterations; i++) {
        //System.out.println(result);
        int start = splitLength * i;
        if(longNumber.length() - start <= splitLength) {
            String sub = longNumber.substring(start);
            result += Integer.toHexString(Integer.parseInt(sub));
            continue;
        }
        String sub = longNumber.substring(start, start + splitLength);
        result += Integer.toHexString(Integer.parseInt(sub));
    }
    return result;
}

PHP版

function encodePassword($pw){
    $unicode = "";
    for($i=0; $i<strlen($pw); $i++){
        $char = $pw{$i};
        $val = unicode_value($char);
        $unicode = $unicode.$val;
    }
    $result = "";
    $splitLength = 5;
    $iterations = strlen($unicode) / $splitLength;
    if(strlen($unicode) % $splitLength > 0)
        $iterations++;
    for($i = 0; $i < $iterations; $i++) {
        $start = $splitLength * $i;
        if(strlen($unicode) - $start <= $splitLength) {
            $sub = substr($unicode, $start);
            $result = $result.base_convert($sub, 10, 16);
            continue;
        }
        $sub = substr($unicode, $start, $splitLength);
        $result = $result.base_convert($sub, 10, 16);
    }
    return $result;
}

如果我'编码'密码“partychat”(插件的名称,它也有群聊功能)我在Java中获得2c212c93ef23163a91bcc2c212c93ef23163a91bcc0(除了尾随之外) 0)在PHP中。我做错了什么?

注意: 这不总是发生,大多数'编码'工作正常,但由于某种原因,这种情况有时会发生

1 个答案:

答案 0 :(得分:0)

为什么你甚至想要这个,我只会使用userpassword的哈希值:This stackoverflow question about SHA-256,我知道它没有解决你的问题,但是更安全的是不发明你自己的加密标准:)< / p>