我使用此代码将我的数据加密到河豚,但我不知道真的要转换为河豚或其他加密。
echo crypt('ab','$2a$09$anexamplestringforsalt$')."\n
我正在试用底码,但这是假的
";
echo CRYPT_BLOWFISH('ab','$2a$09$anexamplestringforsalt$')."\n
";
答案 0 :(得分:0)
它是crypt参数字符串,用于定义使用的算法:
$2a : This describes the algorithm (BCrypt) but should be 2y nowadays
$09 : This is the number of rounds and is usually 10 or higher
$anexamplestringforsalt : This should be a really random salt of a given alphabet
要生成BCrypt哈希,使用新的password_hash()函数要安全得多,但早期的PHP版本也存在compatibility pack。
// Hash a new password for storing in the database.
// The function automatically generates a cryptographically safe salt.
$hashToStoreInDb = password_hash($password, PASSWORD_BCRYPT);
// Check if the hash of the entered login password, matches the stored hash.
// The salt and the cost factor will be extracted from $existingHashFromDb.
$isPasswordCorrect = password_verify($password, $existingHashFromDb);