crypt

问题 I want to use Blowfish hashing to hash password. crypt() does not support it in PHP versions prior to 5.3 My PHP version is 5.2.14. How can I use Blowfish hashing? Can I use PEAR's Crypt_Blowfish instead? 回答1: PEAR's Crypt_Blowfish is meant to stand in for PHP's MCrypt extension - it's a two-way encryption scheme, not for hashing. While bcrypt is based on Blowfish, it's not the same thing. Confusingly, PHP 5.3.0's CRYPT_BLOWFISH is a hashing algorithm. Is there a reason why upgrading to PHP 5

问题 I use a php script that hashes passwords using php's crypt and uses SHA512, however when I try to check if SHA512 is set I get the above error. Of course I know WHY I get this error.. php is missing some dependency. I just don't know what that dependency is. Can anyone please tell me what I need to install (on a Ubuntu server) to be able to use SHA512 in PHP ? Thanks! 回答1: The php docs say that built-in support for SHA-256 and SHA-512 was added in PHP 5.3.2. If you use any earlier versions of

问题 I have a table which stores user login infomration, which contains passwords in the below scheme {crypt}hashedpassword {ssha}hashedpasswordsalted {md5}hashedpassword ..... Is there a perl module that understands this scheme and is able to validate the password given the plain text password ? Something like print "success!!\n" if validatePassword("helloworld",{CRYPT}r2sKInajXZ6Fk) Thanks. 回答1: Authen::Passphrase can do this: use Authen::Passphrase; print "success!!\n" if Authen::Passphrase-

问题 I am developing an API using PHP (Codeigniter) and Phils RESTserver. I am creating a hash using crypt() with the password and the salt. The problem is that the hash that is the result of the crypt() algorithm is different on my local machine and on the server. It works fine locally but not on the server (to short). I know the password and the salt are the same because I tried them hardcoded to. Hash from local machine: $2a$10$g6J7CUjJvB0JpTd7UcrowePEbqp/oBmZEpd7vS.5HFYx38f08Tb/a Hash from the

问题 Crypt is generating different hashes with the same input data, and the [following] previously functional hash generator/check is no longer working for authenticating users: public static function blowfish($password, $storedpass = false) { //if encrypted data is passed, check it against input ($info) if ($storedpass) { if (substr($storedpass, 0, 60) == crypt($password, "$2y$08$".substr($storedpass, 60))) { return true; } else { return false; } } else { //make a salt and hash it with input, and

问题 Do you know how to create a ldap compatible password (preferred md5crypt) via python on Windows I used to write something like this in Linux but the crypt module is not present on Windows char_set = string.ascii_uppercase + string.digits salt = ''.join(random.sample(char_set,8)) salt = '$1$' + salt + '$' pwd = "{CRYPT}" + crypt.crypt(str(old_password),salt) 回答1: The Passlib python library contains cross-platform implementations of all the crypt(3) algorithms. In particular, it contains ldap

问题 This is my first time using the crypt() function in PHP, and I can't figure out why it isn't working. My code is based on this article: http://www.techrepublic.com/blog/australia/securing-passwords-with-blowfish/1274 function blowfishHash ($pw) { //generate random salt $salt = "$2y$10$"; for ($i = 0; $i < 22; $i++) { $salt .= substr("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", mt_rand(0, 63), 1); } $hash = crypt($pw, $salt); //printout to file $file = fopen("debug.txt",

问题 I am working on a script and need to save passwords. For development purposes, I have been using the crypt() function because it was easy and available. Now that I am mostly done, I want to replace it with something a little better and more consistent. Some of the concerns I have are: not all algorithms are supported on every system sometimes the salt is pre-pended to the result (seems like a security problem) I want something that works with PHP 4.3+. Is there anything available, or should I

问题 I have successfully created my passwords and am inserting them into the database using CRYPT_BLOWFISH. However I do no know how to match the crypted passwords in the database to the passwords the user is entering to login. Any help is greatly appreciated thanks. To generate the password from the users input I use: REGISTER.PHP //If there are no errors or returned_records and the form is submitted let's submit the info and register the user else if(!$error_msg && !$returned_record && $_POST[

问题 This question already has answers here : Closed 8 years ago . Possible Duplicate: Secure hash and salt for PHP passwords I am making a website, and I need a secure algorithm to store passwords. I was first thinking of bcrypt, but then I found out my host did not support it and I am not able to change host. My host allow this encryption: Standard DES And these hashes: MD5 md2, md4 & md5 sha1, sha256, sha384 & sha512 ripemd128, ripemd160, ripemd256 and ripemd360 whirlpool tiger128,3, tiger160,3