PHP returns a string function encrypted using Des and Blowfish and MD5 algorithm crypt ()

Source: Internet
Author: User
Tags crypt md5 encryption printable characters rounds

Definition and usage

The crypt () function returns a string that is encrypted using the DES, Blowfish, or MD5 algorithms.

On different operating systems, the function behaves differently, and some operating systems support more than one type of algorithm. At installation time, PHP checks what algorithms are available and what algorithms are used.

The exact algorithm relies on the format and length of the salt parameter. Salt can make encryption more secure by increasing the number of strings that are generated by a particular string with a particular encryption method.

Here are some constants used with the crypt () function. These constant values are set by PHP at the time of installation.

Constant:

  • [Crypt_salt_length]-The default encryption length. Uses standard DES encryption with a length of 2

  • [Crypt_std_des]-standard DES-based encryption has a 2-character salt from the alphabet "./0-9a-za-z". Using an invalid character in a salt will cause the function to fail.

  • [Crypt_ext_des]-The extended DES-based encryption has a 9-character salt, consisting of 1 underscores, followed by 4-byte iterations and a 4-byte salt. These are encoded as printable characters, 6 bits per character, and the lowest valid character takes precedence. Values 0 through 63 are encoded as "./0-9a-za-z". Using an invalid character in a salt will cause the function to fail.

  • [CRYPT_MD5]-MD5 encrypts a 12-character salt, starting with $1$.

  • [Crypt_blowfish]-BLOWFISH encryption has a salt that starts with $2a$, $2x$, or $2y$, a two-digit cost parameter "$", and 22 characters from the alphabet "./0-9a-za-z". The throw function is returned with a character other than the alphabet to return a string of length 0. The "$" parameter is the logarithm of the number of iterations based on the Blowfish hash algorithm at base 2, which must be within the 04-31 range. A value outside that range will throw a function failure.

  • [crypt_sha_256]-SHA-256 encrypts a 16-character salt, starting with $5$. If the salt string starts with "rounds=<n>$", the numeric value of N is used to indicate the number of times the hash loop was executed, similar to the cost parameter in Blowfish. The default number of loops is 5000, the minimum value is 1000, and the maximum value is 999,999,999. Any value of N beyond this range will be converted to the nearest boundary value.

  • [crypt_sha_512]-SHA-512 encrypts a 16-character salt, starting with $6$. If the salt string starts with "rounds=<n>$", the numeric value of N is used to indicate the number of times the hash loop was executed, similar to the cost parameter in Blowfish. The default number of loops is 5000, the minimum value is 1000, and the maximum value is 999,999,999. Any value of N beyond this range will be converted to the nearest boundary value.

On systems where the function supports multiple algorithms, the above constants are set to "1" if supported, otherwise set to "0".

Note: There is no corresponding decryption function. The crypt () function uses a one-way algorithm.

Grammar

Crypt (Str,salt)

Parameter description

Str required. Specifies the string to encode.

Salt is optional. Used to increase the number of characters encoded in a string to make the encoding more secure. If the salt parameter is not provided, one is randomly generated each time the function is called.

Technical details

Return value: Returns the encrypted string, or a string less than 13 characters and guaranteed to be different from the salt if it fails.

PHP version: 4+

Update log: In PHP 5.3.7, the $2x$ and $2y$ Blowfish modes are added to handle potential high-level attacks.

In PHP 5.3.2, constants SHA-256 and SHA-512 are added.

From PHP 5.3.2, Blowfish in an invalid loop will return the "failure" string ("*0" or "* *") instead of going back to DES.
Since PHP 5.3.0, PHP comes with MD5 encryption implementation, standard DES implementations, extended des implementations, and Blowfish algorithms. If the system does not support the above algorithm, it will be implemented using PHP's own algorithm.

Instance

Example 1

In this example, we will test the different algorithms:

<?php//2 character saltif (crypt_std_des = = 1) {echo "Standard DES:". CRYPT (' Something ', ' st '). " N<br> "; }else{echo "Standard DES not supported.n<br>";} 4 Character saltif (crypt_ext_des = = 1) {echo "Extended DES:". CRYPT (' Something ', ' _s4 '). Some '). " N<br> ";} Else{echo "Extended DES not supported.n<br>";} Character Salt starting with $1$ if (crypt_md5 = = 1) {echo "MD5:". CRYPT (' Something ', ' $1$somethin$ '). " N<br> "; }else{echo "MD5 not supported.n<br>";} Salt starting with $2a$. The digit cost parameter:09. Characters if (crypt_blowfish = = 1) {echo "BLOWFISH:". CRYPT (' Something ', ' $2a$09$anexamplestringforsalt$ '). " N<br> "; }else{echo "Blowfish DES not supported.n<br>";} Character salt starting with $5$. The default number of rounds is 5000.if (crypt_sha256 = = 1) {echo "SHA-256:". CRYPT (' Something ', ' $5$rounds=5000$anexamples tringforsalt$ '). " N<br> "; }else{echo "SHA-256 not supported.n<br>";} Character Salt StartiNg with $5$. The default number of rounds is 5000.if (crypt_sha512 = = 1) {echo "SHA-512:". CRYPT (' Something ', ' $6$rounds=5000$anexamples tringforsalt$ '); }else{echo "SHA-512 not Supported";}? >

The above code output is as follows (depending on the operating system):

Standard des:stqadd7zlbbyiextended DES: _S4. SOMEQXIDLBPTUU6MD5: $1$somethin$4nzkruly6r7k7.rdeoz0w.blowfish: $2a$09$ ANEXAMPLESTRINGFORSALELOUKEJCJRLEXMF1671QW3KHL49R3DFUSHA-256: $5$rounds=5000$anexamplestringf$kirctqsxo2wrpg5ag /HS4JTI4PMONKQUGWFXLVY9VU9SHA-512: $6$rounds=5000$anexamplestringf$oo0skoadufxkqxjpwzo05wgrhg0dhuapbaou/ Onbgpceklf/7ovm5wn6an0w2vwuga0o24olzgqpp1xki6llq0.

One, the code

<?php  $str = ' Apply crypt () function for one-way encryption! ';     Declares the string variable $str  echo ' before encrypting the value of $str: '. $str;  $crypttostr = Crypt ($STR);      The value of the $STR encryption  Echo ' <p> encryption $str after the variable is: '. $crypttostr;  Output encrypted variable?>

Ii. Results of operation

Parameters do not have a salt, each encryption results in a different cipher.
The $STR value before encryption is: Apply the crypt () function for one-way encryption!
The value of $str after encryption is: $1$re4.gg4. $D. yd00xx0fffifp6krkgn0

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.