php cryptr 加密函数

小贝

1. class CryptHelper {
2. /**
3. * 加密
4. * @param unknown $password
5. * @param unknown $salt
6. * @return string
7. */
8. public static function crypt($password,$salt){
9. // $saltPrefix .= '$2y$'; // Blowfish 算法
10. // $saltPrefix .= '13'; // 两位 cost 参数
11. // $saltPrefix .= '$'; // 一个 $
12. // $saltSuffix .= 'LGsF2ctmKKHE1yr2Py.vtu';
13. return crypt($password, $salt);
14. }
16. /**
17. * 字符比较
18. * @param unknown $expected
19. * @param unknown $actual
20. * @return boolean
21. */
22. public static function compareString($expected, $actual)
23. {
24. $expected .= "\0";
25. $actual .= "\0";
26. $expectedLength = mb_strlen($expected, '8bit');
27. $actualLength = mb_strlen($actual, '8bit');
28. $diff = $expectedLength - $actualLength;
29. for ($i = 0; $i < $actualLength; $i++) {
30. $diff |= (ord($actual[$i]) ^ ord($expected[$i % $expectedLength]));
31. }
32. return $diff === 0;
33. }
35. /**
36. * 校验密码
37. * @param unknown $password
38. * @param unknown $hash
39. * @return boolean
40. */
41. public static function validatePassword($password, $hash)
42. {
43. if (!is_string($password) || $password === '') {
44. return false;
45. }
47. if (!preg_match('/^\$2[axy]\$(\d\d)\$[\.\/0-9A-Za-z]{22}/', $hash, $matches)
48. || $matches[1] < 4
49. || $matches[1] > 30
50. ) {
51. return false;
52. }
54. $test = self::crypt($password, $hash);
55. $n = strlen($test);
56. if ($n !== 60) {
57. return false;
58. }
59. return self::compareString($test, $hash);
60. }
61. }

复制代码

测试

1. // --------- 测试 --------
2. // 加密
3. $salt = '$2y$13$LGsF2ctmKKHE1yr2Py.vtu'; // 7 + 22 == 29
4. $password = 'Aa123456';
5. echo CryptHelper::crypt($password,$salt);
6. echo PHP_EOL;
8. // 校验
9. $hash = '$2y$13$LGsF2ctmKKHE1yr2Py.vtuiUR/A0C6tARkCxMO.LUlsiRISu7u53m';
10. echo CryptHelper::crypt($password,$hash);
11. echo PHP_EOL;
13. echo strlen($hash);
14. echo PHP_EOL;
16. echo CryptHelper::validatePassword($password, $hash);

复制代码