Rails中的加密解密 [英] Encryption-Decryption in Rails
问题描述
我正在使用 require'digest / sha1'加密我的密码并保存到数据库中。在登录期间,通过匹配保存在数据库中的加密密码进行身份验证,并再次加密一个使用输入密码字段。截至目前,一切正常,但现在我想做忘记密码功能。要做到这一点,我需要解密保存在数据库中的密码才能找到原来的密码。如何解密使用 digest / sha1 ?
或任何人都知道任何支持加密的算法解密还有吗?
I am using require 'digest/sha1' to encrypt my password and save into database. During login I authenticate by matching the encrypted password saved in database and again encrypted the one use enter in password field. As of now everything works fine but now I want to do 'Forgot Password' functionality. To do this I need to decrypt the password which is saved in database to find original one. How to decrypt using digest/sha1?
Or does anyone know any algorithm which supports encryption & decryption as well?
我在rails上使用ruby,所以我需要Ruby的方式来完成它。
I am using ruby on rails so I need Ruby way to accomplish it.
推荐答案
SHA1是一种单向功能,您不能反转它。
SHA1 is a one way function you can't reverse it.
这可能是有意义的重新设置密码:
http://www.binarylogic.com/2008 / 11/16 / tutorial-reset-passwords-with-authlogic /
This may be of interest re password resets: http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic/
如果你想加密/解密,那么你应该使用类似 AES 。一旦您开始使用加密/解密,您也必须开始担心密钥管理。
If you want to do encryption/decryption then you should use something like AES. Once you start using encryption/decryption, however, you'll also have to start worrying about key management too.
关于您对OP的评论 - 如果您要存储CC信息,我建议您让一个安全人员了解密码,密钥管理等等,谁也了解相关法律和法规方面。
Regarding your comment to the OP below - if you are going to to be storing CC info, I would advise you get a security person in who knows about crypto, key management etc and who also understands the relevant legal and regulatory aspects.
这篇关于Rails中的加密解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
