在PHP中生成随机密钥的最佳方法是什么? [英] What is the best way to generate a random key within PHP?
问题描述
我正在寻找一个可重用的函数,该函数将生成一个随机密钥,该随机密钥具有选定长度(2到1000+之间的任意长度)的可打印ACSII字符.我认为可打印的ASCII字符应为33-126.它们的密钥不需要完全唯一,只要在完全相同的毫秒内生成就可以唯一(因此uniqid()
将不起作用).
I'm looking to create a reusable function that will generate a random key with printable ACSII characters of chosen length (anywhere from 2 to 1000+). I'm thinking printable ASCII characters would be 33-126. They key does not need to be completely unique, just unique if generated at the exact same millisecond (so uniqid()
won't work).
我想将chr()
和mt_rand()
组合使用是可行的.
I'm thinking a combination of chr()
and mt_rand()
might work.
这是要走的路,还是其他最好的方法?
Is this the way to go, or is something else the best method?
uniqid()
也将不起作用,因为它没有长度参数,这正是PHP为您提供的.
uniqid()
will also not work because it doesn't have a length parameter, it's just whatever PHP gives you.
我的想法:这是我想出的:
function GenerateKey($length = 16) {
$key = '';
for($i = 0; $i < $length; $i ++) {
$key .= chr(mt_rand(33, 126));
}
return $key;
}
这有什么问题吗?
另一个编辑:大多数其他问题与密码生成有关.我想要更多种类的字符,并且我不在乎1
vs l
.我希望最大可能的键数.
Another Most of the other questions deal with password generation. I want a wider variety of characters and I don't care about 1
vs l
. I want the maximum number of possible keys to be possible.
注意:生成的密钥不一定必须是加密安全的.
推荐答案
Update (12/2015): For PHP 7.0, you should use random_int()
instead of mt_rand
as it provides "cryptographically secure values"
我个人喜欢使用sha1(microtime(true).mt_rand(10000,90000))
,但是您正在寻找更多可定制的方法,因此请尝试使用此功能(这是对
Personally, I like to use sha1(microtime(true).mt_rand(10000,90000))
but you are looking for more of a customizable approach, so try this function (which is a modification to your request of this answer):
function rand_char($length) {
$random = '';
for ($i = 0; $i < $length; $i++) {
$random .= chr(mt_rand(33, 126));
}
return $random;
}
不过,这可能会比uniqid(),md5()或sha1()慢得多.
Still, this will probably be significantly slower than uniqid(), md5(), or sha1().
编辑:很抱歉,您似乎是第一次使用它. :D
Looks like you got to it first, sorry. :D
我决定在装有PHP 5和eAccelerator的Debian机器上做一个不错的小测试(请注意长代码):
Edit 2: I decided to do a nice little test on my Debian machine with PHP 5 and eAccelerator (excuse the long code):
function rand_char($length) {
$random = '';
for ($i = 0; $i < $length; $i++) {
$random .= chr(mt_rand(33, 126));
}
return $random;
}
function rand_sha1($length) {
$max = ceil($length / 40);
$random = '';
for ($i = 0; $i < $max; $i ++) {
$random .= sha1(microtime(true).mt_rand(10000,90000));
}
return substr($random, 0, $length);
}
function rand_md5($length) {
$max = ceil($length / 32);
$random = '';
for ($i = 0; $i < $max; $i ++) {
$random .= md5(microtime(true).mt_rand(10000,90000));
}
return substr($random, 0, $length);
}
$a = microtime(true);
for ($x = 0; $x < 1000; $x++)
$temp = rand_char(1000);
echo "Rand:\t".(microtime(true) - $a)."\n";
$a = microtime(true);
for ($x = 0; $x < 1000; $x++)
$temp = rand_sha1(1000);
echo "SHA-1:\t".(microtime(true) - $a)."\n";
$a = microtime(true);
for ($x = 0; $x < 1000; $x++)
$temp = rand_md5(1000);
echo "MD5:\t".(microtime(true) - $a)."\n";
结果:
Rand: 2.09621596336
SHA-1: 0.611464977264
MD5: 0.618473052979
因此,我的建议是,如果您想提高速度(而不是完整的字符集),则坚持使用MD5,SHA-1或Uniqid(我尚未测试过..)
So my suggestion, if you want speed (but not full charset), is to stick to MD5, SHA-1, or Uniqid (which I didn't test.. yet)
这篇关于在PHP中生成随机密钥的最佳方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!