哈希函数在ColdFusion MX7和PHP 5.x上工作相同? [英] hash function that works identically on ColdFusion MX7 and PHP 5.x?
问题描述
我正在开发一个传统的ColdFusion MX7网站。他们想实现一个salted hash密码系统。但有一段时间,在下一年左右他们计划建立一个全新的PHP网站,不想重置(丢失)所有的密码。
所以我正在寻找一些可以在这两个平台上工作的代码。
我是新的,但据我所知,下面两个代码块应该做同样的事情。然而,它们产生不同的结果。任何人关心帮助?
COLDFUSION CODE:
< cffunction name =computeHash access =publicreturntype =String>
< cfargument name =passwordtype =string/>
< cfargument name =salttype =string/>
< cfargument name =iterationstype =numericrequired =falsedefault =1024/>
< cfargument name =algorithmtype =stringrequired =falsedefault =SHA-1/>
< cfscript>
var hashed ='';
hashed = hash(password& salt,arguments.algorithm,'UTF-8');
< / cfscript>
< cfloop from =1to =#iterations#index =i>
< cfscript>
hashed = hash(hashed& salt,arguments.algorithm,'UTF-8');
< / cfscript>
< / cffunction>
PHP CODE:
function computeHash($ password,$ salt)
{
$ hashed ='';
$ hashed = hash('sha1',$ password。$ salt);
for($ i = 1; $ i <= 1024; $ i ++)
{
$ hashed = hash('sha1',$ hashed。
}
echo $ hashed;
}
UPDATE 1:
你的回复!使用密码p @ ssW0rd和盐JjXSROiYyKkxNzTklaiErQ ==生成以下结果:
COLDFUSION: p>
代码,第1部分:
hashed = hash(password& salt ,arguments.algorithm,'UTF-8');
产生:
code> A0A8DE3A3B2A8BFD74766EEE126950F4462D3BCB
代码,第2部分:
hash(hashed& salt,arguments.algorithm,'UTF-8');
产生:
code> CFF9B75918B75761B5568854782CD709B2941637
PHP:
$ b
代码,第1部分:
$ hashed = hash('sha1',$ password。 $ salt);
产生:
code> a0a8de3a3b2a8bfd74766eee126950f4462d3bcb
代码,第2部分:
hash('sha1',$ hashed。$ salt);
产生:
code> e955404423747ec706561fa9a319ddac47194a65
如您所见,第一次,输出匹配。但是当我重新哈希,他们不再匹配。我很困惑。
ColdFusion生成
A0A8DE3A3B2A8BFD74766EEE126950F4462D3BCBp>
,PHP会产生
a0a8de3a3b2a8bfd74766eee126950f4462d3bcb
,第一次,输出匹配。
这些字符串不相同。您需要将它们都转换为相同的情况 - 我将在PHP的生成结果中使用 strtoupper()。
I am working on a legacy ColdFusion MX7 site. They want to implement a "salted hash" password system. But some time in the next year or so they plan to build a completely new PHP site and don't want to have to reset (lose) all the passwords.
So I'm looking for some code that will work on both platforms.
I'm new to this, but as far as I can tell, the following two blocks of code should do the same thing. However, they produce different results. Anyone care to help?
COLDFUSION CODE:
<cffunction name="computeHash" access="public" returntype="String">
<cfargument name="password" type="string" />
<cfargument name="salt" type="string" />
<cfargument name="iterations" type="numeric" required="false" default="1024" />
<cfargument name="algorithm" type="string" required="false" default="SHA-1" />
<cfscript>
var hashed = '';
hashed = hash( password & salt, arguments.algorithm, 'UTF-8' );
</cfscript>
<cfloop from="1" to="#iterations#" index="i">
<cfscript>
hashed = hash( hashed & salt, arguments.algorithm, 'UTF-8' );
</cfscript>
</cfloop>
</cffunction>
PHP CODE:
function computeHash($password,$salt)
{
$hashed = '';
$hashed = hash('sha1', $password . $salt);
for ($i = 1; $i <= 1024; $i++)
{
$hashed = hash('sha1', $hashed . $salt);
}
echo $hashed;
}
UPDATE 1: Thanks for your replies! Using a password of "p@ssW0rd", and a salt of "JjXSROiYyKkxNzTklaiErQ==" generates the following results:
COLDFUSION:
code, part 1:
hashed = hash( password & salt, arguments.algorithm, 'UTF-8' );
generates:
A0A8DE3A3B2A8BFD74766EEE126950F4462D3BCB
code, part 2:
hash( hashed & salt, arguments.algorithm, 'UTF-8' );
generates:
CFF9B75918B75761B5568854782CD709B2941637
PHP:
code, part 1:
$hashed = hash('sha1', $password . $salt);
generates:
a0a8de3a3b2a8bfd74766eee126950f4462d3bcb
code, part 2:
hash('sha1', $hashed . $salt);
generates:
e955404423747ec706561fa9a319ddac47194a65
As you can see, the first time around, the outputs match. But when I re-hash, they no longer match. I'm confused.
ColdFusion generates
A0A8DE3A3B2A8BFD74766EEE126950F4462D3BCB, and PHP generates
a0a8de3a3b2a8bfd74766eee126950f4462d3bcbAs you can see, the first time around, the outputs match.
Those strings are not identical. You need to turn them both to the same case - I would use strtoupper() on PHP's generated result.
这篇关于哈希函数在ColdFusion MX7和PHP 5.x上工作相同?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
