mhash_keygen_s2k() - mhash库（加密）

乐乐2年前 (2023-11-21)阅读数 29#技术干货

文章标签返回值

mhash_keygen_s2k()

(PHP 4 >= 4.0.4, PHP 5, PHP 7)

Generates a key

说明

mhash_keygen_s2k(int $hash,string $password,string $salt,int $bytes): string

Generates a key according to the given$hash, using an user provided$password.

This is the Salted S2K algorithm as specified in the OpenPGP document(» RFC 2440).

Keep in mind that user supplied passwords are not really suitable to be used as keys in cryptographic algorithms, since users normally choose keys they can write on keyboard. These passwords use only 6 to 7 bits per character(or less). It is highly recommended to use some kind of transformation(like this function)to the user supplied key.

参数

$hash

The hash ID used to create the key. One of theMHASH_hashnameconstants.

$password

An user supplied password.

mhash_keygen_s2k() - mhash库（加密）

$salt

Must be different and random enough for every key you generate in order to create different keys. Because$saltmust be known when you check the keys, it is a good idea to append the key to it. Salt has a fixed length of 8 bytes and will be padded with zeros if you supply less bytes.

$bytes

The key length, in bytes.

返回值

Returns the generated key as a string, orFALSEon error.

I looked into mhash and PHP source code and I've ported this function to pure PHP:

Correction to ray ferguson post,
As said in the doc : "mhash_keygen_s2k generates a key that is bytes long, from a user given password and use the specified hash algorithm to create the key." if It wasn't clear to anyone.
The non mhash function is good as long you do not need a key longer than native MD5 hash (16 bytes) it wont give you more.
So the non mhash function work OK but they ARE NOT the same thing.
Just try ray ferguson exemple asking for a 32 bytes key.
Returning a substring longer than the packed 16 bytes string won't add anything to the string. Salted S2K algorithm does add to the key. So better use mhash lib or create something more alike the RFC 2440 specs.
I know the post is late on regard to Ray's post but if it can help someone not waisting time like me.

// given random 8 bits of salt and a clear text password
$clear_pw = "p4ssw0rd" ;
$rand8bites4salt = substr(pack("h*", md5(mt_rand())) , 0, 8);
// This
mhash_keygen_s2k(MHASH_MD5, $clear_pw, $rand8bites4salt, 4) ;
//is the same as this
function myhash_keyge_s2k($pass, $salt, $bytes ){
   return substr(pack("H*", md5($salt . $pass)), 0, $bytes);
}
myhash_keyge_s2k($clear_pw, $rand8bites4salt, 4);
// But the latter doesn't require mhash libs.
// -ray ferguson

内容声明：本文中引用的各种信息及资料（包括但不限于文字、数据、图表及超链接等）均来源于该信息及资料的相关主体（包括但不限于公司、媒体、协会等机构）的官方网站或公开发表的信息。部分内容参考包括:(百度百科,百度知道,头条百科,中国民法典,刑法,牛津词典,新华词典,汉语词典,国家院校,科普平台)等数据,内容仅供参考使用,不准确地方联系删除处理！本站为非盈利性质站点,本着为中国教育事业出一份力,发布内容不收取任何费用也不接任何广告!)