Php 简明教程

PHP – Hashing

“哈希” 一词表示一种对数据(特别是文本)进行加密以获得固定长度值的技术。PHP 库包含许多函数,可以通过应用不同的哈希算法(例如 md5、SHA2、HMAC 等)对数据执行哈希。获得的加密值称为原始密钥的哈希。

The term "hashing" represents a technique of encrypting data (specially a text) to obtain a fixed-length value. PHP library includes a number of functions that can perform hashing on data by applying different hashing algorithms such as md5, SHA2, HMAC etc. The encrypted value obtained is called as the hash of the original key.

哈希处理是一个单向过程,从某种意义上说,无法对哈希进行反转,因而无法获取原始键。

Processing of hashing is a one-way process, in the sense, it is not possible to reverse the hash so as to obtain the original key.

Applications of Hashing

哈希技术被有效用于以下目的:

The hashing technique is effectively used for the following purposes −

Password Authentication

我们通常会注册各种在线应用程序,例如 gmail、Facebook 等。您需要填写一个表格,您在其中为在线帐户创建密码。服务器会对您的密码进行哈希,哈希值存储在数据库中。当您登录时,提交的密码会被哈希,并与数据库中的密码进行比较。这让你的密码不会被盗用。

We often register for various online applications such as gmail, Facebook etc. You are required to fill up a form wherein you create a password for an online account. The server hashes your password and the hashed value is stored in the database. At the time of logging in, the password submitted is hashed and compared with the one in the database. This protects your password from being stolen.

Data Integrity

哈希的一个重要用途是验证数据没有被篡改。当您从互联网下载文件时,它会显示给您哈希值,您可以用此哈希值来与下载的文件进行对比,确保文件没有被破坏。

One of the important uses of hashing is to verify if the data has not been tampered with. When a file is downloaded from the internet, you are shown its hash value, which you can compare with the downloaded to make sure that the file has not been corrupted.

The Process of Hashing

可以由下图查看哈希处理过程:

The process of hashing can be represented by the following figure −

php hashing

Hashing Algorithms in PHP

PHP 支持多个哈希算法:

PHP supports a number of hashing algorithms −

  1. MD5 − MD5 is a 128-bit hash function that is widely used in software to verify the integrity of transferred files. The 128-bit hash value is typically represented as a 32-digit hexadecimal number. For example, the word "frog" always generates the hash "8b1a9953c4611296a827abf8c47804d7"

  2. SHA − SHA stands for Secure Hash Algorithm. It’s a family of standards developed by the National Institute of Standards and Technology (NIST). SHA is a modified version of MD5 and is used for hashing data and certificates. SHA-1 and SHA-2 are two different versions of that algorithm. SHA-1 is a 160-bit hash. SHA-2 is actually a “family” of hashes and comes in a variety of lengths, the most popular being 256-bit.

  3. HMAC − HMAC (Hash-Based Message Authentication Code) is a cryptographic authentication technique that uses a hash function and a secret key.

  4. HKDF − HKDF is a simple Key Derivation Function (KDF) based on the HMAC message authentication code.

  5. PBKDF2 − PBKDF2 (Password-Based Key Derivation Function 2) is a hashing algorithm that creates cryptographic keys from passwords.

Hash Functions in PHP

PHP 库包含多个哈希函数:

The PHP library includes several hash functions −

The hash_algos Function

此函数返回一个数字索引数组,其中包含受支持哈希算法的列表。

This function returns a numerically indexed array containing the list of supported hashing algorithms.

hash_algos(): array

The hash_file Function

该函数返回一个字符串,其中包含计算出的消息摘要,小写十六进制。

The function returns a string containing the calculated message digest as lowercase hexits.

hash_file(
   string $algo,
   string $filename,
   bool $binary = false,
   array $options = []
): string|false

algo 参数是所选哈希算法的类型(即 “md5”、“sha256”、“haval160,4”等)。 filename 是描述待哈希文件位置的 URL;支持 fopen 包装器。

The algo parameter is the type of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4", etc.). The filename is the URL describing location of file to be hashed; supports fopen wrappers.

Example

请看以下示例:

Take a look at the following example −

<?php
   /* Create a file to calculate hash of */
   $fp=fopen("Hello.txt", "w");
   $bytes = fputs($fp, "The quick brown fox jumped over the lazy dog.");
   fclose($fp);
   echo hash_file('md5', "Hello.txt");
?>

它将生成以下 output

It will produce the following output

5c6ffbdd40d9556b73a21e63c3e0e904

The hash() Function

hash() 函数生成哈希值(消息摘要):

The hash() function generates a hash value (message digest) −

hash(
   string $algo,
   string $data,
   bool $binary = false,
   array $options = []
): string

algo 参数是所选哈希算法的类型(即 “md5”、“sha256”、“haval160,4”等)。 data 参数是要进行哈希处理的消息。如果 binary 参数为 true ,它将输出原始二进制数据;“false” 输出小写十六进制。

The algo parameter is the type of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4", etc..). The data parameter is the message to be hashed. If the binary parameter is "true", it outputs raw binary data; "false" outputs lowercase hexits.

Example

该函数返回一个字符串,其中包含计算出的消息摘要,小写十六进制。

The function returns a string containing the calculated message digest as lowercase hexits.

<?php
   echo "Using SHA256 algorithm:" . hash('sha256', 'The quick brown fox jumped over the lazy dog.'). PHP_EOL;
   echo "Using MD5 algorithm:",hash('md5', 'The quick brown fox jumped over the lazy dog.'), PHP_EOL;
   echo "Using SHA1 algorithm:" . hash('sha1', 'The quick brown fox jumped over the lazy dog.');
?>

它将生成以下 output

It will produce the following output

Using SHA256 algorithm:68b1282b91de2c054c36629cb8dd447f12f096d3e3c587978dc2248444633483
Using MD5 algorithm:5c6ffbdd40d9556b73a21e63c3e0e904
Using SHA1 algorithm:c0854fb9fb03c41cce3802cb0d220529e6eef94e