堆栈内存溢出
  简体   繁体   English

将加密文本存储在数据库中,根据密码查询和解密

[英]Store encrypted texts in the database , query and decrypt it back base on password

 原文  2021-10-08 18:14:00       php/ laravel/ laravel-5/ encryption/ cryptography

问题描述

I'm trying to store an encrypted text in my database, but I have no idea how to decrypted it back.我试图在我的数据库中存储一个加密的文本,但我不知道如何将它解密回来。 I've tried我试过了

$salt   = 'c0d4#';
$pepper ='nsa-cia-fbi'; // secret text

$pwd_peppered = hash_hmac("sha256", $salt, $pepper);
$pwd_hashed = password_hash($pwd_peppered, PASSWORD_ARGON2ID);

echo($pwd_hashed);

// right password hash 
$pwd_hashed = '$argon2id$v=19$m=65536,t=4,p=1$QnVpT1Rqay5WSmIvRW1HZg$rgx+DWPl5bvjwlr7plnOjnE1Sf8lim01pwb6lHGzEaU';

//wrong password hash : for testing purposes 
$pwd_hashed_wrong = '$argon2id$v=19$m=65536,t=4,p=1$QnVpT1Rqay5WSmIvRW1HZg$rgx+DWPl5bvjwlr7plnOjnE1Sf8lim01pwb6lHGzEaU-wrong-!!';

if (password_verify($pwd_peppered, $pwd_hashed)) {
    echo "Password matches.";

   // I am inside this block of codes, but ... 
   // no idea how to decrypt and get my text back ... 😵



}
else {
    echo "Password incorrect.";
}

2 个解决方案

解决方案1
 1  2021-10-08 18:17:37

you cannot decrypt a hashed text, if you want to make a password verification you have to hash the password entered by the user and test it with the hash of the real password (see if the 2 hash are equaled or not )您无法解密散列文本,如果您想进行密码验证,您必须将用户输入的密码 hash 与真实密码的 hash 进行测试(查看 2 hash 是否相等)

解决方案2
 1  2021-10-08 18:37:46

there is two concepts, hash and encrypt .有两个概念, hashencrypt when you hash a string, you can not turn it back to the original string.当你 hash 一个字符串时,你无法将它转回原来的字符串。 passwords must be hashed and then you are allowed to store them.密码必须经过哈希处理,然后您才可以存储它们。 If you encrypt a string you can turn result back to original string.如果您加密一个字符串,您可以将结果恢复为原始字符串。 In laravel you can use Illuminate\Support\Facades\Crypt class. there is an example:在 laravel 你可以使用Illuminate\Support\Facades\Crypt class。有一个例子:

<?php

namespace App\Http\Controllers;

use App\User;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;

class UserController extends Controller
{
    /**
     * Store a secret message for the user.
     *
     * @param  Request  $request
     * @param  int  $id
     * @return Response
     */
    public function storeSecret(Request $request, $id)
    {
        $user = User::findOrFail($id);

        $user->fill([
            'secret' => encrypt($request->secret)
        ])->save();
    }
}

or或者

use Illuminate\Support\Facades\Crypt;

$encrypted = Crypt::encryptString('Hello world.');

$decrypted = Crypt::decryptString($encrypted);

as mentioned in this documentation by laravel .laravel文档中所述。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP-解密加密密码 - PHP - decrypt encrypted password 如何使用 Codeigniter 从数据库中解密加密密码 - How to Decrypt an Encrypted Password from Database using Codeigniter 如何在Microsoft SQL数据库中存储加密的数据并检索并解密 - How to store encrypted data in microsoft sql database and retrieve it and decrypt it 在 php 中加密并尝试在 VB 中解密的密码 - Password encrypted in php and trying to decrypt in VB 通过密码和 openssl_decrypt 解密加密的私钥 - decrypt encrypted private key by password and openssl_decrypt 将密码加密后发送到SQL数据库 - Send password as encrypted to SQL database 更新MySQL数据库中的加密密码 - update encrypted password in MySQL database 将数据库中的普通密码转换为 Laravel 加密密码 - Converting plain password in database to Laravel encrypted password 试图通过php解密我用javav加密的密码 - trying to decrypt via php a password that i encrypted with javav 如何在用 crypt 加密的 PHP 中解密密码字符串? - How can I decrypt password string in PHP which was encrypted with crypt?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM