如何改进PHP的NONCE库?
[英]How can I improve this NONCE library for PHP?
问题描述
This is the first time I've worked with nonces, so I downloaded the script from http://fullthrottledevelopment.com/php-nonce-library . 
这是我第一次使用nonce,所以我从http://fullthrottledevelopment.com/php-nonce-library下载了这个脚本。 I did not like the code, especially because there's a chance of a legitimate request being treated as invalid because the function works in intervals of a defined amount of time (default is 300 seconds). 我不喜欢这些代码,特别是因为合法请求被视为无效,因为该函数在定义的时间间隔内工作(默认为300秒)。
For example, we could be 299 seconds into the 300 seconds when the nonce is generated, so the nonce would only work for 1 second. 例如,我们可以在生成随机数的300秒内299秒,因此现时只能工作1秒。
I modified the library into the following functions. 我将库修改为以下函数。 What I did was check for the current interval and the previous interval by using nonce_create(time()-NONCE_DURATION)==$nonce . 我做的是使用nonce_create(time()-NONCE_DURATION)==$nonce检查当前间隔和上一个间隔。 Are there ways to further improve the functions?: 有没有办法进一步改善功能?:
define( 'NONCE_UNIQUE_KEY' , '123123' );
define( 'NONCE_DURATION' , 300 );
function nonce_create($time=false){
if(!$time)
$time=time();
$i=ceil($time/(NONCE_DURATION));
return substr(md5($i.NONCE_UNIQUE_KEY),-12,10);
}
function nonce_is_valid($nonce){
if (nonce_create()==$nonce || nonce_create(time()-NONCE_DURATION)==$nonce)
return true;
return false;
}
Also, I have two questions regarding the original library: 另外,我对原始库有两个问题:
- Why isn't
NONCE_UNIQUE_KEYused?为什么不使用NONCE_UNIQUE_KEY? Did the author simply forget?作者是否完全忘了? - Why does the author divide by two here:
$i = ceil( time() / ( FT_NONCE_DURATION / 2 ) );为什么作者在这里除以2: $i = ceil( time() / ( FT_NONCE_DURATION / 2 ) );, it only works for half the time then (I tried it),它只有一半的时间工作(我尝试过)
1 个解决方案
解决方案1
1 已采纳 2012-07-30 21:54:51
This produces a Nonce, however it is not a cryptographic nonce. 这会产生一个Nonce,但它不是一个加密的nonce。 The value that this library produces must never be used for security because it is heavily dependent on the use of time. 此库生成的值绝不能用于安全性,因为它严重依赖于时间的使用。 The attacker knows the current time, and knows your server time because its in the http response header. 攻击者知道当前时间,并且知道您的服务器时间,因为它在http响应头中。 Also md5()'s prng output isn't as random as it should be. 另外md5()的prng输出并不像应该的那样随机。 There are many known vulnerabilities against md5, and it should never be used for security. 针对md5存在许多已知漏洞,并且绝不应该将其用于安全性。 Also 10 bytes of base 16 pretty small, 16 bytes of base256 would be ideal. 另外10个字节的基本16非常小,16个字节的base256将是理想的。
If you need a unique value that is reasonably hard to guess then this will work in most cases: 如果您需要一个难以猜测的独特值,那么在大多数情况下这将起作用:
sha1(uniqeid(mt_rand(),true));
However, this is less than ideal. 但是,这不太理想。 the output is base16 which is very wasteful of space. 输出是base16,非常浪费空间。 uniqeid() still uses time, however there are other sources of entropy in the resulting value. uniqeid()仍然使用时间,但结果值中还有其他熵源。
By far the best source of entropy for a web application is /dev/urandom and use fopen() to access it and read out 16 bytes of the base256 contents. 到目前为止, Web应用程序的最佳熵源是/dev/urandom并使用fopen()来访问它并读出16个字节的base256内容。 /dev/urandom is an entropy store that gathers sources of randomness from the operation system, its hardware, and the behavior of all applications on the system. / dev / urandom是一个熵存储,它从操作系统,其硬件和系统上所有应用程序的行为中收集随机源。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.