用户
 找回密码
 入住 CI 中国社区
搜索
查看: 9426|回复: 4
收起左侧

翻译后的Encryption Class(加密类)【1】

[复制链接]
发表于 2007-12-24 09:55:40 | 显示全部楼层 |阅读模式
Encryption Class(加密类)

The Encryption Class provides two-way data encryption. It uses a scheme that pre-compiles the message using a randomly hashed bitwise XOR encoding scheme, which is then encrypted using the Mcrypt library. If Mcrypt is not available on your server the encoded message will still provide a reasonable degree of security for encrypted sessions or other such "light" purposes. If Mcrypt is available, you'll effectively end up with a double-encrypted message string, which should provide a very high degree of security.
这个加密类提供了两种数据加密的方法。首先它使用一些随机的无顺序的逐位异或xor直接交换数值的编码方案预先编译一些信息,然后再将它们放在隐蔽的类似Mcrypt的地方。如果这个Mcrypt 不是可利用的,会给您的服务器编码消息轻巧的加密,将会提供合理安全程度。如果这个Mcrypt 是可以使用的,最终你可以获得一个被双重加密的字符串,这样加密的话,会使你的信息非常安全
Setting your Key

A key is a piece of information that controls the cryptographic process and permits an encrypted string to be decoded. In fact, the key you chose will provide the only means to decode data that was encrypted with that key, so not only must you chose the key carefully, you must never change it if you intend use it for persistent data.
钥匙实际上是一些会控制密码加密过程并且允许被加密的字串被解码的信息片段。实际上,你选择的钥匙会提供一个唯一的方法来解密一些被加密的数据,所以你需要非常谨慎的设置你的钥匙,如果你想给一些固定的数据加密的话,你最好不要更改这个钥匙。
It goes without saying that you should guard your key carefully. Should someone gain access to your key, the data will be easily decoded. If your server is not totally under your control it's impossible to ensure key security so you may want to think carefully before using it for anything that requires high security, like storing credit card numbers.
很自然,你需要非常小心的保守你的钥匙。如果某人对您的钥匙能够存取,那么数据将会很容易地被解码。如果您的服务器不完全在的您的控制之下而想保证数据安全是不可能的,因此您可以在使用它之前仔细地想一下要求高安全存放信用卡数字对象。
 楼主| 发表于 2007-12-24 09:56:53 | 显示全部楼层

翻译后的Encryption Class(加密类)【2】

To take maximum advantage of the encryption algorithm, your key should be 32 characters in length (128 bits). The key should be as random a string as you can concoct, with numbers and uppercase and lowercase letters. Your key should not be a simple text string. In order to be cryptographically secure it needs to be as random as possible.
为了发挥加密算法的最大优势,你的解密钥匙需要被设置为32个字符长度为128比特。你可以设置一个编造的随机字符串作为你的钥匙,最好包括数字、大写字母、小写字母。你的钥匙不能设置为一个简单的文本字符串。为了被安全可靠的加密,它也有一个随机的可能性。
Your key can be either stored in your application/config/config.php, or you can design your own storage mechanism and pass the key dynamically when encoding/decoding.
你的钥匙可以放在application/config/config.php文件中,你也可以自己设置一个存储机制用于数据的加密和解密。
To save your key to your application/config/config.php, open the file and set:
为了在application/config/config.php文件中保存你的钥匙,打开文件设置一下:
$config['encryption_key'] = "YOUR KEY";
Message Length
It's important for you to know that the encoded messages the encryption function generates will be approximately 2.6 times longer than the original message. For example, if you encrypt the string "my super secret data", which is 21 characters in length, you'll end up with an encoded string that is roughly 55 characters (we say "roughly" because the encoded string length increments in 64 bit clusters, so it's not exactly linear). Keep this information in mind when selecting your data storage mechanism. Cookies, for example, can only hold 4K of information.
知道加密信息的长度会是原来函数长度的2.6倍是很重要的。如果你加密这个字符串“my super secret data”,它的长度是21个字符,所以你加密后的字符串的长度大概是55个字符(我们说它是粗糙的,因为编码的字符串长度增量64比特并非是线性增长的),当你选择你的数据存储机制的时候一定要记住这一点。例如,Cookies可以占用4k的数据空间信息。
Initializing the Class
Like most other classes in CodeIgniter, the Encryption class is initialized in your controller using the $this->load->library function:
在Codeigniter中,像大多数其他的类一样,加密类也需要在你的控制器函数中加载
$this->load->library('encrypt');
Once loaded, the Encrypt library object will be available using:
一旦被加载,这个加密的类库就可以这样使用:$this->encrypt
$this->encrypt->encode()
Performs the data encryption and returns it as a string. Example:
执行数据加密并返回一个字符串。例如:
$msg = 'My secret message';

$encrypted_string = $this->encrypt->encode($msg);
You can optionally pass your encryption key via the second parameter if you don't want to use the one in your config file:
如果你不想在你的配置文件中使用一个钥匙,你可以通过第二个参数
随意设置你的钥匙。
$msg = 'My secret message';


$key = 'super-secret-key';

$encrypted_string = $this->encrypt->encode($msg, $key);
$this->encrypt->decode()
Decrypts an encoded string. Example:
解译一个被加密的字符串,例如:
$encrypted_string = 'APANtByIGI1BpVXZTJgcsAG8GZl8pdwwa84';

$plaintext_string = $this->encrypt->decode($encrypted_string);
$this->encrypt->set_cipher();
Permits you to set an Mcrypt cipher. By default it uses
允许你设置一个Mcrypt密码。默认使用
MCRYPT_RIJNDAEL_256. Example:
$this->encrypt->set_cipher(MCRYPT_BLOWFISH);
Please visit php.net for a list of available ciphers.
请访问php.net看一下可用的密码。
If you'd like to manually test whether your server supports Mcrypt you can use:
如果你想手动测试一下你的服务器是否支持Mcrypt,你可以这样使用:
echo ( ! function_exists('mcrypt_encrypt')) ? 'Nope' : 'Yup';
$this->encrypt->set_mode();
Permits you to set an Mcrypt mode. By default it uses
允许你设置一个Mcrypt模型。默认使用
MCRYPT_MODE_ECB. Example:
$this->encrypt->set_mode(MCRYPT_MODE_CFB);
Please visit php.net for a list of available modes.
$this->encrypt->sha1();
SHA1 encoding function. Provide a string and it will return a 160 bit one way hash. Note: SHA1, just like MD5 is non-decodable. Example:
SHA1编码函数。它提供一个字符串并返回一个160字节的杂乱信息。说明:SHA1,就像MD5一样不用解密的
$hash = $this->encrypt->sha1('Some string');
Many PHP installations have SHA1 support by default so if all you need is to encode a hash it's simpler to use the native function:
许多PHP安装程序默认都支持SHA1,所以你可以很简单的使用它的原始函数进行加密。
$hash = sha1('Some string');
If your server does not support SHA1 you can use the provided function.
如果你的服务器不支持SHA1,你可以使用别人提供的函数。
发表于 2007-12-24 10:40:24 | 显示全部楼层
非常感谢对CI中文化的支持,传到WIKI上去了吗?加精!!!!
发表于 2007-12-24 13:36:52 | 显示全部楼层
我也前来感谢楼主的贡献!
 楼主| 发表于 2007-12-24 15:52:15 | 显示全部楼层
不客气啦。。
呵呵。。能给大家带来方便我就满意啦。。有时间还会翻译一些,奉献大家。。

本版积分规则