Hi everyone 8)

I'm new around here but thought it's about time I joined a good PHP forum! I'll introduce myself properly on the right section, but for now, I'll my post my coding problem on here. I wonder if any has any knowledge or can help.

I'm setting up a connection from my web server to a potential data supplier web server, which involves a load of encryption. One of the stages is generating a SHA1 hash of an encrypted string.

Now I've got some old example code, however the "mhash" function used in this old code appears to obsolete. Thus is doesn't work.

I've tried using the available "sha1" and "hash" functions but cannot replicate the hashed output they provide.

Here's the original code:

$encrypted_string = "B0436CBFBC5CAAFB7339AF4A1DF845974D53B9D369146E2E4F1451929D9EBE254363E983F4F94517EB9585FDB112E7B1CCE11A33C5BBA23F8D5DE9D3415BA526489AC796A36FBA76D4293C8DFB673708CED10C9732EEC472D9E43D2626AA104121666E79DD8F2FF6BAC0143BD62E0EE826AF6459779C162613508D48BFE2FC8DD558A1834D7205F96EA8D446E9B371E78E990A3995B1052DCBA9CA0AF99CC77ED2A8B55B2B882BA29D4BB4B07FA91AB4D2F10FBB93732B077335A7E6D96FE813AEDC3711A85CD0C13AE22B28C14FCCE3AF4C1F5D2C0F7697DEC7487CCFC0ED4E77B1B65F39BAD5236E3D3C69D33FC484";

$hashBinaryValue = mhash(MHASH_SHA1, $encrypted_string);
$hashValue = bin2hex($hashBinaryValue);
echo 'hashValue='.$hashValue.'<br>';

The example hashed output should be:

31f6d26b18d3c04895cdc2cc05cbd9ad003f2d3e

I cannot seem to replicate this output using the available functions? I've tried the following:

$hashBinaryValue = hash('sha1', $encrypted_string);
$hashValue = bin2hex($hashBinaryValue);

This generates:

37333736363862393037313732326265346438396433633236383936363430376434613665363231

And also:

$hashBinaryValue = sha1($encrypted_string);
$hashValue = bin2hex($hashBinaryValue);

Both generate:

37333736363862393037313732326265346438396433633236383936363430376434613665363231

I've found a webpage that can generate the SHA1 hash, but do not know what language they've done it in.
http://www.fileformat.info/tool/hash.htm?hex=B0436CBFBC5CAAFB7339AF4A1DF845974D53B9D369146E2E4F1451929D9EBE254363E983F4F94517EB9585FDB112E7B1CCE11A33C5BBA23F8D5DE9D3415BA526489AC796A36FBA76D4293C8DFB673708CED10C9732EEC472D9E43D2626AA104121666E79DD8F2FF6BAC0143BD62E0EE826AF6459779C162613508D48BFE2FC8DD558A1834D7205F96EA8D446E9B371E78E990A3995B1052DCBA9CA0AF99CC77ED2A8B55B2B882BA29D4BB4B07FA91AB4D2F10FBB93732B077335A7E6D96FE813AEDC3711A85CD0C13AE22B28C14FCCE3AF4C1F5D2C0F7697DEC7487CCFC0ED4E77B1B65F39BAD5236E3D3C69D33FC484

Any help or input would be greatly appreciated =)

Well here is a example code of how to convert a mhash to a sha1 hash by the simple use of the bin2hex function.

<xmp><?php 
$encrypted_string = "some string";
echo sha1($encrypted_string);
echo "\n";
echo bin2hex(mhash(MHASH_SHA1,$encrypted_string));
?></xmp>

You need to use pack() function:

<?php
$e = "B0436CBFBC5CAAFB7339AF4A1DF845974D53B9D369146E2E4F1451929D9EBE254363E983F4F94517EB9585FDB112E7B1CCE11A33C5BBA23F8D5DE9D3415BA526489AC796A36FBA76D4293C8DFB673708CED10C9732EEC472D9E43D2626AA104121666E79DD8F2FF6BAC0143BD62E0EE826AF6459779C162613508D48BFE2FC8DD558A1834D7205F96EA8D446E9B371E78E990A3995B1052DCBA9CA0AF99CC77ED2A8B55B2B882BA29D4BB4B07FA91AB4D2F10FBB93732B077335A7E6D96FE813AEDC3711A85CD0C13AE22B28C14FCCE3AF4C1F5D2C0F7697DEC7487CCFC0ED4E77B1B65F39BAD5236E3D3C69D33FC484";

echo sha1(pack("H*",$e));
?>

bye :)

Thanks for the replies, however I'm not getting the right output from those coding examples.

Using the word "hello" as an example...

echo sha1(pack("H*","hello"));

The output is:

0f28dfede025e7786ec18a62943a80f17bde47fc

I need the output of "hello" to be:

320355ced694aa69924f6bb82e7b74f420303fd9

Can anyone replicate this using a PHP SHA1 hashing function?

I don't understand a thing. The string you posted on the first post is binary hash (hex), "hello" is not binary hash and you should get PHP warnings from that string, something like this for each letter:

PHP Warning:  pack(): Type h: illegal hex digit h

Second: if you write "helloq", "hellok" or whatever character is not hex in that link you posted, you will get the same string you are searching for:

320355ced694aa69924f6bb82e7b74f420303fd9

That script is outputting an error and the string above is an hash of that.
Try for example "hello2a" and "hell2a" you will get the same hash:

9aebada2aeb79fd1294d9df3c2ea782c00d7e61f

This happens because together with the error message got with "hello" and "hell", there is a good value: "2a". Bye.

Please check my code again.

<xmp><?php 
$encrypted_string = "hello";
echo sha1($encrypted_string);
echo "\n";
echo bin2hex(mhash(MHASH_SHA1,$encrypted_string));
?></xmp>

The bin2hex function is used to get the sha1 hash.

cwarn23, you used the tags <xmp> and </xmp> before and after your code. Could you explain what they are for?
Matthew

cwarn23, you used the tags <xmp> and </xmp> before and after your code. Could you explain what they are for?
Matthew

They are just html tags to make the text look pretty literally. Without them the text doesn't look as good and is all on one line.

Thanks all the replies thusfar.

Sorry if I'm not explaining myself properly. I just need to generate a hash of a string. I can generate the right output via a online hashing generator, however I can't replicate the results in PHP.

If the string I want to Hash is:

B0436CBFBC5CAAFB7339AF4A1DF845974D53B9D369146E2E4F1451929D9EBE2542EB232CA97EFCCC3A08AA9215C318D023FBA4F0C63EB9722888E55BC1F9FE08DB30E3B4C071B94E9B1C83303C896B72B8A14D1AD651177B5ACEDE7E620B6E992963185FD9624B230206ADC28BCD3968C926718B8D3D80606594F2084FB992090E3D3A14F26918BB67DBA5EE4854080F412AD74225FCBABCEE7610B53EF7B8AADB177AF9B8701C06CC050C21EAACCF63FAF19B7CBB82BE39B414771641B44D59BBC70B68008256C79E015FB524786F1176660C49E6E2E9689AA8767D3BD9CCA155E9F287FE1F3BE46C801C4EE1D624E03C8AA2741953373684BC99A23835E5FB

The output needs to be:

31F6D26B18D3C04895CDC2CC05CBD9AD003F2D3E

I've tried all suggestions but I'm not getting the right result =/

commented: the string is different from the previous one, but the hash result you want is the same, this is not possibile -1

I give up, my function does the work, now you post the same result but all caps.

<?php
$e = "B0436CBFBC5CAAFB7339AF4A1DF845974D53B9D369146E2E4F1451929D9EBE254363E983F4F94517EB9585FDB112E7B1CCE11A33C5BBA23F8D5DE9D3415BA526489AC796A36FBA76D4293C8DFB673708CED10C9732EEC472D9E43D2626AA104121666E79DD8F2FF6BAC0143BD62E0EE826AF6459779C162613508D48BFE2FC8DD558A1834D7205F96EA8D446E9B371E78E990A3995B1052DCBA9CA0AF99CC77ED2A8B55B2B882BA29D4BB4B07FA91AB4D2F10FBB93732B077335A7E6D96FE813AEDC3711A85CD0C13AE22B28C14FCCE3AF4C1F5D2C0F7697DEC7487CCFC0ED4E77B1B65F39BAD5236E3D3C69D33FC484";

echo sha1(pack("H*",$e)) . "\n"; # 31f6d26b18d3c04895cdc2cc05cbd9ad003f2d3e
echo strtoupper(sha1(pack("H*",$e))) . "\n"; # 31F6D26B18D3C04895CDC2CC05CBD9AD003F2D3E
?>

At least your read about the error you made previously? Good luck.
And the string you posted is different from the previous one, you can't get the same hash from two different strings.

Perhaps the website uses a salt on the hash there by making it hard to validate/compare even if you have the original data. At the moment I'm using brute force to find the salt on 3.2GHz 3 core as that should find if any basic salts if the salt isn't too long. But other than that you will need to find out what salt the website uses.

I give up, my function does the work, now you post the same result but all caps.

<?php
$e = "B0436CBFBC5CAAFB7339AF4A1DF845974D53B9D369146E2E4F1451929D9EBE254363E983F4F94517EB9585FDB112E7B1CCE11A33C5BBA23F8D5DE9D3415BA526489AC796A36FBA76D4293C8DFB673708CED10C9732EEC472D9E43D2626AA104121666E79DD8F2FF6BAC0143BD62E0EE826AF6459779C162613508D48BFE2FC8DD558A1834D7205F96EA8D446E9B371E78E990A3995B1052DCBA9CA0AF99CC77ED2A8B55B2B882BA29D4BB4B07FA91AB4D2F10FBB93732B077335A7E6D96FE813AEDC3711A85CD0C13AE22B28C14FCCE3AF4C1F5D2C0F7697DEC7487CCFC0ED4E77B1B65F39BAD5236E3D3C69D33FC484";

echo sha1(pack("H*",$e)) . "\n"; # 31f6d26b18d3c04895cdc2cc05cbd9ad003f2d3e
echo strtoupper(sha1(pack("H*",$e))) . "\n"; # 31F6D26B18D3C04895CDC2CC05CBD9AD003F2D3E
?>

At least your read about the error you made previously? Good luck.
And the string you posted is different from the previous one, you can't get the same hash from two different strings.

Apologies Cereal, your function did work fine - I was just being an arse and getting things mixed up. It's been a stressful few weeks! So yeah, thank you for the help it's appreciated.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.