ansaurus

Question

How do I sha1 hash hex values correctly in PHP?

Answer 1

A:

This works:

function strToHex($string)
{
    $hex='';
    for ($i=0; $i < strlen($string); $i++)
    {
        $hex .= dechex(ord($string[$i]));
    }
    return $hex;
}
echo sha1(strToHex("3FF4E525982052700163006800750079006900000074289610099DC9010074A0D7DB0B9DC9014D007900470072006F007500700000002F000000"));

>> 5b102a482247fef726843f214f8a81b1627bb634

ryeguy 2009-03-05 15:13:09

i am not sure here, but wouldn't you want to iterate the string in reverse order from your example code? something more like: for ($i = strlen($string); $i> 0 ; $i++)

popcnt 2009-03-05 15:45:45

No... infinite loop. i will always be larger than 0.

lynn 2009-03-05 15:50:59

I think this example is the strangest of all the suggestions. dechex(ord()) seems totally unlogical in this case. ord() converts every single hexcharacter into ascii, which is then converted back to hex. what's the point of that, exactly?

Emil H 2009-03-05 16:15:18

every single hexcharacter into the converting ascii code, that is. just to avoid any missunderstandings.

Emil H 2009-03-05 16:16:32

Answer 2

+1 A:

Yossarian 2009-03-05 15:13:44

Answer 3

+2 A:

Unfortunately this doesn't give you the correct value either, but it might point you in the right direction. Either way it's a much better idea to actually convert the hex code to a binary string before hashing it. Like this:

$str = "3F F4 E5 25 98 20 52 70 01 63 00 68 00 75 00 79 00 69 00 00 00 74 28 96 10 09 9D C9 01 00 74 A0 D7 DB 0B 9D C9 01 4D 00 79 00 47 00 72 00 6F 00 75 00 70 00 00 00 2F 00 00 00";

// Create an array where each entry represents a single byte in hex
$arr = explode(" ", $str);
// Convert the hex to decimal
$arr = array_map("hexdec", $arr);
// Convert the decimal number into the corresponding ASCII character
$arr = array_map("chr", $arr);

// Implode the array into a string, and hash the result
$result = sha1(implode($arr));

echo $result."\n";

The result is fa3ebc158305d09443b4315d35c0eee5aa72daef, which is what vartecs code produces as well. I think there's some aspect of how the correct reference is calculated that we don't know, because the approach used here and by vartec is definitely the most logical way to do it based on the facts that we do know.

Emil H 2009-03-05 15:14:48

And? What's the output?

Welbog 2009-03-05 16:21:07

Answer 4

+2 A:

$hexes = "3F F4 E5 25 98 20 52 70 01 63 00 68 00 75 00 79 00 69 00 00 00 74 28 96 10 09 9D C9 01 00 74 A0 D7 DB 0B 9D C9 01 4D 00 79 00 47 00 72 00 6F 00 75 00 70 00 00 00 2F 00 00 00";
$hexes = split(' ',$hexes);
$hexes = array_map('hexdec',$hexes);
$hexes = call_user_func_array('pack',array_merge(array('C*'),$hexes));
echo sha1($hexes);

BTW. you can achieve same thing by passing it in another format:

$hexes = "\x3F\xF4\xE5\x25\x98\x20\x52\x70\x01\x63\x00\x68\x00\x75\x00\x79\x00\x69\x00\x00\x00\x74\x28\x96\x10\x09\x9D\xC9\x01\x00\x74\xA0\xD7\xDB\x0B\x9D\xC9\x01\x4D\x00\x79\x00\x47\x00\x72\x00\x6F\x00\x75\x00\x70\x00\x00\x00\x2F\x00\x00\x00";
echo sha1($hexes);

vartec 2009-03-05 15:21:04

Answer 5

+2 A:

Something is very wrong here. SHA1 digests are 160 bits, which is 20 hexadecimal numbers, which is represented by 40 characters. The value you're expecting is 32 characters, which means it's not a SHA1 digest - or something else is missing that I don't yet understand.

Peter Bailey 2009-03-05 15:25:11

Sorry about the misinformation, edited question with correct "expected" value.

lynn 2009-03-05 15:31:40

Answer 6

+1 A:

You can use the pack function to convert the hexadecimal string into binary:

$bin = pack('H*', preg_replace('/[^0-9a-fA-F]+/', '', $hex));

Gumbo 2009-03-05 16:56:16

This gives me the same results as emil's suggestion.

lynn 2009-03-05 17:04:10

Answer 7

A:

Turned out that I needed to use hash_hmac() with a validation key rather than sha1().

lynn 2009-03-09 17:54:49

ansaurus

tags:

views:

answers:

How do I sha1 hash hex values correctly in PHP?

related questions