How to create and verify SSHA hash using PHP
There are so many hash. SHA1 is one of them which is widely used in recent years even though it is not safe to use right now. By the way, it is still the default hash function for storing password in LDAP especially OpenLDAP. In order to develop a website with LDAP authentication manually against POSIX account, SSHA hash function or SHA1 is the easiest solution.
Below are 2 functions for encoding given text to SSHA including {SSHA} and another one for verifying given text against SSHA hash.
function ssha_encode($text) { for ($i=1;$i<=10;$i++) { $salt .= substr('0123456789abcdef',rand(0,15),1); } $hash = "{SSHA}".base64_encode(pack("H*",sha1($text.$salt)).$salt); return $hash; } function ssha_check($text,$hash) { $ohash = base64_decode(substr($hash,6)); $osalt = substr($ohash,20); $ohash = substr($ohash,0,20); $nhash = pack("H*",sha1($text.$osalt)); return $ohash == $nhash; }
For example, I would like to encode a password "test". One possible encrypted hash is {SSHA}5s6PB5P6KET18sZLycLKKNBFf71jMzkzNzk4Yzg2.
$password = "test"; $hash = ssha_encode($password); print "$hash\n"; print var_export(ssha_check($password,$hash),true);
- sugree's blog
- 4365 reads
Reply
User login
Active forum topics
Navigation
Who's online
There are currently 0 users and 39 guests online.
Syndicate
Recent comments
2 years 11 weeks ago
2 years 15 weeks ago
2 years 16 weeks ago
2 years 16 weeks ago
2 years 17 weeks ago
2 years 19 weeks ago
2 years 19 weeks ago
2 years 19 weeks ago
2 years 19 weeks ago
2 years 20 weeks ago