你能在PHP中获得这个相同的Java SHA-1吗? [英] Can you get this same Java SHA-1 in PHP please?
问题描述
我发现自己需要将网站平台从Java更改为PHP,但我想保留所有用户的密码......
我有这段代码在将哈希值作为密码写入网站之前,先进行密码散列:
MessageDigest md = null;
md = MessageDigest.getInstance(SHA);
md.update(plaintext.getBytes(UTF-8));
byte raw [] = md.digest();
hash = new Base64()。encodeToString(raw).replaceAll(\ n,).replaceAll(\r,);
我认为Java代码对密码进行了SHA-1哈希处理,但在此之前它是字节编码为UTF-8,然后是Base64编码。
我想要一个PHP代码执行相同的操作,即返回相同的散列值与Java中相同的密码,只有看起来我执行SHA-1哈希的PHP代码不会返回与Java Base64解码值相比SHA(-1,不是Base64编码,我认为?)的值散列......这可能与我在PHP中的密码首先不是UTF-8字节编码(以及如何在PHP中执行此操作)有关吗?
另一个奇怪的事情是...我在Java中的密码长度都是28个字符(通常类似于
rnwn4zTNgH30l4pP8V05lRVGmF4 =
)...但这些密码散列值的 Base64()。decode(hash)
值为10个字符长(示例 [B @ 14e1f2b
)。 我是ght Base64为每3个章程做了额外的1个字符(28或27,不包括padding = charter,比这10个字符多三分之一),所以我在做解码调用时可能会错误地发生错误???
最重要的是,PHP中的SHA-1密码哈希值是40个字符长(在UTF-8 mysql数据库中),比如 dd94709528bb1c83d08f3088d4043f4742891f4f
?
[B @ 14e1f2b
is绝对不是哈希。这是隐式转换从 byte []
到 String
的结果。
它看起来像你这样做:
字符串decodeHash = Base64()。decode(hash); //生成[B @ 14e1f2b
但是,散列的正确表示形式是一个字节数组:
byte [] decodedHash = Base64()。decode(hash);
I find myself in a need to change website platforms from Java to PHP but I'd like to keep all my user's passwords...
I had this code do the password hashing prior to writting the hashed value as the password to the website:
MessageDigest md = null;
md = MessageDigest.getInstance("SHA");
md.update(plaintext.getBytes("UTF-8"));
byte raw[] = md.digest();
hash = new Base64().encodeToString(raw).replaceAll("\n", "").replaceAll("\r", "");
I think the Java code did SHA-1 hashing of the password but just prior to that it was byte encoded to UTF-8 and afterwards it was Base64 encoded.
I'd like to have a PHP code do the same, i.e. return the same value of a hash for the same password as in Java, only it seems that the PHP code doing SHA-1 hashing I have won't return the same SHA(-1, not Base64 encoded, I think?) value when compared to a Java Base64 decoded value of the hash...could it have something to do with the fact that my passwords in PHP are not UTF-8 byte encoded first (and how can I do that in PHP) please?
p.s.
Another strange thing...my passwords in Java are all 28characters long (usually something like this rnwn4zTNgH30l4pP8V05lRVGmF4=
)...but the Base64().decode(hash)
value of those password hashes is 10 characters long (an example [B@14e1f2b
).
I thought Base64 did an additional 1 character to each 3 charters (28 or 27, excluding the padding = charter, is much more that a third larger than those 10 charcters) so am I doing the decoding call wrong somehow maybe???
And on top of all that the SHA-1 password hashed values in PHP are 40 characters long (in a UTF-8 mysql database) like so dd94709528bb1c83d08f3088d4043f4742891f4f
?
[B@14e1f2b
is definitely not a hash. It's a result of implicit conversion from byte[]
to String
.
It looks like you do something like this:
String decodedHash = Base64().decode(hash); // Produces [B@14e1f2b
However, the correct representation of the hash is a byte array:
byte[] decodedHash = Base64().decode(hash);
这篇关于你能在PHP中获得这个相同的Java SHA-1吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!