Page 1 of 1

Help with encryption routine

Posted: Thu Sep 08, 2005 8:50 pm
by Bobbafett_666
Hello,
I am relatively new to PHP and currently I am in the middle of migrating a small Web App developed in ASP.NET with C# to PHP 5.
My problem is that there is a small routine that encrypts passwords that I need to migrate over to PHP. The original code reads:

public static String Encrypt(String pValue)
{
byte[] aClearBytes = new UnicodeEncoding().GetBytes(pValue);
byte[] aHashedBytes = ((HashAlgorithm)CryptoConfig.CreateFromName("MD5")).ComputeHash(aClearBytes);
return(BitConverter.ToString(aHashedBytes));
}

I would really appreciayte it very much if you can help me translate this code over to PHP

Thanks a lot

BobbaFett_666

Posted: Thu Sep 08, 2005 11:13 pm
by feyd
very simple!

Code: Select all

class foo
{

  static function Encrypt($aString)
  {
    return md5($aString);
  }

}
I'm assuming it's returning a hex-hash?

Posted: Fri Sep 09, 2005 11:16 pm
by Bobbafett_666
Hi,
I tried that (that was my first bet) but the results are different.
In .NET the code transforms the data as follows:

Lets assume that the string being passed as parameter is "MyPassword" so we have:

1.- pValue = "MyPassword"

2.- byte[] aClearBytes = new UnicodeEncoding().GetBytes(pValue);
returns a byte array with the following values:
77, 0, 121, 0, 80, 0, 97, 0, 115, 0, 115, 0, 119, 0, 111, 0, 114, 0, 100, 0

3.- byte[] aHashedBytes = ((HashAlgorithm)CryptoConfig.CreateFromName("MD5")).ComputeHash(aClearBytes);
takes that array of bytes and transforms it into:
51, 189, 240, 9, 241, 204, 53, 131, 20, 208, 109, 54, 63, 181, 232, 242

4.- BitConverter.ToString(aHashedBytes)
Takes the Hashed value (another array of bytes) and then returns a String of hexadecimal pairs separated by hyphens where each pair represents the corresponding element in the array:
33-BD-F0-09-F1-CC-35-83-14-D0-6D-36-3F-B5-E8-F2

In PHP code I am able to get the first array by just applying a srt_split to the original String, getting the ord( ) of each charater an inserting 0's between values.
The 'problem' here is that md5 only accepts Strings not arrays, not even running the resulting array through an implode() first gets me the second string :(

Bobbafett_666

Posted: Fri Sep 09, 2005 11:24 pm
by feyd
the .Net code operates on strings, and it returns a single MD5 hash, broken into an array. See in order to hash something, C-like languages require a byte stream. PHP handles those components by itself. PHP returns the exact same thing, expect for the hyphens. The following will do just that. (You may need to use strtoupper() if you want an exact match)

Code: Select all

class foo
{

  static function Encrypt($aString)
  {
    return implode('-',str_split(md5($aString),2));
  }

}

Posted: Fri Sep 09, 2005 11:42 pm
by feyd
of course.. that doesn't add the 16bit unicode data which I just noticed....

Code: Select all

class foo
{

  static function Encrypt($aString)
  {
    return implode('-',str_split(strtoupper(md5(implode(chr(0),str_split($aString,1)).chr(0))),2));
  }

}
that's tested to be exactly matching your output.

Posted: Sat Sep 10, 2005 12:04 am
by Bobbafett_666
RIGHT!
Actually I was able to get the same result in few more steps... but basically the same as your compact line of code:

$aStr = "MyPassword";
$arr1 = str_split($aStr);
$aUnicodeStr = "";
foreach ($arr1 as $value) {
$aUnicodeStr .= $value;
$aUnicodeStr .= chr(0);
}
print strtoupper(implode('-', str_split(md5($aUnicodeStr), 2) )) ;

THANKS A LOT !!!!!!!!!!!!!! :-)

Posted: Sat Sep 10, 2005 9:19 am
by raghavan20
I am just curious why you are converting your ASP.Net application to PHP 5. :)

Posted: Sat Sep 10, 2005 12:45 pm
by Bobbafett_666
Hi,
Because seems to be not too many afforable ASP.NET/MySql hosting services out there. With PHP/MySql there are a lot more hosting services to choose from, including a HUGE number of offshore hosting companies :wink:

Bobbafett_666