Funciones de hash

Tabla de contenidos

  • hash_algos — Devuelve una lista con los algoritmos de cifrado soportados
  • hash_copy — Copia un recurso de contexto de cifrado
  • hash_equals — Comparación de strings segura contra ataques de temporización
  • hash_file — Generar un valor hash usando el contenido de un fichero dado
  • hash_final — Finaliza un contexto incremental y devuelve el resultado cifrado
  • hash_hkdf — Generate a HKDF key derivation of a supplied key input
  • hash_hmac_algos — Return a list of registered hashing algorithms suitable for hash_hmac
  • hash_hmac_file — Genera un valor cifrado mediante una clave especificada usando el método HMAC y el contenido de un fichero dado
  • hash_hmac — Genera un valor cifrado mediante una clave especificada usando el método HMAC
  • hash_init — Iniciar un contexto de hashing incremental
  • hash_pbkdf2 — Genera una derivación de clave PBKDF2 de una contraseña proporcionada
  • hash_update_file — Inyecta datos en un contexto de cifrado activo desde un fichero
  • hash_update_stream — Pega datos en un contexto de cifrado activo desde un flujo de datos abierto
  • hash_update — Pega más datos en un contexto incremental de cifrado activo
  • hash — Generar un valor hash (resumen de mensaje)
add a note add a note

User Contributed Notes 5 notes

up
9
CraquePipe
16 years ago
For thoes of you who're looking to generate an NTLM hash (not an LM hash), I found out it's quite simple..

It uses the basic MD4 function, but the password needs to be in Unicode Little Endian encode first (this canbe achieved by the iconv function).

This can be done easily by using the following code:

<?php
function NTLMHash($Input) {
 
// Convert the password from UTF8 to UTF16 (little endian)
 
$Input=iconv('UTF-8','UTF-16LE',$Input);

 
// Encrypt it with the MD4 hash
 
$MD4Hash=bin2hex(mhash(MHASH_MD4,$Input));

 
// You could use this instead, but mhash works on PHP 4 and 5 or above
  // The hash function only works on 5 or above
  //$MD4Hash=hash('md4',$Input);

  // Make it uppercase, not necessary, but it's common to do so with NTLM hashes
 
$NTLMHash=strtoupper($MD4Hash);

 
// Return the result
 
return($NTLMHash);
}
?>

To produce an LM hash requires a fully-written script containing the algorithm used to make it.

Enjoy,
CraquePipe.
up
4
artem at it-nt dot ru
16 years ago
And some code for LM hash:

<?php
function LMhash($string)
{
   
$string = strtoupper(substr($string,0,14));

   
$p1 = LMhash_DESencrypt(substr($string, 0, 7));
   
$p2 = LMhash_DESencrypt(substr($string, 7, 7));

    return
strtoupper($p1.$p2);
}

function
LMhash_DESencrypt($string)
{
   
$key = array();
   
$tmp = array();
   
$len = strlen($string);

    for (
$i=0; $i<7; ++$i)
       
$tmp[] = $i < $len ? ord($string[$i]) : 0;

   
$key[] = $tmp[0] & 254;
   
$key[] = ($tmp[0] << 7) | ($tmp[1] >> 1);
   
$key[] = ($tmp[1] << 6) | ($tmp[2] >> 2);
   
$key[] = ($tmp[2] << 5) | ($tmp[3] >> 3);
   
$key[] = ($tmp[3] << 4) | ($tmp[4] >> 4);
   
$key[] = ($tmp[4] << 3) | ($tmp[5] >> 5);
   
$key[] = ($tmp[5] << 2) | ($tmp[6] >> 6);
   
$key[] = $tmp[6] << 1;
  
   
$is = mcrypt_get_iv_size(MCRYPT_DES, MCRYPT_MODE_ECB);
   
$iv = mcrypt_create_iv($is, MCRYPT_RAND);
   
$key0 = "";
  
    foreach (
$key as $k)
       
$key0 .= chr($k);
   
$crypt = mcrypt_encrypt(MCRYPT_DES, $key0, "KGS!@#$%", MCRYPT_MODE_ECB, $iv);

    return
bin2hex($crypt);
}
?>

Some optimization?
up
-3
kungla at gmail dot com
15 years ago
For Samba ueserPassword you can use:

(I am not very sure aboute the salt part, but it works for me like that)

<?php
function CRYPThash($string, $salt = null)
{
    if (!
$salt)
       
$salt = rand(10,99);
   
    return
"{CRYPT}".crypt($string, $salt);
}
?>

In posted NTLMHash function you can also use:

<?php
// Encrypt it with the MD4 hash
$MD4Hash=hash('md4',$Input);
?>

So you don't need to install mhash libraries
up
-8
ocarter at mirabeau dot nl
14 years ago
Note for FreeBSD with PHP-5.

This is disabled by default; use the security/php5-hash port:
cd /usr/ports/security/php5-hash ; make install clean
(do not use the security/pecl-hash port as in the past, see the /usr/ports/UPDATING post from 20081211)
up
-18
nb_removethis_ at wtal dot de
17 years ago
Some tests with mhash and hash revealed on my machine that hash needs more than twice as long to create a hash than mhash. The average of one million cylces of Haval128, Haval256, Gost, CRC32, MD5, SHA1 and SHA256 was 450ms for mhash and 1150ms for hash.
To Top