Mhash
Mhash is, in short, an additional PHP library that allows more advanced hashing functions. The current list of algorithms that it can use are listed below (taken from php.net on 18/3/05):
- MHASH_MD5
- MHASH_SHA1
- MHASH_HAVAL256
- MHASH_HAVAL192
- MHASH_HAVAL160
- MHASH_HAVAL128
- MHASH_RIPEMD160
- MHASH_GOST
- MHASH_TIGER
- MHASH_CRC32
- MHASH_CRC32B

So essentially, it still includes md5 and sha1 but also a number of other hashing algorithms that you can use.

Mhash is a small library, consisting only of 5 functions. So I’ll outline them all.
mhash_count() - Gets the highest available hash ID
mhash_get_block_size() - Gets the block size of the specified hash
mhash_get_hash_name() - Gets the name of the specified hash
mhash_keygen_s2k() - Generates a key
mhash() - Computes the hash

mhash() is the function we will worry about first, as it’s the function that actually does the hashing. It accepts arguments in the following order: [hash name], [string], [key]. Basically, you specify one of the hash algorithms above in [hash name] without quotes, and you input a string. If you specify a key, it will return the HMAC hash (Hashing for Message Authentication), although it is not required, and if you don’t specify one, it will just return a standard hash. If the algorithm doesn’t support HMAC modes, mhash() returns false.

The difference between using md5("") and using mhash(MHASH_MD5, "") is that mhash() returns raw bin output, which must be converted to hexadecimal by using the function bin2hex(). This way, the functions will both output the same thing.

mhash_keygen_s2k() is the function we use to generate keys. This function accepts [hash name], [password], [salt], [bytes]. Basically, you input the hash name like you did with mhash(), then you input a password, and a randomly generated salt that must be <= 8 bytes long. If it’s less, PHP will pad it with 0’s to make it 8. The bytes integer tells the function how long to make the generated key. Please note that although your salt should be random, you must somehow obtain a copy of it.

mhash_get_block_size() is a simple function that takes in a [hash name] and returns the block size for that algorithm. If the hash doesn’t exist, it will return false.

mhash_get_hash_name() is also a simple function, it takes in the ID of [hash name] and returns the singular name of the hash, i.e. if MHASH_MD5 was input, it would get the key of it, and return MD5.

mhash_count() is probably the simplest mhash function. It doesn’t have any inputs and simply returns the number of algorithms there are available in the mhash library.

So, to conclude the mhash section of this tutorial, let’s write a little scriptlet that will hash a string in every algorithm!

<?php $num_of_hashes = mhash_count(); $string = "scrowler likes apples"; for( $i=0; $i <= $num_of_hashes; $i++){ $name = mhash_get_hash_name($i); echo "<p>Hashing using: ".$name."<br />Original string: <em>".$string."</em><br />"; $hash = mhash($i, $string); $hash = bin2hex($hash); echo "Hashed: ".$hash."</p>"; } echo $num_of_hashes . " hashing algorithms used."; ?>

That concludes the mhash and hashing section of this tutorial. I hope you learned something about hashing!

- Tutorial written by Scrowler

Pages (4): <Prev 1 2 [3] 4 Next>

Automatic Translations: