Skip to content

edwinmugendi/hashdigest

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
src/HashDigest
src/HashDigest
 
 
tests
tests
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

hashdigest

A PHP Hash Generator and Verifier

This is a wrapper on the PHP function HASH for generating hash digests using sha256 algorithm and also verifying a given hash againist given data.

Installation

Requirements

PHP v>=5.1.2+

With Composer

The easiest way to install Carbon is via composer. Create the following composer.json file and run the php composer.phar install command to install it. ```json "require": { "edwinmugendi/hashdigest": "master" } ```

Without Composer

Why not use composer? Anyway, Download Digester.php from the repo and save the file somewhere in your project.

```php use HashDigest\Digester;

$dataToHash = array( 'name'=>'Ali', 'age'=>'12', 'city'=>'Nairobi', 'work'=>'Software Engineer', 'at'=>'Sapama.com' );

$hash = Digester::digest($dataToHash);

echo 'Generated Hash is '; echo "\n"; echo $hash; echo "\n"; $isValid = Digester::isHashValid($hash, $dataToHash);

echo "Hash is ". ($isValid ? 'valid': 'not valid');

<h3>Algorithm</h3>
<h4>Hash generation</h4>
The hash is generated by:

1. The ```digest($dataToHash, $algo = 'sha256', $raw_output = false, $separator = '.')``` function takes a string or array as parameter of data to be hashed eg;

```php
<?php

$dataToHash = array(
    'name'=>'Ali',
    'age'=>'12',
    'city'=>'Nairobi',
    'work'=>'Software Engineer',
    'at'=>'Sapama.com'
);

$hash = Digester::digest($dataToHash);
  1. If parameter is array, Sort the array by the key, Hence the above array will sorted into
<?php

$dataToHash = array(
    'age'=>'12',
    'at'=>'Sapama.com'
    'city'=>'Nairobi',
    'name'=>'Ali',
    'work'=>'Software Engineer'
);
  1. Generate the string to be hashed by joining the array elements with a '.' (default) or the separator you put in the 4th parameter of the digest function. Hence, the string generated from the above array will be:
$stringToHash = '12.Sapama.com.Nairobi.Ali.Software Engineer'
  1. Hash the generated string with sha256 algorithm (for PHP use PHP Hash)
$hash = '87304e9ab39f1d9c70b9f51f9f3b70fed5d19fbd3917ea3678115c5adffcf0d5';

Hash verification

1. To perform hash verification, Using the isHashValid($hash,$dataToHash), you need to pass the pre created hash and the data from which the hash was generated from. 2. This function return true if hash is verified, false otherwise

Possible applications

1. Securing API - This library can be used to generate hash digest plus an ``` API_SECRET ``` (see below) of data to be passed to an API. Remember to also include the generated hash to the data being POSTed so that the API can generate an hash using the data and try and verify against the POSTed hash.

NB: API_SECRET This is code or a random string known only to the API provider and consumer and is included in the data to be hashed to make the hash more difficult to regenerate.

Happy Coding!

About

A PHP Hash Generator and Verifier

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

1 Latest
Feb 10, 2015

Packages

No packages published

Languages