This time we are going to learn another Hash encryption extension. But the extension Mhash is already integrated into the Hash extension. It is also important to note that this extension is no longer recommended and should be used directly for Hash encryption. So, we are still learning today. For more on the Hash extension, check out the previous article: PHP’s Hash Information Digest Extension Framework.

Use of cryptographic hash functions

$hash = mhash(MHASH_MD5, "Test Mhash");
echo $hash, PHP_EOL;
echo bin2hex($hash), PHP_EOL;
/ / / � � 8 > < � ۠ � P4q � j �
// 2fcb38e93e3cc8dba09f503471846a9d

$hash = hash('md5'."Test Mhash");
echo $hash, PHP_EOL;
// 2fcb38e93e3cc8dba09f503471846a9d

$hash = mhash(MHASH_MD5, "Test Mhash".'hmac secret');
echo $hash, PHP_EOL;
echo bin2hex($hash), PHP_EOL;
/ / � � k < F � � m OM � � � �
// b86bb83c46b76d09be4f4daf18ebfe85
Copy the code

As you can see from the code, the mhash() function is used very much like hash(), and of course they do the same thing. However, the mhash() function is encrypted directly in binary, and when we convert this to hexadecimal by bin2hex() we can see that the structure is exactly the same as that of the normal hash() function.

Add key to the third parameter when hMAC encryption is performed.

Iterate over all supported algorithm types

Of course, just like Hash encryption, Mhash encryption can also choose a different algorithm. We can also directly use the related functions to see the encryption algorithms supported in the current environment.

echo mhash_count(), PHP_EOL;

$nr = mhash_count(); / / 33

for ($i = 0; $i< =$nr; $i{+ +)echo sprintf("Hash: %s, block size: %d\n",
        mhash_get_hash_name($i),
        mhash_get_block_size($i));
}
// Hash: CRC32, block size: 4
// Hash: MD5, block size: 16
// Hash: SHA1, block size: 20
// Hash: HAVAL256, block size: 32
// Hash:, block size: 0
// Hash: RIPEMD160, the block size is 20
// Hash:, block size: 0
// Hash: TIGER, block size: 24
// Hash: GOST, block size: 32
// Hash: CRC32B, block size: 4
// Hash: HAVAL224, block size: 28
// Hash: HAVAL192, block size: 24
// Hash: HAVAL160, block size: 20
// Hash: HAVAL128, block size: 16
// Hash: TIGER128, block size: 16
// Hash: TIGER160, block size: 20
// Hash: MD4, block size: 16
// Hash: SHA256, block size: 32
// Hash: ADLER32, block size: 4
// Hash: SHA224, the block size is 28
// Hash: SHA512, block size: 64
// Hash: SHA384, block size: 48
// Hash: WHIRLPOOL, block size: 64
// Hash: RIPEMD128. The block size is 16
// Hash: RIPEMD256, the block size is 32
// Hash: RIPEMD320. The block size is 40
// Hash:, block size: 0
// Hash: SNEFRU256, block size: 32
// Hash: MD2, block size: 16
// Hash: FNV132, block size: 4
// Hash: FNV1A32, block size: 4
// Hash: FNV164, block size: 8
// Hash: FNV1A64, block size: 8
// Hash: JOAAT, block size: 4
Copy the code

There are also a number of constants available in PHP to represent these algorithms, such as the MHASH_MD5 we used in the previous code. So this is essentially what we’re going through and we just add MHASH_ in front of it. The list of supported constants can be found in the official manual, which will not be copied and pasted here.

Salted S2K algorithm generates a password summary

In addition, Mhash also provides us with a very convenient Salted S2K algorithm which can be used to generate a set of very convenient password encryption content.

OpenPGP Salted S2K algorithm
$hashPassword = mhash_keygen_s2k(MHASH_SHA1, 'My password', random_bytes(2), 4);
echo $hashPassword, PHP_EOL;
echo bin2hex($hashPassword), PHP_EOL;
/ / � -! =
// 101ab899
Copy the code

Of course, this algorithm is also relatively safe, taking the salt parameter and specifying the length of the data to be returned. It also returns binary data, and if you want to save standard text content, you need to convert it to hexadecimal form. However, I think it is safer to generate binary content directly.

conclusion

Different functions have different application scenarios, but in fact Mhash has no special application scenarios, after all, related functions in the Hash extension can completely replace its function, and it is more rich and easy to use. If you see these functions used in older projects, you can also slowly replace them with new functions through refactoring.

Test code:

Github.com/zhangyue050…

Reference Documents:

www.php.net/manual/zh/b…