Same string, different SHA1 hash values obtained from VB.net and PHP

Question

I have some problems with the SHA1 hash value of a string. I\'m trying to send a file from a client written in VB.net to a server written in PHP. My problem is that when I p

Answer 1

Well, the problem is that you're double hashing in .NET and only single hashing in PHP. Here's what you're doing in .NET translated into PHP:

$cInput = "the quick brown fox jumps over the lazy dog";
$cBase64 = base64_encode($cInput);

$sha = sha1($cBase64, true); // The true param returns the raw bytes instead of hex
$chash = sha1($sha);

So you're double hashing it. To fix it, you just need to change your algorithm to:

cInput = "the quick brown fox jumps over the lazy dog"
cBase64 = Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(cInput))

abBytesToHash = System.Text.Encoding.ASCII.GetBytes(cBase64)

cHash = BitConverter.ToString(objSHA1.ComputeHash(abBytesToHash))
cHash = Replace(cHash, "-", "")

Note that all I did was remove the abBytesToHash = objSHA1.ComputeHash(abBytesToHash) line...

Alternatively, you could change the PHP to do this:

$cInput = "the quick brown fox jumps over the lazy dog";
$cBase64 = base64_encode($cInput);

echo "BASE64: " . $cBase64 . "<br />";
echo "SHA1: " . strtoupper(sha1(sha1($cBase64, true)));