PHP version of ASP.net/VB.net Login

Question

I am creating a PHP-version of a login script that is in ASP.net/VB.net. The database where the usernames and passwords are stored is in MSSQL and that will not change. Passwords are stored as binary data. Here's a part of the code in VB.net that compares the password to the one saved in the database.

Dim sha1 As sha1 = sha1.Create()
Dim password As Byte() = sha1.ComputeHash(Encoding.Unicode.GetBytes(Me.txtPwd.Text))
CustData = .GetCustomerByEmail(Me.txtUser.Text, password)

I found out that it's part of a library .

I am encountering problems after hashing the password in PHP's sha1. I don't know how to convert the hashed string to a binary that I could use to compare it to the database.

As an example, the password "Test100" in the MSSQL database has a value of (after unpack('H*', $binaryPassword)) 7397001ce5259b79c436a369b9d3a8c7bc2a85385fdec57a. I am not sure how to get that string above from the hashed password I am getting using PHP.

Here's what I have in PHP so far and where I am stuck in.

$password = sha1(mb_convert_encoding($_POST['password'], 'utf-16le'), false); // $_POST['password'] = 'Test100'

The output for that is 8415ec8cc9287a10f81db5a77341709d304bfa92.

So I am thinking there's one more step to change $password to $binaryPassword or the hexadecimal representation of the binary password.

From this page , it's saying Byte is an 8-bit unsigned integer, but not really sure how to get that from a PHP string.

Thanks in advance!

Answer 1

如果您尝试在静态文本“Test100”上运行sh1会发生什么？