آنلاین SHA512 ژنراتور هش

I´m trying to implement a login screen where all your inputs get encrypted by SHA 512 and some minor tweaks to the function later (reversing the string, extending the length). For my username the encryption works well but my passwords on the other hand gives me the same result, no matter what i type in.

 public static String password_encrypt(String input) {    try {        String password_ = input;        int iterations = 250000;        String salt = "salt";        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");        char[] passwordChars = password_.toCharArray();        KeySpec spec = new PBEKeySpec(passwordChars, salt.getBytes(), iterations, 256);        SecretKey key = factory.generateSecret(spec);        byte[] passwordHash = key.getEncoded();        SecretKey secret = new SecretKeySpec(key.getEncoded(), "AES");        input = secret.toString();    } catch (NoSuchAlgorithmException e) {        // TODO Auto-generated catch block        e.printStackTrace();    } catch (InvalidKeySpecException e) {        // TODO Auto-generated catch block        e.printStackTrace();    }    return input;}

And then i check in an array if there is a place where i can put the information and i if there is one its getting stored there.

 for (int i = 0; i < username.length; i++) {        System.out.println("username " + username[i]);        if (name.equals(username[i])) {            System.out.println("Dieser Username ist bereits vergeben!");            break;        }        if ("empty".equals(username[i]) || null == username[i]) {            username[i] = name;            stelle = i;            System.out.println("Username wurde vergeben");            break;        }         else if (name.equals(username[i])) {            System.out.println("1234");        }    }    for (int j = 0; j < password.length; j++) {        System.out.println("Passwort " + password[j]);        if ("empty".equals(password[j]) || null == password[j]) {            System.out.println("Passwort wurde vergeben");            password[j] = input_;            stelle_pw = j;            break;        }         else if (input.equals(password[j])) {            System.out.println("123");        }    }

The arrays username[] and password[] were filled with "empty" or null by my constructor.

My major problem is: no matter what the input for the password is, i am getting the same key: javax.crypto.spec.SecretKeySpec@fffea4cc

This gives me a big security leak if i just compare the strings to decide if its the right one...

Little Disclamer: Some functions or variables are made with _ because i am dyslexic. Please dont butcher me for not using the name convention. T

I need to create a javascript hashing algorithm the same as Symfony 3 encodePassword.

This was a similar problem to that in but in symfony3:Symfony2 password encoder function in Javascript

this is to create a message digest to test a rest endpoint with wsse headers in Symfony with fosbundle in postman.

I've managed to simplify and duplicate the Symfony hashing function in PHP

$pass = "hello";$salt = "";$iterations=5000;echo $this->encoder->encodePassword($pass,$salt);//contains: U5xyFq7KQU1CWeX3UcLB0mwWZZQUq0PL8U+GLWomfGW/WQWxxGLi+0ifhmnlw/gQ5pPjNNZV1/q8kMVpAXsFZw== //simplyfying and replicating the hashing algo in php with same pass/salt:$salted = $pass.$salt;$digest = hash("sha512", $salted, true);for($i=1; $i<$iterations; $i++) {    $digest = hash("sha512", $digest.$salted, true);}echo base64_encode($digest);//contains: U5xyFq7KQU1CWeX3UcLB0mwWZZQUq0PL8U+GLWomfGW/WQWxxGLi+0ifhmnlw/gQ5pPjNNZV1/q8kMVpAXsFZw==

but trying to replicate it in javascript using CryptoJS is proving troublesome. I suspect its to do with the character encoding too.

according to https://code.google.com/archive/p/crypto-js/#The_Hasher_Input

The hash algorithms accept either strings or instances of CryptoJS.lib.WordArray [...] an array of 32-bit words. When you pass a string, it's automatically converted to a WordArray encoded as UTF-8.

password = 'hello';//attempt 1 use hex converted passhexpass = CryptoJS.enc.Utf8.parse(password);digest = CryptoJS.SHA512(hexpass);for (i = 1; i < 5000; ++i) {    hexvar = CryptoJS.SHA512(digest + hexpass);}digest = digest.toString(CryptoJS.enc.Base64);console.log(digest);// need hash to contain: U5xyFq7KQU1CWeX3UcLB0mwWZZQUq0PL8U+GLWomfGW/WQWxxGLi+0ifhmnlw/gQ5pPjNNZV1/q8kMVpAXsFZw==
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js"></script>

I've tried many different ways to with converting to word array first etc. but none seem to come up with the same hash

https://jsfiddle.net/munkiepus/awdoq4kL/34/

EDIT: i think the problem is that the php uses some form of raw binary

outputting the result of $digest = hash("sha512", $salted, true); to the terminal shows:

▒q▒$▒b▒x]▒▒j▒▒=s1▒▒�▒▒▒▒▒%g<▒##▒ٛ▒▒|z▒n▒▒▒FcG.:▒▒os▒▒▒C

so maybe it's not possible in JS after all. if the digest was encoded to a readable string during each iteration then it may be possible, as in the linked example.

I am updating the md5 to sha512 for DPM authorizenet- Please help me out -

I am not getting it work.

see code change -

while generating fingerprint for x_hp_hash -

from md5 -

if (function_exists('hash_hmac')) {return hash_hmac("md5", $api_login_id . "^" . $fp_sequence . "^" . $fp_timestamp . "^" . $amount . "^", $transaction_key); }return bin2hex(mhash(MHASH_MD5, $api_login_id . "^" . $fp_sequence . "^" . $fp_timestamp . "^" . $amount . "^", $transaction_key));

to sha512 -

$signature_key = hex2bin($signature_key);if (function_exists('hash_hmac')) {return hash_hmac("sha512", $api_login_id . "^" . $fp_sequence . "^" . $fp_timestamp . "^" . $amount . "^", $signature_key); }return bin2hex(mhash(MHASH_SHA512, $api_login_id . "^" . $fp_sequence . "^" . $fp_timestamp . "^" . $amount . "^", $signature_key));

While getting reponse and comparing the x_sha_hash value from md5 -

if(strtoupper(md5($this->md5_setting . $this->api_login_id . $this->transaction_id . $amount)) == $this->md5_hash){        //valid } else{        //not valid }

Changed to sha512 -

$this->signature_key = hex2bin($this->signature_key);$string = '^'.$this->api_login_id.'^'.$this->transaction_id.'^'.$amount.'^';if(strtoupper(HASH_HMAC('sha512', $string, $this->signature_key)) == $this->SHA2_Hash){  //valid} else{  //not valid}

What I am doing wrong?When validating the transaction at my end it is saying please check your md5 setting. It validates on the basis of last code shown in the snippet.

my signature Key = E284BDC12A45A7F5B0933A352EB1C3F25E91A3B92360693D94E4366190EF12E78F6CFE8601751F719DA7A72ABBA117BF0161F8A1DD894DADE3C56A838D8355AD

x_hp_hash submitting using the second code snippet (i.e sha512 fingerprint)x_hp_hash = b4c9e1878f88aa9c4f808761ed8ceee71ab117cc0f1297b2d850e28351f08fc52bd528a7538c832568c674a1d5095ead1a5383a626c9797587ab16bae76e45fb

after submitting getting in reponse -

X_SHA2_Hash - 19AB7947709CF6CB2B8415784EBD7669FCDE5D83B69EC8C716203806A3235308187668F5783F9CA0F1AE8A47808EDAB241025A8AF61A2FABC27FA6AAAEA8FFD8

generated hash code - 3E6427E67271B1F0732D3D95217D25EE4D7C4103C906A6CB70943498698157F48F7BECD5C7E5393CF2A489B464070A7778F15757385E8F29029CFC3F66256F05

using last snippet above.

so these are not equal so not a valid transaction.

I am trying to encypt some data using RSA public key and signing with SHA-512 algo. But response recevied is differnet in different platform.

In C#:

    RSACryptoServiceProvider crypto = new RSACryptoServiceProvider();    crypto.ImportCspBlob(Convert.FromBase64String(publickey));    crypto.exportParameters(false); // and got the public key modulus and exp    byte[] response = crypto.SignData(data, "SHA512");

In Java:

    // got modulus and exp for public key from c#     byte[] modulo = {.....};             byte[] exp = {1,0,1};                    BigInteger modulus = new BigInteger(1, modulo);         BigInteger pubExp = new BigInteger(1, exp);         KeyFactory keyFactory = KeyFactory.getInstance("RSA");    RSAPublicKeySpec priKeySpec = new RSAPublicKeySpec(modulus, pubExp);    RSAPublicKey Key = (RSAPublicKey)keyFactory.generatePublic(priKeySpec);    // Calculate Hash    MessageDigest sha1 = MessageDigest.getInstance("SHA-512");    byte[] digest = sha1.digest(data);         // Encrypt digest    Cipher cipher = Cipher.getInstance("RSA");    cipher.init(Cipher.ENCRYPT_MODE, Key);    byte[] response = cipher.doFinal(digest);

but both response are not matching.C# generate correct one but java not generating the same byte[]Any missing part in java code.

I'm trying to connect to the Shopwedo API in Python. https://admin.shopwedo.com/developer/.

Everything works well except the hashing.Below, are sample scripts in PHP and in Python. The hashing of the same string returns a different final result.

PHP CODE

/** * Prepare credentials: */ $credentials = array(     'id' => 1234,     'key' => "HelloTest",     'timestamp' => 1554888606,     'salt' => 'diego' );/** * Generate token by combining credentials: */ $hash_preparation = implode('', array_values($credentials));$token = hash_hmac('sha512', $hash_preparation, '');print($token);

This PHP code returns:

b0d45466aa68db7df247d858094f88010b7c58820538309fffe28a42458a6ce4b6b2d48b1c5b9d40492851db075af9d86b2e1c81c4a6960d3dfb4616bccb617a

PYTHON CODE

import hashlibparams={'shopid':1234,        'apikey': "HelloTest",        'timestamp':1554888606,        'salt': "diego"}tosign = "".join([str(params[i]) for i in params] )token = hashlib.sha512(tosign.encode()).hexdigest()print(token)

This Python code returns:

34480ef855ff09d743ff5931ff39851ee4031e470c0fddb7e7ba6a1c9a8a5145bfbcd020c11220287f2747f28f48d77893fff4f8dcce82ab54e70c67f172bab9