Home > Backend Development > PHP Tutorial > Create signature from Hash_hmac() and Sha256 in PHP

Create signature from Hash_hmac() and Sha256 in PHP

王林
Release: 2024-02-29 14:36:02
forward
735 people have browsed it

In PHP, it is a common security practice to use the Hash_hmac() function in conjunction with the Sha256 algorithm to create signatures. This method can help verify the integrity and authenticity of data during data transmission and prevent data from being tampered with or forged. By combining Hash_hmac() and Sha256, a secure key-based hash can be generated, ensuring secure transmission and processing of data. In this article, we’ll take a deep dive into how to use Hash_hmac() and Sha256 in PHP to create signatures, and how to apply this approach to enhance data security.

We'll show you how to use the hash_hmac and sha256 ciphers to create a secure signature that you can store in a database or Use in your login form.


hash_hmac() function in php

hash_hmac() Creates an alphanumeric keyed secret hash. It utilizes a cryptographic authentication technology called the HMAC method.

grammar:

hash_hmac($alGo, $data, $key, $binary = false);
Copy after login
  1. $algo is one of the hash_hmac parameters and is used as the signature secret keyed hash (String).
  2. $data, a hash value (usually the user's password). It can be alphanumeric.
  3. $key is generated from the HMAC method, which is the key you get from the function, and for other programming uses.
  4. The last parameter $binary is the binary value.

It returns raw data when TRUE and throws lowercase hexadecimal when FALSE.


Using hash_hmac() and sha256

in PHP

example:

<?php
//sha256 is a $algo
$PassWord= &#39;ThisIS123PasswORD&#39; ; //data
$secret ="ABCabc"; //$key
//false is bool value to check whether the method works or not
$hash_it = hash_hmac("sha256", utf8_encode($Password), $secret, false);//all four parameters
if(!$hash_it){ //checks true or false
	echo "Password was not encrypted!";
}
echo "Your encrypted signature is:<b> &#39;.$hash_it.&#39; </b>";
?>
Copy after login

Output:

Your encrypted signature is: &#39;.46e9757dc98f478c28f035cfa871dbd19b5a2bf8273225191bcca78801304813
Copy after login

Use hash_hmac() and base64_encode()

If you want your cryptographic signatures to be more secure, you can also execute the following code snippet.

example:

<?php
$my_sign = "abc123";
$key = TRUE;
 $base64_encode = base64_encode(hash_hmac(&#39;sha256&#39;, $my_sign, $key, true));
if(!$base64_encode){
echo "Your signature with the base64_decode(hash_hmac()); failed";
}
else{
echo "Your base64_decode(hash_hmac()); encrypted signature is is:<b> $base64_encode.&#39; </b>";
}
?>
Copy after login

Output:

Your base64_decode(hash_hmac()); encrypted signature is is: &#39;.00g0QMQlnluXxijqot60WZf6InDi07b/Mb5lL7eVZ34
Copy after login

Use hash_hmac() and sha256 in PHP and apply hex2bin/bin2hex transformation

  • hex2bin() - This function decodes a binary string that has been encoded in hexadecimal.
  • bin2hex() - Convert an ASCII string to a hexadecimal value using the bin2hex() method.

Let's say you have critical financial data that you want to encrypt and create a key for the user.

example:

<?php
$createhashmackey = "2974924872949278487322348237749823";
$bank_acc = "029480247299262947328749287";
$current_bal = $sum * 10000 / 450;
$bank_locker_no = &#39;AC54-A76X&#39;;
$last_deposit= $when;
$se = hex2bi&#110;($createhashmackey);
$create_his_signature = $bank_acc . $current_bal. $bank_locker_no . $last_deposit;
$enigma = bin2he&#120;(hash_hmac(&#39;sha256&#39;, $create_his_signature, $se));
echo "The secret signature is.$enigma.";
Copy after login

Output:

The secret signature is.33633066323533383537663538323937373536393764396530343661663336666438636435363631383934363864383966316133633433633965343234336233.
Copy after login

This is the output for all code examples in this article.

在 PHP 中从 Hash_hmac() 和 Sha256 创建签名

The above is the detailed content of Create signature from Hash_hmac() and Sha256 in PHP. For more information, please follow other related articles on the PHP Chinese website!

source:lsjlt.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template