Support SHA256

#1
Hi,

I would like to ask if its planned to support SHA256 (IGCN) for login and registration? Or maybe someone could already have some solution on it?

I am PHP programmer myself, I know how SHA256 hash works, but there are something missing (maybe IGCN is using some additional chars or somehow mixing up raw password with salt).
I have asked that also in IGCN community forums about logic they use generating SHA256, but currently without response.

Currently I tried to implement it in following ways, but without success:

PHP:
$password1 = hash('sha256', $salt.$password, true);
$password2 = hash('sha256', $password.$salt, true);
$password3 = hash_hmac('sha256', $password, $salt, true);
Last function attribute "true" used to return raw binary.
 
#2
I got it working.

IGCN for password hashing also includes AccountID (username).

So code should be like this:
PHP:
$password = hash('sha256', $password.$username.$salt, true); // binary
I recommend to add this password hash method for future releases.
 
Last edited:
#3
Example for registration. Tested and working.
In insert query use CONVERT(binary(32),$password,1) .

PHP:
$password = hash('sha256', $password.$username.$salt); // use hex instead of binary as above example

$query = "INSERT INTO MEMB_INFO (memb___id, memb__pwd, memb_name, sno__numb, mail_addr, bloc_code, ctl1_code) VALUES ($username, CONVERT(binary(32),$password,1), $name, $serial, $email, 0, 0)";
 
Last edited:
Top