How to convert SHA1 return value to ascii










0














I am trying to create a SHA1 hash of a user input and store it in a string value so I can compare it to a text file of known hashes.



To create the hash:



SHA1(password,strlen(password),temp);
print_hex(temp, sizeof(temp));


Convert the hash:



for(i=0;i<sizeof(passHash);i++)
sprintf(&passHash[i], "%02x", temp[i]);

printf("%sn", passHash);


Print_hex:



void print_hex(unsigned char *buf, int len)
int i;
for(i=0;i<len;i++)
printf("%02x",buf[i]);

printf("n");



When I run the program with a known hashed password like "password" it shows the right hash with print_hex but not after the sprintf. Therefore, I know I am converting the SHA1 hash incorrectly.



What am I doing wrong?










share|improve this question

















  • 1




    what's passHash? If it's a pointer, sizeof(passHash) probably won't give you what you want.
    – yano
    Nov 12 '18 at 20:13










  • You should never, ever be SHA1ing a user password. Traditional cryptographic hash functions are not intended for passwords. Instead, you should be using a password based key derivation function like bcrypt, scrypt, pbkdf2, or argon2. Here's why.
    – TheGreatContini
    Nov 12 '18 at 21:01










  • What do you get? What do you expect? have you read How to create a Minimal, Complete, and Verifiable example ?
    – Luis Colorado
    Nov 20 '18 at 8:27















0














I am trying to create a SHA1 hash of a user input and store it in a string value so I can compare it to a text file of known hashes.



To create the hash:



SHA1(password,strlen(password),temp);
print_hex(temp, sizeof(temp));


Convert the hash:



for(i=0;i<sizeof(passHash);i++)
sprintf(&passHash[i], "%02x", temp[i]);

printf("%sn", passHash);


Print_hex:



void print_hex(unsigned char *buf, int len)
int i;
for(i=0;i<len;i++)
printf("%02x",buf[i]);

printf("n");



When I run the program with a known hashed password like "password" it shows the right hash with print_hex but not after the sprintf. Therefore, I know I am converting the SHA1 hash incorrectly.



What am I doing wrong?










share|improve this question

















  • 1




    what's passHash? If it's a pointer, sizeof(passHash) probably won't give you what you want.
    – yano
    Nov 12 '18 at 20:13










  • You should never, ever be SHA1ing a user password. Traditional cryptographic hash functions are not intended for passwords. Instead, you should be using a password based key derivation function like bcrypt, scrypt, pbkdf2, or argon2. Here's why.
    – TheGreatContini
    Nov 12 '18 at 21:01










  • What do you get? What do you expect? have you read How to create a Minimal, Complete, and Verifiable example ?
    – Luis Colorado
    Nov 20 '18 at 8:27













0












0








0







I am trying to create a SHA1 hash of a user input and store it in a string value so I can compare it to a text file of known hashes.



To create the hash:



SHA1(password,strlen(password),temp);
print_hex(temp, sizeof(temp));


Convert the hash:



for(i=0;i<sizeof(passHash);i++)
sprintf(&passHash[i], "%02x", temp[i]);

printf("%sn", passHash);


Print_hex:



void print_hex(unsigned char *buf, int len)
int i;
for(i=0;i<len;i++)
printf("%02x",buf[i]);

printf("n");



When I run the program with a known hashed password like "password" it shows the right hash with print_hex but not after the sprintf. Therefore, I know I am converting the SHA1 hash incorrectly.



What am I doing wrong?










share|improve this question













I am trying to create a SHA1 hash of a user input and store it in a string value so I can compare it to a text file of known hashes.



To create the hash:



SHA1(password,strlen(password),temp);
print_hex(temp, sizeof(temp));


Convert the hash:



for(i=0;i<sizeof(passHash);i++)
sprintf(&passHash[i], "%02x", temp[i]);

printf("%sn", passHash);


Print_hex:



void print_hex(unsigned char *buf, int len)
int i;
for(i=0;i<len;i++)
printf("%02x",buf[i]);

printf("n");



When I run the program with a known hashed password like "password" it shows the right hash with print_hex but not after the sprintf. Therefore, I know I am converting the SHA1 hash incorrectly.



What am I doing wrong?







c sha1 data-conversion






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 12 '18 at 19:12









Colin G

256




256







  • 1




    what's passHash? If it's a pointer, sizeof(passHash) probably won't give you what you want.
    – yano
    Nov 12 '18 at 20:13










  • You should never, ever be SHA1ing a user password. Traditional cryptographic hash functions are not intended for passwords. Instead, you should be using a password based key derivation function like bcrypt, scrypt, pbkdf2, or argon2. Here's why.
    – TheGreatContini
    Nov 12 '18 at 21:01










  • What do you get? What do you expect? have you read How to create a Minimal, Complete, and Verifiable example ?
    – Luis Colorado
    Nov 20 '18 at 8:27












  • 1




    what's passHash? If it's a pointer, sizeof(passHash) probably won't give you what you want.
    – yano
    Nov 12 '18 at 20:13










  • You should never, ever be SHA1ing a user password. Traditional cryptographic hash functions are not intended for passwords. Instead, you should be using a password based key derivation function like bcrypt, scrypt, pbkdf2, or argon2. Here's why.
    – TheGreatContini
    Nov 12 '18 at 21:01










  • What do you get? What do you expect? have you read How to create a Minimal, Complete, and Verifiable example ?
    – Luis Colorado
    Nov 20 '18 at 8:27







1




1




what's passHash? If it's a pointer, sizeof(passHash) probably won't give you what you want.
– yano
Nov 12 '18 at 20:13




what's passHash? If it's a pointer, sizeof(passHash) probably won't give you what you want.
– yano
Nov 12 '18 at 20:13












You should never, ever be SHA1ing a user password. Traditional cryptographic hash functions are not intended for passwords. Instead, you should be using a password based key derivation function like bcrypt, scrypt, pbkdf2, or argon2. Here's why.
– TheGreatContini
Nov 12 '18 at 21:01




You should never, ever be SHA1ing a user password. Traditional cryptographic hash functions are not intended for passwords. Instead, you should be using a password based key derivation function like bcrypt, scrypt, pbkdf2, or argon2. Here's why.
– TheGreatContini
Nov 12 '18 at 21:01












What do you get? What do you expect? have you read How to create a Minimal, Complete, and Verifiable example ?
– Luis Colorado
Nov 20 '18 at 8:27




What do you get? What do you expect? have you read How to create a Minimal, Complete, and Verifiable example ?
– Luis Colorado
Nov 20 '18 at 8:27












1 Answer
1






active

oldest

votes


















4














You are overwriting in your converted string in consecutive sprintf calls. Check this:



char passHash[100] = 0,;
for(i=0;i<sizeof(temp);i++)
sprintf(passHash + i * 2, "%02x", temp[i]); // <-- each 2 bytes. e.g: 1 = 01, 255 = FF

printf("%sn", passHash);


Each byte takes 2 character in hex string, so you need to increase sprintf target buffer by 2. In addition, temp is the buffer that you are reading from, so your for loops should loops for sizeof(temp), not sizeof(passHash).



By the way, this is a sample code that shows your bug and I don't say this is best code.






share|improve this answer






















    Your Answer






    StackExchange.ifUsing("editor", function ()
    StackExchange.using("externalEditor", function ()
    StackExchange.using("snippets", function ()
    StackExchange.snippets.init();
    );
    );
    , "code-snippets");

    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "1"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53268631%2fhow-to-convert-sha1-return-value-to-ascii%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    4














    You are overwriting in your converted string in consecutive sprintf calls. Check this:



    char passHash[100] = 0,;
    for(i=0;i<sizeof(temp);i++)
    sprintf(passHash + i * 2, "%02x", temp[i]); // <-- each 2 bytes. e.g: 1 = 01, 255 = FF

    printf("%sn", passHash);


    Each byte takes 2 character in hex string, so you need to increase sprintf target buffer by 2. In addition, temp is the buffer that you are reading from, so your for loops should loops for sizeof(temp), not sizeof(passHash).



    By the way, this is a sample code that shows your bug and I don't say this is best code.






    share|improve this answer



























      4














      You are overwriting in your converted string in consecutive sprintf calls. Check this:



      char passHash[100] = 0,;
      for(i=0;i<sizeof(temp);i++)
      sprintf(passHash + i * 2, "%02x", temp[i]); // <-- each 2 bytes. e.g: 1 = 01, 255 = FF

      printf("%sn", passHash);


      Each byte takes 2 character in hex string, so you need to increase sprintf target buffer by 2. In addition, temp is the buffer that you are reading from, so your for loops should loops for sizeof(temp), not sizeof(passHash).



      By the way, this is a sample code that shows your bug and I don't say this is best code.






      share|improve this answer

























        4












        4








        4






        You are overwriting in your converted string in consecutive sprintf calls. Check this:



        char passHash[100] = 0,;
        for(i=0;i<sizeof(temp);i++)
        sprintf(passHash + i * 2, "%02x", temp[i]); // <-- each 2 bytes. e.g: 1 = 01, 255 = FF

        printf("%sn", passHash);


        Each byte takes 2 character in hex string, so you need to increase sprintf target buffer by 2. In addition, temp is the buffer that you are reading from, so your for loops should loops for sizeof(temp), not sizeof(passHash).



        By the way, this is a sample code that shows your bug and I don't say this is best code.






        share|improve this answer














        You are overwriting in your converted string in consecutive sprintf calls. Check this:



        char passHash[100] = 0,;
        for(i=0;i<sizeof(temp);i++)
        sprintf(passHash + i * 2, "%02x", temp[i]); // <-- each 2 bytes. e.g: 1 = 01, 255 = FF

        printf("%sn", passHash);


        Each byte takes 2 character in hex string, so you need to increase sprintf target buffer by 2. In addition, temp is the buffer that you are reading from, so your for loops should loops for sizeof(temp), not sizeof(passHash).



        By the way, this is a sample code that shows your bug and I don't say this is best code.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Nov 12 '18 at 19:27

























        answered Nov 12 '18 at 19:15









        Afshin

        2,9291624




        2,9291624



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53268631%2fhow-to-convert-sha1-return-value-to-ascii%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            這個網誌中的熱門文章

            How to read a connectionString WITH PROVIDER in .NET Core?

            Node.js Script on GitHub Pages or Amazon S3

            Museum of Modern and Contemporary Art of Trento and Rovereto