How to create password with hash SHA256 in php

[Trsak]

Hi there, how can i create password with this hash? I use this: $salt = $this->generateRandomString(); //generates 16-characters long string $pass = '$SHA$'.$salt.'$'.hash('sha256', hash('sha256', $values["password"]).$salt);

Hash it generates from "text": $SHA$eb7475b7162066ce$eebd78342c9130e21d80a58966b1120d4f0eed5898e431750c62e7acd22b36e4

But when i try login on server with /login text, it says wrong pass

[sgdc3]

This isn't an AuthMe issue, just use google -_- http://lmgtfy.com/?q=sha256+with+php

[Xephi]

Nah, AuthMe SHA 256 is different from a simple SHA 256 :)

http://dev.bukkit.org/bukkit-plugins/authme-reloaded/pages/web-site-integration/

[sgdc3]

@Xephi Ah sorry :)

[Xephi]

Pure PHP or do you use any framework?

[Trsak]

I'm using Nette framework. Really wierd, can't find what's bad

[FoxColdMetal]

In order to be compatible with the custom SHA256 hash generation algorithm used by Authme, you should know in advance the same salt used by Authme and use it to generate your hash, even for the same plain password. To generate a standard SHA256 hash you need only the input password, but for an Authme hash you need two input values: the input password and a salt. This seems to be the only way to get the same hash for the same plain password (text), which makes both difficult to find it out (fine) and generate a valid hash externally (fine but non-interoperable).

I was dealing with this before, and what I do is parsing the hash stored in the Authme backend, extract the salt and use it to generate the hash with the password, and then compare the stored hash with the new one generated. If they match, passwords are the same. As far as I have seen, is the same purposed procedure in the Authme WebSite Integration page, which @Xephi referred.

@Trsak, the code you have posted is correct, but $salt must be the same salt value from the already existing Authme hash.

[sgdc3]

@Trsak Any news about your issue?