I’m working on a little script that will allow me to store relatively secure information in a cookie to validate a user login without the use of sessions. Part of the output is an encrypted salt to use when generating a hmac_hash with some of the information stored in the cookie, and some of the user information in the database.

However, after some testing, I’ve ran into a problem with the encryption/decryption of the strings and causing different hash results.

ie:

$str = '123456abcdef';
$hash1 = sha1($str);

$v1 = do_encrypt($str);
$v2 = do_decrypt($v1);

$hash2 = sha1($v2);

and I end up with

$hash1 - d4fbef92af33c1789d9130384a56737d181cc6df 
$hash2 - 0d6034f417c2cfe1d60d263101dc0f8354a1216f

but when I echo both strings, they are both 123456abcdef.

The do_encrypt function is as follows:

function do_encrypt($value) {

    $salt = generate_salt();
    $td = mcrypt_module_open('rijndael-256', '', 'cbc', '');
    mcrypt_generic_init($td, $ek, $salt);
    $encrypted_data = mcrypt_generic($td, $value);

    mcrypt_generic_deinit($td);
    mcrypt_module_close($td);
    return base64_encode($salt.$encrypted_data);    
}

The do_decrypt function:

function do_decrypt($value) {

    $data = base64_decode($value);
    $salt = substr($data, 0, 32);
    $data = substr($data, 32, strlen($data));
    $td = mcrypt_module_open('rijndael-256', '', 'cbc', '');
    mcrypt_generic_init($td, $ek, $salt);
    $decrypted_data = mdecrypt_generic($td, $data);

    mcrypt_generic_deinit($td);
    mcrypt_module_close($td);
    return $decrypted_data;
}

for both functions $ek is an encryption key pulled from another file.

I’m trying to understand why the characters that display are the same, but the actual variables are different (otherwise the hash results would be the same), and is there any way to ensure that both strings are identical for hashing purposes?

Thanks,
Ryan.