If you have the license key in the DB why would you need to compare the hash, not the key itself?
Are you sure it's a hash of the key? It doesn't make sense to keep both the license key and it's hash in the DB.
Also hash may be hash of concatenation of several fields -e.g. license key + activation date + expiration date (just an example), so without knowing the hash function and what is hashed exactly it's difficult to calculate the hash
As to the passwords - it's not that simple question at all if it has to be done right
Maybe read https://crackstation.net/hashing-security.htm from gentle introduction
for example:
Looking at the source code - there is file
license-manager-for-woocommerce.zip\license-manager-for-woocommerce\includes\Crypto.php
they use sha256, but if I get it right they apply it on some encrypted string.
Encryption is done using https://github.com/defuse/php-encryption which is in
license-manager-for-woocommerce.zip\license-manager-for-woocommerce\vendor\defuse\php-encryption\docs
There is extensive documentation for that library.
Given the above I don't want to dive further into this plugin. There is API for the plugin, whay don't you use it for your needs (e.g. validate a key)?
Are you sure it's a hash of the key? It doesn't make sense to keep both the license key and it's hash in the DB.
Also hash may be hash of concatenation of several fields -e.g. license key + activation date + expiration date (just an example), so without knowing the hash function and what is hashed exactly it's difficult to calculate the hash
As to the passwords - it's not that simple question at all if it has to be done right
Maybe read https://crackstation.net/hashing-security.htm from gentle introduction
for example:
from hashlib import md5, sha256, sha512
key = 'def50200352f5dc4bd8181a9daebbf4f9177fe725111a5a479d64636d01c2a10074e0c645abe898dea18210af563a5334288420551ab61c18ca4506cd03aa5d2bdd40933ddf7ca4d4b61b1c0f58a3830cbe0891cf4ff526311d5d637a55a574eca2c3a1b487b56'
for hash_func in (md5, sha256, sha512):
print(hash_func(key.encode()).hexdigest())Output:e39f98acdcd52c6a5804d4f58f6a5219
d44607349c1d7d99d827cb58930883f800c54b0aa3b631179cb455ef05df808e
eed729e73dbcfc8ca05547a3e0c557b54d4051b823cb84a4a904505d6b57bbe5a3eae47f030f5b71342870d81ba1a5a18dd525b4b3a341d8bb7b38a1ce264768Looking at the source code - there is file
license-manager-for-woocommerce.zip\license-manager-for-woocommerce\includes\Crypto.php
they use sha256, but if I get it right they apply it on some encrypted string.
Encryption is done using https://github.com/defuse/php-encryption which is in
license-manager-for-woocommerce.zip\license-manager-for-woocommerce\vendor\defuse\php-encryption\docs
There is extensive documentation for that library.
Given the above I don't want to dive further into this plugin. There is API for the plugin, whay don't you use it for your needs (e.g. validate a key)?
If you can't explain it to a six year old, you don't understand it yourself, Albert Einstein
How to Ask Questions The Smart Way: link and another link
Create MCV example
Debug small programs
How to Ask Questions The Smart Way: link and another link
Create MCV example
Debug small programs
