What is PHP sha1_file() Function?
Hash or hashing is a mathematical process that converts a variable size data to a fixed length string. If you want to calculate the SHA-1 (Secure Hash Algorithm 1) hash of a file use PHP sha1_file() function. The resulting hash is either a 40-character hexadecimal value or a 20-byte raw binary format.
How does PHP sha1_file() Function Works?
Conceptually, the function follows the following steps to compute the hash-
- The function reads the content of the file.
- It converts the input string into binary data (ASCII/bytes).
- It pads the data with 1 and 0s and then, it broken into 512-bit blocks each (As sha1 must work in 512-bit blocks).
- It initializes the hash value with 5 fixed constants – H0, H1, H2, H3, H4.
- Each block goes through 80 rounds of operations (AND, OR, XOR and ROTATE).
- Finally, concatenating all five registers to form the final hash.
Syntax:
sha1_file(filename, binary)
Parameters:
The Function has 1 required parameter and 1 optional parameter-
filename (Required): It specifies the path to the file.
binary (Optional): It specifies a Boolean value-
- TRUE – If it is TRUE, the function returns a 20 byte raw binary format string.
- FALSE (default) – If it is FALSE, the function returns a 40 character long hexadecimal string.
Return Values:
The function returns-
- sha1 hash of a string on success or
- FALSE on failure.
Examples:
Example 1:
<?php
$hash = sha1_file("file2.txt");
echo "sha1 hash is: $hash and its length is: " . strlen($hash);
?>
Output:
sha1 hash is: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 and its length is: 40
Example 2: Running sha1_file of an empty file-
<?php
$hash = sha1_file("file2.txt");
echo "sha1 hash of an empty file is: $hash and still its length is: " . strlen($hash);
?>
Output:
sha1 hash of an empty file is: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 and still its length is: 40
Example 3:
<?php
$hash = sha1_file("file2.txt", TRUE);
echo "Raw binary format of the sha1 hash of a file is: $hash and its length is: " . strlen($hash);
?>
Output:
Raw binary format of the sha1 hash of a file is: [�a�ɹ??�%
l�3~�� and its length is: 20
Example 4: Comparing a string and its hash-
<?php
$string = "password";
$savedHash = "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8"; // sha1 hash of "password".
if (sha1_file("file2.txt") === $savedHash){
echo "Hash matched. The file & the hash are same.";
} else {
echo "Hash not matched. The file & the hash are not same.";
}
?>
Output:
Hash matched. The file & the hash are same.
Note on sha1_file() Function:
- This function works same as sha1() file. Instead of hashing a string, the sha1_file() function hashes the entire content of a file.
- The function does not hash the filename, instead, it hashes the content inside the file.
- It is a one-way operation. You cannot “decrypt” a SHA-1 hash back into the original string.
Practical Usages of sha1_file() Function:
- This function is used to check integrity of a file (to know whether the file has been changed or not).
- This function is particularly useful for verifying that a file hasn’t been corrupted during the transfer.
- It can also be used to verify data. But, keep in mind that it doesn’t ensure security of the data.
- This function can also be used for generating unique identifiers.
Caution:
This function is not recommended to use for password security as from two different inputs, the function can create same hash). To generate secure password, use the these function instead – password_hash() and password_verify()..These function use Bcrypt or Argon2 which are much more secure.
PHP Version Support:
PHP 4 >= 4.3.0, PHP 5, PHP 7, PHP 8
Summary: PHP sha1_file() Function
sha1_file() function is one of the built-in string functions in PHP. It is a fast and insecure function. Use this function to create 40-character long hexadecimal of a string.