If you put the exact same data into SHA1 (or any other reasonable hashing algorithm), the exact same hash value will come out. It's only when you have different data (even as small as one bit) that a cryptographic hash will give a different output. Non-cryptographic hashing algorithms (such as the one used by Perl's hash data structure) may produce collisions for different data, which usually need to be handled by the program in question.

I am not experiencing that :(. Consider this code example:

# encrypts password using
# SHA-1 algorithm
my $sha1 = Digest::SHA1->new;

# reset algorithm
$sha1->hexdigest;

# encrypt
$salt = 1658087940;
my $secret = $sha1->sha1_hex($passwd . $salt);
[download]

Run in a shell script the hash is the same each time the salt and password are the same (as you said). However, when inserted into a web page (HTML::Mason but, on the same machine) the hash is different each time.

Neil Watson
watson-wilson.ca

I suspect there is somehow a bug in how you're getting the data from the web. Try printing out the hex encoding of the orginal string before you send it to the hash function to make sure you're putting in the exact same data each time.

----
I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
-- Schemer

: () { :|:& };:

Note: All code is untested, unless otherwise stated