Meraki describes the hash algorithm in pseudocode:
hash(mac bytes, org secret) =
SHA1(mac bytes ++ org secret).takeRight(4)
where:
++ indicates concatenation;
takeRight(4) returns the least significant 4 bytes of the SHA1; and
org secret is a per-customer salt.
Example:
client MAC is 11:22:33:44:55:66
org secret is t3lrdd
least significant 4 bytes of SHA1(112233445566t3Irdd) = 0x0e456406
I'm not sure why you would want to implement this yourself, but here's an example in Node.js
var crypto = require('crypto');
merakiHash('11:22:33:44:55:66', 't3Irdd');
function merakiHash(mac, secret) {
var sha1 = crypto.createHash('sha1');
var macBytes = mac.replace(/:/g, '');
sha1.update(Buffer.from(macBytes, 'hex'));
sha1.update(secret);
var hashResult = sha1.digest('hex').slice(-8);
console.log('least significant 4 bytes of SHA1(' + macBytes + secret + ') = 0x' + hashResult);
return hashResult;
}
For any Meraki people following along, would you mind updating the docs? The comment in your pseudocode uses a different org secret than the example, which made this a little more painful than it should have been. "t3lrdd" is not the same as "t3Irdd".