Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

MD5 hash differs in Java and PHP

Posted on 2007-12-06
9
Medium Priority
?
5,458 Views
Last Modified: 2008-03-19
I really need halp getting the Java MD5 and PHP MD5 yield the same result.

In PHP I simply use thins: md5($string);

In Java I use this:
try {
                  
                  //get
                  hash = snStr+authStr;
                  byte defaultBytes[] = hash.getBytes();
                  MessageDigest algorithm = MessageDigest.getInstance("MD5");
                  algorithm.reset();
                  algorithm.update(defaultBytes);
                  byte messageDigest[] = algorithm.digest();

                  StringBuffer hexString = new StringBuffer();
                  for (byte aMessageDigest : messageDigest) {
                    // We need to pad small values with an extra zero: http://forum.de.selfhtml.org/archiv/2005/10/t117779/
                    int val = 0xff & aMessageDigest;
                    if (val < 16)
                      hexString.append("0");
                    hexString.append(Integer.toHexString(val));
                  }
                  hash = hexString.toString();
            } catch (NoSuchAlgorithmException nsae) {
                  nsae.printStackTrace();
            }


I have also tried withouth the padding.

The even more strange thing is that for short strings the two MD5:s are the same but if the string to be hashed are longer than around 10 chars I will get two different results

Thank you very much for your help!
0
Comment
Question by:andtor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 86

Accepted Solution

by:
CEHJ earned 252 total points
ID: 20418711
Try
String hash = new java.math.BigInteger(1, messageDigest).toString(16);

Open in new window

0
 
LVL 9

Assisted Solution

by:arioh
arioh earned 249 total points
ID: 20418873
take a look at 2nd comment at http://ru2.php.net/manual/en/function.md5.php
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 20420333
Make sure that the same character encoding is being used in each case. hash.getBytes() will use the encoding of System.getProperty("file.encoding");
0
Build and deliver software with DevOps

A digital transformation requires faster time to market, shorter software development lifecycles, and the ability to adapt rapidly to changing customer demands. DevOps provides the solution.

 
LVL 92

Assisted Solution

by:objects
objects earned 249 total points
ID: 20424080
0
 

Author Comment

by:andtor
ID: 20440416
CEHJ: that yields exactly the same output. When I try System.getProperty("file.encoding"); I get Cp1252 back.

The problem is that the php side is already complete and will not be changed. I can see that MD5(string) has been used and not MD5(string, true). So I really need to make the Java side to create the same output as the php does. Any suggstions on how to do this?


0
 
LVL 92

Expert Comment

by:objects
ID: 20440439
did u try the code i posted?

> byte defaultBytes[] = hash.getBytes();

also try changing that to:

byte defaultBytes[] = hash.getBytes("UTF8");
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 20440509
Can we have some side-by-side examples of input/output on both please
0
 

Author Comment

by:andtor
ID: 20440540
Hello. Have got access to the php code now and can see that the php programmer did not actually follow the specification (did not make all chars to lowercase bfore md5...) Sorry to have bothereed u with this, was extremely painfull to sort out the bug when I could not see the php code.

Please divide the points equally to the once that tried to help me.
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 20440644
>>Please divide the points equally to the once that tried to help me.

You'll have to do that i'm afraid ;-)
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
The viewer will learn how to dynamically set the form action using jQuery.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question