0

I've got a piece of javascript which someone has written to convert an ID into a particular hashed ID used by a program.

Note that the javascript output cannot be changed. It replicates the hashing done by the above mentioned 3rd-party program. I am trying to likewise replicate the hashing in PHP.

My aim is to convert this into PHP, so I can run the conversion in some back-end scripts.

However, it uses the cryptoJS library, and I can't find a way to convert it to PHP properly, as the MD5 in cryptoJS seems to have an array passed to it, and the PHP MD5 is passed a string. See below for some code examples

What they have (javascript)

var id = bigInt(12345678912345678);
var parts = [0x42,0x45,0,0,0,0,0,0,0,0];

for (var i = 2; i < 10; i++) {
    var res = id.divmod(256);
    id = res.quotient; 
    parts[i] = res.remainder.toJSNumber();
}

var wordArray = CryptoJS.lib.WordArray.create(new Uint8Array(parts));
$("#newid").val(CryptoJS.MD5(wordArray));

What I've got in PHP

$id = 12345678912345678;
$parts = [0x42,0x45,0,0,0,0,0,0,0,0];

for ($i=2; $i < 10; $i++){
    $quo = (int)($id / 256);
    $rem = $id % 256;
    $id = $quo;
    $parts[$i] = $rem;
}

$hash = md5($parts);
echo $hash;

This of course, returns an error due to MD5 not taking an array.

I've tried something simple such as join()ing the array, but that doesn't return the same hash.

I've had a look into the cryptoJS library, and I've done tons of google searches, and looked through SO (inc: Generate the same MD5 using javascript and PHP , SHA512 hashes differ on android, php and javascript etc) but can't seem to find anything which answers this question.

I have a feeling that the issue is me not understanding exactly what the wordArray is passing into the MD5 (and thus not being able to reproduce properly in PHP)... but I'm not familiar enough with the cryptoJS library to be sure.

Some output...

ID used: 12345678912345678

using join('',$parts)
PHP: d378d1609e6a2854b129b012aa6363ea
JS: 61bb919806ee7c4ad6f781b49a89dfcf

using json_encode($parts)
PHP: 3e2393c173558194b6ba1bbedc9314e1
JS: 61bb919806ee7c4ad6f781b49a89dfcf
Community
  • 1
  • 1
Kieran
  • 752
  • 1
  • 10
  • 24
  • http://stackoverflow.com/questions/10856743/identical-md5-for-js-and-php?rq=1 – Tschallacka May 18 '15 at 06:48
  • I've checked the character encoding. I think it has something to do with me not passing the right value to the MD5, but not sure – Kieran May 18 '15 at 08:00
  • can you try to convert them to json before enconding them? JSON.stringify in js and json_encode in php. That way you know it'll be an exactly identical string on both sides and you don't deal with issues like 64 bit vs 32 bit vs 16 bit. – Tschallacka May 18 '15 at 08:03
  • Edited with outputs. Note that I am not touching the JS code, as that gives the required output. I'm trying to get the PHP output to match – Kieran May 18 '15 at 08:18
  • You need to come to an equilibrium where php and js match. Can you please try touching the js code? – Tschallacka May 18 '15 at 08:22
  • I can, but if the JS gives me a different output then this for the same ID, it's then useless to me, as I need it to give the output it currently gives. (3rd party program uses the hashed ID's for ban management, and I can only get the non-hashed ID's from the server - thus trying to write a script to emulate whatever conversion this third-party program does so I can link the ban hashed ID's to the players non-hashed ID's myself) – Kieran May 18 '15 at 08:32
  • ah. now the purpose is clear. So the javascript gives the proper md5 and php doesnt for the 3rd party application. is that correct? If this is correct please update your question with this information, so people will know the javascript output is leading because of the 3rd party app it needs to be compatible with. – Tschallacka May 18 '15 at 09:09
  • I mention it at the top, but I was obviously not clear enough. My apologies :) Will update that now. – Kieran May 18 '15 at 11:33

0 Answers0