0

I have a Java code that hash several array of bytes. I'm trying to convert this code to PHP, but whatever I try my final hash is different.

The Java code (provided by a third party):

MessageDigest digest;
digest = MessageDigest.getInstance("SHA-256");

byte[] digestBytes;
byte[] cM = [158,116,27,162,197,2,176,250,41,54,95,61,64,126,102,222,103,190,2,233,223,230,66,131,120,10,248,199,46,248,52,93,6,150,121,132,8,130,72,224,26,125,85,240,16,99,15,14,182,187,225,48,35,9,1,250,126,173,94,187,85,83,106,148,233,105,219,101,177,250,66,218,224,193,114,144,59,211,64,206,49,183,111,58,156,200,175,190,254,219,148,71,116,1,77,181,127,46,223,248,51,166,64,61,227,161,7,167,116,113,177,156,139,178,88,89,232,57,58,196,67,97,42,5,114,134,147,199,157,233,186,49,196,20,145,191,52,212,179,162,160,17,215,82,153,4,226,25,212,250,213,111,42,134,227,198,246,110,157,201,39,222,232,196,120,12,203,189,77,211,79,110,197,227,190,4,145,90,203,178,157,206,255,242,142,37,104,239,138,234,56,252,173,98,58,152,141,242,130,136,77,248,248,189,235,144,231,136,137,167,80,172,43,38,77,109,22,81,191,61,90,23,59,220,48,144,104,229,162,186,31,173,52,97,176,35,213,7,217,224,156,163,185,249,96,197,69,50,47,45,64,95,101,133,187,223];
byte[] cE = [1,0,1];
byte[] sM = [222,65,253,234,66,194,53,104,75,194,217,168,58,72,163,25,120,109,184,190,188,201,5,57,43,52,147,209,222,49,169,181,211,202,157,206,153,184,61,225,148,175,51,48,175,149,3,67,142,183,123,160,222,251,88,151,14,101,191,156,195,248,188,73,50,228,59,105,248,117,240,131,204,178,16,159,144,98,148,96,32,195,79,8,62,221,31,249,221,241,249,13,70,148,188,1,173,175,204,24,68,249,246,163,194,77,72,50,185,15,115,253,203,14,249,173,65,219,5,25,71,83,32,242,52,200,97,171,160,47,42,188,190,169,216,207,33,83,97,230,111,188,51,75,129,217,25,16,168,34,73,219,214,0,225,106,40,41,237,22,119,231,246,117,179,53,202,36,163,118,22,79,114,67,66,221,93,58,241,23,123,28,239,199,124,183,78,55,243,137,246,0,72,196,40,128,65,252,78,19,52,41,183,84,34,123,173,63,88,128,200,132,123,182,255,98,167,235,106,176,222,129,210,232,145,136,75,68,152,192,177,253,115,57,115,65,116,175,46,174,115,191,105,218,254,105,182,213,70,47,53,219,32,233,104,255];
byte[] sE = [1,0,1];
byte[] nonce = [38,166];

digest.update(cM);
digest.update(cE);
digest.update(sM);
digest.update(sE);
digest.update(nonce);

digestBytes = digest.digest();
// I've been told the result should be : [38,126,166,123,158,41,83,110,160,92,148,34,0,235,126,62,88,10,13,229,0,141,125,7,84,155,11,90,107,52,188,217]

In PHP I tried dozens of things, but without success… See below one of the MANY MANY things I tried:

$cM = [158,116,27,162,197,2,176,250,41,54,95,61,64,126,102,222,103,190,2,233,223,230,66,131,120,10,248,199,46,248,52,93,6,150,121,132,8,130,72,224,26,125,85,240,16,99,15,14,182,187,225,48,35,9,1,250,126,173,94,187,85,83,106,148,233,105,219,101,177,250,66,218,224,193,114,144,59,211,64,206,49,183,111,58,156,200,175,190,254,219,148,71,116,1,77,181,127,46,223,248,51,166,64,61,227,161,7,167,116,113,177,156,139,178,88,89,232,57,58,196,67,97,42,5,114,134,147,199,157,233,186,49,196,20,145,191,52,212,179,162,160,17,215,82,153,4,226,25,212,250,213,111,42,134,227,198,246,110,157,201,39,222,232,196,120,12,203,189,77,211,79,110,197,227,190,4,145,90,203,178,157,206,255,242,142,37,104,239,138,234,56,252,173,98,58,152,141,242,130,136,77,248,248,189,235,144,231,136,137,167,80,172,43,38,77,109,22,81,191,61,90,23,59,220,48,144,104,229,162,186,31,173,52,97,176,35,213,7,217,224,156,163,185,249,96,197,69,50,47,45,64,95,101,133,187,223];
$cE = [1,0,1];
$sM = [222,65,253,234,66,194,53,104,75,194,217,168,58,72,163,25,120,109,184,190,188,201,5,57,43,52,147,209,222,49,169,181,211,202,157,206,153,184,61,225,148,175,51,48,175,149,3,67,142,183,123,160,222,251,88,151,14,101,191,156,195,248,188,73,50,228,59,105,248,117,240,131,204,178,16,159,144,98,148,96,32,195,79,8,62,221,31,249,221,241,249,13,70,148,188,1,173,175,204,24,68,249,246,163,194,77,72,50,185,15,115,253,203,14,249,173,65,219,5,25,71,83,32,242,52,200,97,171,160,47,42,188,190,169,216,207,33,83,97,230,111,188,51,75,129,217,25,16,168,34,73,219,214,0,225,106,40,41,237,22,119,231,246,117,179,53,202,36,163,118,22,79,114,67,66,221,93,58,241,23,123,28,239,199,124,183,78,55,243,137,246,0,72,196,40,128,65,252,78,19,52,41,183,84,34,123,173,63,88,128,200,132,123,182,255,98,167,235,106,176,222,129,210,232,145,136,75,68,152,192,177,253,115,57,115,65,116,175,46,174,115,191,105,218,254,105,182,213,70,47,53,219,32,233,104,255];
$sE = [1,0,1];
$nonce = [38,166];

function toHex($arr) {
  $chars = array_map("chr", $arr);
  $bin = join($chars);
  $hex = bin2hex($bin);
  return $hex;
}

$ctxHash = hash_init('SHA256');
hash_update($ctxHash, toHex($cM));
hash_update($ctxHash, toHex($cE));
hash_update($ctxHash, toHex($sM));
hash_update($ctxHash, toHex($sE));
hash_update($ctxHash, toHex($nonce));
$res = hash_final($ctxHash);

echo "[ ";
for ($i=0; $i<strlen($res); $i+=2) {
  echo hexdec($res{$i}.$res{$i+1}).", ";
}
echo " ]\n";
// result is => [ 27, 76, 45, 80, 123, 219, 71, 18, 245, 165, 109, 66, 156, 179, 42, 235, 25, 102, 206, 61, 200, 187, 198, 9, 185, 69, 138, 34, 56, 108, 8, 33 ]

It's been 2 days and I'm not able to find how to get the same result… Your help would be appreciated.

Note: the above code is a simplified version – in real life my variables are a Hex string (e.g. cM = "9e741ba2c502b0fa29365f3d407e66de67be02e9dfe64283780af8c72ef8345d06967984088248e01a7d55f010630f0eb6bbe130230901fa7ead5ebb55536a94e969db65b1fa42dae0c172903bd340ce31b76f3a9cc8afbefedb944774014db57f2edff833a6403de3a107a77471b19c8bb25859e8393ac443612a05728693c79de9ba31c41491bf34d4b3a2a011d7529904e219d4fad56f2a86e3c6f66e9dc927dee8c4780ccbbd4dd34f6ec5e3be04915acbb29dcefff28e2568ef8aea38fcad623a988df282884df8f8bdeb90e78889a750ac2b264d6d1651bf3d5a173bdc309068e5a2ba1fad3461b023d507d9e09ca3b9f960c545322f2d405f6585bbdf")

Thanks

Improve this question

1 Answer 1

Reset to default
1

The result that your third party provided is wrong. I pasted your java code into an editor and adjusted it so that it compiles:

public class Sha256 {
    public static void main(String[] args) throws NoSuchAlgorithmException {
        MessageDigest digest;
        digest = MessageDigest.getInstance("SHA-256");

        byte[] digestBytes;
        byte[] cM = b(158,116,27,162,197,2,176,250,41,54,95,61,64,126,102,222,103,190,2,233,223,230,66,131,120,10,248,199,46,248,52,93,6,150,121,132,8,130,72,224,26,125,85,240,16,99,15,14,182,187,225,48,35,9,1,250,126,173,94,187,85,83,106,148,233,105,219,101,177,250,66,218,224,193,114,144,59,211,64,206,49,183,111,58,156,200,175,190,254,219,148,71,116,1,77,181,127,46,223,248,51,166,64,61,227,161,7,167,116,113,177,156,139,178,88,89,232,57,58,196,67,97,42,5,114,134,147,199,157,233,186,49,196,20,145,191,52,212,179,162,160,17,215,82,153,4,226,25,212,250,213,111,42,134,227,198,246,110,157,201,39,222,232,196,120,12,203,189,77,211,79,110,197,227,190,4,145,90,203,178,157,206,255,242,142,37,104,239,138,234,56,252,173,98,58,152,141,242,130,136,77,248,248,189,235,144,231,136,137,167,80,172,43,38,77,109,22,81,191,61,90,23,59,220,48,144,104,229,162,186,31,173,52,97,176,35,213,7,217,224,156,163,185,249,96,197,69,50,47,45,64,95,101,133,187,223);
        byte[] cE = b(1,0,1);
        byte[] sM = b(222,65,253,234,66,194,53,104,75,194,217,168,58,72,163,25,120,109,184,190,188,201,5,57,43,52,147,209,222,49,169,181,211,202,157,206,153,184,61,225,148,175,51,48,175,149,3,67,142,183,123,160,222,251,88,151,14,101,191,156,195,248,188,73,50,228,59,105,248,117,240,131,204,178,16,159,144,98,148,96,32,195,79,8,62,221,31,249,221,241,249,13,70,148,188,1,173,175,204,24,68,249,246,163,194,77,72,50,185,15,115,253,203,14,249,173,65,219,5,25,71,83,32,242,52,200,97,171,160,47,42,188,190,169,216,207,33,83,97,230,111,188,51,75,129,217,25,16,168,34,73,219,214,0,225,106,40,41,237,22,119,231,246,117,179,53,202,36,163,118,22,79,114,67,66,221,93,58,241,23,123,28,239,199,124,183,78,55,243,137,246,0,72,196,40,128,65,252,78,19,52,41,183,84,34,123,173,63,88,128,200,132,123,182,255,98,167,235,106,176,222,129,210,232,145,136,75,68,152,192,177,253,115,57,115,65,116,175,46,174,115,191,105,218,254,105,182,213,70,47,53,219,32,233,104,255);
        byte[] sE = b(1,0,1);
        byte[] nonce = b(38,166);

        digest.update(cM);
        digest.update(cE);
        digest.update(sM);
        digest.update(sE);
        digest.update(nonce);

        digestBytes = digest.digest();
        System.out.print("[ ");
        for (int i = 0; i < digestBytes.length; i++) {
            System.out.format("%d, ", digestBytes[i] & 0xff);
        }
        System.out.print(" ]\n");
    }

    private static byte[] b(int...val) {
        byte[] result = new byte[val.length];
        for (int i = 0; i < val.length; i++) {
            result[i] = (byte)(val[i]);
        }
        return result;
    }
}

And that code gives a result of

[ 41, 248, 162, 75, 169, 252, 1, 239, 12, 250, 213, 238, 138, 137, 56, 54, 159, 183, 66, 79, 90, 228, 191, 39, 193, 159, 173, 238, 239, 95, 194, 40,  ]

Now your PHP code has one problem: the conversion from the bytes into the string that hash_update() needs does an extra bin2hex() conversion that the java code does not do.

If I change your toHex() function into a toBin() function:

function toBin($arr) {
  $chars = array_map("chr", $arr);
  $bin = join($chars);
  return $bin;
}

and use that function in the hash_update() calls:

$ctxHash = hash_init('SHA256');
hash_update($ctxHash, toBin($cM));
hash_update($ctxHash, toBin($cE));
hash_update($ctxHash, toBin($sM));
hash_update($ctxHash, toBin($sE));
hash_update($ctxHash, toBin($nonce));
$res = hash_final($ctxHash);

then I get the following result:

[ 41, 248, 162, 75, 169, 252, 1, 239, 12, 250, 213, 238, 138, 137, 56, 54, 159, 183, 66, 79, 90, 228, 191, 39, 193, 159, 173, 238, 239, 95, 194, 40, ]

which matches nicely with the output from java...

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks for the quick help! I'll check with the third party to see why his result is different.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.