[TriLUG] MD5 silly question

[Brent Verner]

[2004-07-08 10:43] Brian Henning said:
| Hi y'all,
|   I'll readily admit that MD5 is quite FM to me yet, but this particular
| thing struck me as odd...  I have a php script which uses the php md5(...)
| function, and a Java app that uses the MD5 functionality of the
| java.security.MessageDigest class.  When I create a hash (of a password
| string, in this case) using the php script and compare it to the hash of the
| same string created by the Java app, they're not the same.  I always sort of
| thought a hash was a hash, and as long as the input was the same, the output
| would be the same...  Would someone mind giving me just a brief explanation
| (I'm not asking for anything in-depth here) of why two different MD5
| programs (for lack of a better word) would generate different hashes for the
| same input?  Could it be something like salting?

encoding.  Java's MessageDigest does not hex encode the output
as, I believe, php's md5 is doing.


import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class MD5 {

    /* returns hex encoded md5 cipher of input string */

    public static String crypt(String str)
    throws NoSuchAlgorithmException, IllegalArgumentException
    {
        MessageDigest digester;
        digester = MessageDigest.getInstance("MD5");
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException("String to cipher cannot be null or zero length");
        }

        digester.update(str.getBytes());
        byte[] hash = digester.digest();
        StringBuffer hexString = new StringBuffer();
        for (int i = 0; i < hash.length; i++) {
            if ((0xff & hash[i]) < 0x10) {
                hexString.append("0" + Integer.toHexString((0xFF & hash[i])));
            }
            else {
                hexString.append(Integer.toHexString(0xFF & hash[i]));
            }
        }
        return hexString.toString();
    }
}