为什么我在C ++和PHP SHA256哈希之间得到不同的结果?

时间:2014-11-08 17:49:51

标签: php c++ hash sha256

我正在尝试在PHP中生成SHA256哈希,它将存储在数据库中并用于C ++程序的身份验证。

在php中,哈希看起来像这样:

$mail = strtoupper(utf8_decode('tester@tester.com'));
$password = strtoupper(utf8_decode('password'));

$email = hash_init('sha256');
         hash_update($email, $mail);
$mail  = strtoupper(hash_final($email)); // In C++ the output is uppercase

$sha   = hash_init('sha256');
         hash_update($sha, $mail);
         hash_update($sha, ':');
         hash_update($sha, $password);
$pass  = hash_final($sha);

或写另一种方式:

$pass = hash('sha256', strtoupper(hash('sha256', $mail)).':'.$password);

在C ++中,过程如下所示:

Utf8ToUpperOnlyLatin(email);
Utf8ToUpperOnlyLatin(password);

SHA256Hash email;
email.UpdateData(name);
email.Finalize();

SHA256Hash sha;
sha.UpdateData(ByteArrayToHexStr(email.GetDigest(), email.GetLength()));
sha.UpdateData(":");
sha.UpdateData(password);
sha.Finalize();

return ByteArrayToHexStr(sha.GetDigest(), sha.GetLength(), true);

方法:

std::string ByteArrayToHexStr(uint8 const* bytes, uint32 arrayLen, bool reverse /* = false */)
{
    int32 init = 0;
    int32 end = arrayLen;
    int8 op = 1;

    if (reverse)
    {
        init = arrayLen - 1;
        end = -1;
        op = -1;
    }

    std::ostringstream ss;
    for (int32 i = init; i != end; i += op)
    {
        char buffer[4];
        sprintf(buffer, "%02X", bytes[i]);
        ss << buffer;
    }

    return ss.str();
}

bool Utf8ToUpperOnlyLatin(std::string& utf8String)
{
    std::wstring wstr;
    if (!Utf8toWStr(utf8String, wstr))
        return false;

    std::transform(wstr.begin(), wstr.end(), wstr.begin(), wcharToUpperOnlyLatin);

    return WStrToUtf8(wstr, utf8String);
}

SHA256Hash::SHA256Hash()
{
    SHA256_Init(&mC);
    memset(mDigest, 0, SHA256_DIGEST_LENGTH * sizeof(uint8));
}

void SHA256Hash::UpdateData(const uint8 *dta, int len)
{
    SHA256_Update(&mC, dta, len);
}

void SHA256Hash::UpdateData(const std::string &str)
{
    UpdateData((uint8 const*)str.c_str(), str.length());
}

void SHA256Hash::Initialize()
{
    SHA256_Init(&mC);
}

void SHA256Hash::Finalize(void)
{
    SHA256_Final(mDigest, &mC);
}

使用这两种方法的输出是:

C++: 09FEBAB417CF2FA563AC89963519CCAC53D5F556F8BF20D7EEB818A0584A514E
PHP: 4e514a58a018b8eed720bff856f5d553accc19359689ac63a52fcf17b4bafe09

如果我要交换

$mail  = strtoupper(hash_final($email)); // In C++ the output is uppercase


$mail  = hash_final($email);

PHP输出将是

89ba15a964331258bcc763f44473c492854bf9c2694cc2306da64ccef8ffeab2

为什么我不能让PHP和C ++产生相同的结果?

谢谢。

1 个答案:

答案 0 :(得分:1)

C ++实现使用了哈希返回的字节的倒数。这两种方法都是正确的,但产出与次要监督不匹配。感谢Geoffliu指出这一点。

相关问题
最新问题