二进制文件的 php hash 如何工作

Question

looking at PHP tutorials and have this

hash ( string $algo , string $data , bool $binary = false )

i use other language and do hash and get the results, if i do not use hash bool as binary = true, if the hash binary = true, the results does not match. Here is my try for what I am doing example here

PHP Version

var_dump(hash('sha256', '1612466079678052nonce=1612466079678052', false)); 

CF Version

lcase(hash('1612466079678052nonce=1612466079678052', "SHA-256", "UTF-8"));

produces this result Results of PHP & CF

c0363f560d8df85b1f24d3f88e6f32a78370f55b0501a5b0c6d18d0009de2460 

now i will be setting the boolean value of hash of PHP to true

PHP Version:

var_dump(hash('sha256', '1612466079678052nonce=1612466079678052', true)); 

Results of PHP

�6?V ��[$���o2��p�[���э �$` 

Now Coldfusion

dump(toString(binaryDecode(lcase(hash('1612466079678052nonce=1612466079678052', "SHA-256", "UTF-8")),"base64"))); 

Results of CF

sM���z���[���ww����f��~��[ӝ5k��s�u��4��^ێ�

Can anyone spot the issue here what i am doing wrong to get the exact results as like PHP is doing

Answer 1

First: You are trying to output raw BINARY values as STRINGS ( printable characters ). If you you want to output raw BINARY data as STRING I suggest to use a proper encoding to do that (in both languages). Just printing/echoing/outputting raw BINARY data will always result with many unmapped characters or unidentified UTF-8 character '�'. Thus the data is not a readable printable character.

Second: Using the functions in PHP:

hash('sha256', '1612466079678052nonce=1612466079678052', false); 

and in CFML:

hash('1612466079678052nonce=1612466079678052', "SHA-256");

are the same because both output/echo a STRING representation of the binary HASH as HEX (hexadecimal data):

c0363f560d8df85b1f24d3f88e6f32a78370f55b0501a5b0c6d18d0009de2460

The raw BINARY format of that same data would be (here that data is a STRING represenstation of 0s and 1s):

1100000000110110001111110101011000001101100011011111100001011011000111110010010011010011111110001000111001101111001100101010011110000011011100001111010101011011000001010000000110100101101100001100011011010001100011010000000000001001110111100010010001100000  

If you set the 'set as binary' flag of the PHP hash function to 'true', you will output the above mentioned binary data plain to the output stream, while in CFML you are trying to "base64" decode the HEX string to obtain the raw binary data. That assumption is wrong. What you need to do is to convert the HASH to binary decode from HEX to binary first with:

binaryDecode(hash("1612466079678052nonce=1612466079678052", "SHA-256"),"hex");

If you use cfdump of Adobe's or Lucee's CFML to output the HASH as binary:

<cfscript>
    dump(binaryDecode(hash("1612466079678052nonce=1612466079678052", "SHA-256"),"hex"));
</cfscript>

, the engines will try to convert the raw binary data as STRING representation on it's own assumption. In Lucee you will see a base64 representation of the same binary data.

Because with your PHP var_dump function you are outputting the same raw binary data directly to the output stream, you need just to writeoutput that binary data in CFML with:

<cfscript>
writeoutput(binaryDecode(hash("1612466079678052nonce=1612466079678052", "SHA-256"),"hex"));
</cfscript>

What will have the same result:

�6?V ��[$���o2��p�[���э �$`