Reputation: 101
Wrong HMAC using PHP 5.0.4
I'm trying to enable HMAC Hashing (SHA256) with PHP 5.0.4 and using phpseclib (to my knowledge in this case phpseclib relies on a native PHP spec), the sample code I'm using it's pretty simple:
include('Crypt/Hash.php');
$hash = new Crypt_Hash('sha256');
$hash->setKey('abcdefg');
echo bin2hex($hash->hash('something'));
it generates an HMAC with this string:
e678e33c727ddf7172d3521cf9c0c2a15b66e03eb96d77795fa4adb338dc24a9
But apparently, this string is invalid because doing the same with this online tools:
http://www.freeformatter.com/hmac-generator.html
http://beautifytools.com/hmac-generator.php
http://www.jetcityorange.com/hmac/
I get this string:
9a43ff294bdfed399e2d5a3d739a4efb7eccc23269b80b3f0d855937d35ae06f
What am I doing wrong?
Note: SHA1 encoding works perfectly.
Thanks in advance.
Upvotes: 0
Views: 527
Answers (1)
Reputation: 101
It was a problem related to float to int conversions on 32-bit Linux pre-PHP 5.3. Developers of phpseclib fixed the issue on version 1.0.4 & 2.0.4
Upvotes: 1
Related Questions
- HMAC-SHA-256 in PHP
- Unable to match results of php hash_hmac() and coldfusion hmac()
- hmac hash mismatch in PHP and Go
- SHA-1 hash for HMAC Generated in Objective C and PHP (hash_hmac) dont match
- SHA 1 hash_hmac wrong
- why PHP's hash_hmac('sha256') gives different result than java sha256_HMAC
- PHP and C# HMAC SHA256
- HMAC implementation failure
- php's hmac sha256 implementation mismatches java's one
- hmac_sha256 in php and c# differ