ansaurus

Question

Why PHP's md5 is different from OpenSSL's md5?

Answer 1

+13 A:

There is only one way to compute MD5.

A blind guess is that the second one also includes a newline inside the string being hashed.

Yeh, verified it. That's it.

jdehaan 2010-07-02 23:07:37

That is weird, but `echo` returns a newline. Use `echo -n abc | openssl md5` to get the same output as the PHP version.

artlung 2010-07-02 23:12:42

Answer 2

+5 A:

echo normally adds a new line character at the end of the string it outputs; that is the reason the MD5 values are different.

Try with echo -n abc | openssl md5.

kiamlaluno 2010-07-02 23:10:55

Answer 3

+1 A:

As jdehaan notes, if you tell echo not output a newline, you get the answer you expect

echo -n "abc" | openssl md5
900150983cd24fb0d6963f7d28e17f72

Paul Dixon 2010-07-02 23:12:03

Answer 4

A:

FWIW, you're in good company making this mistake. This question has been asked several times on Stack Overflow, for example:

Bill Karwin 2010-07-03 00:23:46

well that makes me feel a bit better :) thnx :)

Alex N. 2010-07-14 03:27:58

Answer 5

+3 A:

As everyone noted, the problem is that echo prints an extra newline.

However, the solution proposed (echo -n) is not completely correct. According to the POSIX standard, "Implementations shall not support any options." You'll make the world a bit better if you don't use it. Use

printf %s abc | openssl md5

or simply

printf abc | openssl md5

Roman Cheplyaka 2010-07-03 01:20:59

The POSIX standard also says *If the first operand is `-n`, or if any of the operands contain a backslash ( `'\'` ) character, the results are implementation-defined.* (further down the same page) - it's the XSI extensions that say that -n must be handled as a normal string (and if the system is XSI-conforming, then you can use `echo "abc\c"` instead)

caf 2010-07-05 00:50:17

ansaurus

tags:

views:

answers:

Why PHP's md5 is different from OpenSSL's md5?

related questions