Hi,

Before I start, I want to apologise for mixing a unix and Java. I
wasn't really sure which group to post in, but figured that seeing as
my query ultimately involves unix tools, it should go in here.
However, if someone knows of a better group for this, please let me
know!

I am trying to write a script (KSH) that takes in a list of passwords
and returns a list hash equivalents. From what I have gleaned on the
interweb, I should be using openssl and associated utilities, which I
have been doing and creating hashes quite nicely.

The problem is that I cannot get the hash result of TDS123 to equal
that of the hash result from the following Java code:

public static String hashPassword(String password) {
MessageDigest md = null;

try { md = MessageDigest.getInstance("MD5"); }
catch (NoSuchAlgorithmException e) { // Ignore this error as
we have hard-coded the algorithm }

md.update(password.getBytes());
byte[] digestedPwdBytes = md.digest();
String digestedPwdString = new
String(Util.encodeBase64(digestedPwdBytes));
// Base64.encode
return digestedPwdString.trim();
}

The Hash returned by the above Java code is: zZyZDPFGJ4emgl4gi1+Mmg==
and no matter how many different combinations I try, I cannot get the
*nix output to be the same.

Any ideas or advice would be very much appreciated!

Cheers

Tim

On 16 Mai, 13:36, Prince Al <timothy.h...@gmail.com> wrote:
> Hi,
>
> Before I start, I want to apologise for mixing a unix and Java. I
> wasn't really sure which group to post in, but figured that seeing as
> my query ultimately involves unix tools, it should go in here.
> However, if someone knows of a better group for this, please let me
> know!

The group is okay for the shell part; unfortunately you haven't
included any shell code at all.

> I am trying to write a script (KSH) that takes in a list of passwords
> and returns a list hash equivalents. From what I have gleaned on the
> interweb, I should be using openssl and associated utilities, which I
> have been doing and creating hashes quite nicely.
>
> The problem is that I cannot get the hash result of TDS123 to equal
> that of the hash result from the following Java code:
>
> public static String hashPassword(String password) {
> MessageDigest md = null;
>
> try { md = MessageDigest.getInstance("MD5"); }
> catch (NoSuchAlgorithmException e) { // Ignore this error as
> we have hard-coded the algorithm }
>
> md.update(password.getBytes());
> byte[] digestedPwdBytes = md.digest();
> String digestedPwdString = new
> String(Util.encodeBase64(digestedPwdBytes));
> // Base64.encode
> return digestedPwdString.trim();
> }
>
> The Hash returned by the above Java code is: zZyZDPFGJ4emgl4gi1+Mmg==
> and no matter how many different combinations I try, I cannot get the
> *nix output to be the same.
>
> Any ideas or advice would be very much appreciated!

Above output is the base64 encoded MD5 hash of "TDS123", right?

All I can suggest is to inspect each input and output for all
processing steps (MD5 and base64), once for your Java code and
once for the tools you use in your shell code.

If you can't find the problem then, provide more information; all
input/output data (incl. intermediate results), the concrete tools
used, the calling syntax you used.

Janis

>
> Cheers
>
> Tim

Prince Al wrote:

> The Hash returned by the above Java code is: zZyZDPFGJ4emgl4gi1+Mmg==
> and no matter how many different combinations I try, I cannot get the
> *nix output to be the same.

Well, what is the Unix output? If two things aren't matching when they
should, the you have to look at both of them to make sure you're doing
it right. MD5 hashes are often stored in hex form, not base 64, for one
thing. (And yes, as pointed out, this has nothing to do with Unix shells.)

--
Erik Max Francis && max@alcyone.com && http://www.alcyone.com/max/
San Jose, CA, USA && 37 20 N 121 53 W && AIM, Y!M erikmaxfrancis
Thousands have lived without love, not one without water.
-- W.H. Auden