Is there a way to generate same Hmac hash output from PHP as done with nodejs?

Following is my nodejs function for creating HMAC hash –

function hash() {
    key = "hello";
    msg = "Hello";
    var hmac = crypto.createHmac('sha256', key);
    hmac.update(msg, 'utf8');
    var digest = hmac.digest();
    console.log('---hash =======>' + digest);
    return digest;
}

function hmacHex(key, msg) {
    var hmac = crypto.createHmac('sha256', key);
    hmac.update(msg, 'utf8');
    var digest = hmac.digest('hex');
    console.log('---hmacHex ====>' + digest);
    return digest;
}

var res = hash();
hmacHex("hello", res);

JavaScript
​x
 
function hash() {    key = "hello";    msg = "Hello";    var hmac = crypto.createHmac('sha256', key);    hmac.update(msg, 'utf8');    var digest = hmac.digest();    console.log('---hash =======>' + digest);    return digest;}​function hmacHex(key, msg) {    var hmac = crypto.createHmac('sha256', key);    hmac.update(msg, 'utf8');    var digest = hmac.digest('hex');    console.log('---hmacHex ====>' + digest);    return digest;}​var res = hash();hmacHex("hello", res);​​

OUTPUT FROM hash() => }/�(K=�����('�Zt�h�D�Z��@ywڦ�

OUTPUT FROM hmaxHex() => 692a18bd347476d28300e579794ba799cda80625191ef71783fce95692c2b6f9

JavaScript
 
OUTPUT FROM hash() => }/�(K=�����('�Zt�h�D�Z��@ywڦ�​OUTPUT FROM hmaxHex() => 692a18bd347476d28300e579794ba799cda80625191ef71783fce95692c2b6f9​

Following is my PHP equivalent code for generating above mentioned output –

class Signature{

public function hash()
    {
        $key = "hello";
        $msg = "Hello";
        $hash = hash_hmac('sha256', utf8_encode($msg), $key, true);
        error_log('---hash ===>'.$hash);
        return $hash;
    }

public function hmacHex($msg)
    {
        $key = "hello";
        $hash = hash_hmac('sha256', utf8_encode($msg), $key, false);
        error_log('---hmacHex ===>' . $hash);
        return $hash;
    }
}

$obj = new Signature();

$res = $obj->hash();
$obj->hmacHex($res);

JavaScript
 
class Signature{​public function hash()    {        $key = "hello";        $msg = "Hello";        $hash = hash_hmac('sha256', utf8_encode($msg), $key, true);        error_log('---hash ===>'.$hash);        return $hash;    }​public function hmacHex($msg)    {        $key = "hello";        $hash = hash_hmac('sha256', utf8_encode($msg), $key, false);        error_log('---hmacHex ===>' . $hash);        return $hash;    }}​$obj = new Signature();​$res = $obj->hash();$obj->hmacHex($res);​

OUTPUT FROM hash() => }/?(K=?????('?Zt?h?D?Z??@ywڦ?

OUTPUT FROM hmacHex => d920859abc579a070f2f8177e71d8431955784c8ed1d596b3364871ba35b5951

JavaScript
 
OUTPUT FROM hash() => }/?(K=?????('?Zt?h?D?Z??@ywڦ?​OUTPUT FROM hmacHex => d920859abc579a070f2f8177e71d8431955784c8ed1d596b3364871ba35b5951​

From the outputs, it is clear that in nodejs I am getting replacement characters whereas in PHP it appears as a question mark.

I am trying to generate exactly the same output from my PHP code so that when the outputs are rehashed it should be the same.

Answer

I’ll update my answer to reflect your code changes. Thanks to @Topaco for resolving the issue.

php

class Signature {

    public function hash()
    {
        $key = "hello";
        $msg = "Hello";
        $hash = hash_hmac('sha256', $msg, $key, true);
        error_log('---hash ===>'.$hash);
        return $hash;
    }

    public function hmacHex($msg)
    {
        $key = "hello";
        $hash = hash_hmac('sha256', $msg, $key, false);
        error_log('---hmacHex ===>' . $hash);
        return $hash;
    }
}

$obj = new Signature();

$res = $obj->hash();
$obj->hmacHex($res);

JavaScript
 
class Signature {​    public function hash()    {        $key = "hello";        $msg = "Hello";        $hash = hash_hmac('sha256', $msg, $key, true);        error_log('---hash ===>'.$hash);        return $hash;    }​    public function hmacHex($msg)    {        $key = "hello";        $hash = hash_hmac('sha256', $msg, $key, false);        error_log('---hmacHex ===>' . $hash);        return $hash;    }}​$obj = new Signature();​$res = $obj->hash();$obj->hmacHex($res);​

node

class Signature {

    public function hash()
    {
        $key = "hello";
        $msg = "Hello";
        $hash = hash_hmac('sha256', $msg, $key, true);
        error_log('---hash ===>'.$hash);
        return $hash;
    }

    public function hmacHex($msg)
    {
        $key = "hello";
        $hash = hash_hmac('sha256', $msg, $key, false);
        error_log('---hmacHex ===>' . $hash);
        return $hash;
    }
}

$obj = new Signature();

$res = $obj->hash();
$obj->hmacHex($res);

JavaScript
 
class Signature {​    public function hash()    {        $key = "hello";        $msg = "Hello";        $hash = hash_hmac('sha256', $msg, $key, true);        error_log('---hash ===>'.$hash);        return $hash;    }​    public function hmacHex($msg)    {        $key = "hello";        $hash = hash_hmac('sha256', $msg, $key, false);        error_log('---hmacHex ===>' . $hash);        return $hash;    }}​$obj = new Signature();​$res = $obj->hash();$obj->hmacHex($res);​

php output:

---hash ===>}/(K=('ZthDZ@ywڦ
---hmacHex ===>692a18bd347476d28300e579794ba799cda80625191ef71783fce95692c2b6f9

JavaScript
 
---hash ===>}/(K=('ZthDZ@ywڦ---hmacHex ===>692a18bd347476d28300e579794ba799cda80625191ef71783fce95692c2b6f9​

Node.js output:

---hash =======>}/�(K=�����('�Zt�h�D�Z��@ywڦ�
---hmacHex ====>692a18bd347476d28300e579794ba799cda80625191ef71783fce95692c2b6f9

JavaScript
 
---hash =======>}/�(K=�����('�Zt�h�D�Z��@ywڦ�---hmacHex ====>692a18bd347476d28300e579794ba799cda80625191ef71783fce95692c2b6f9​

Advertisement

Answer