When using MD5 to encrypt numbers, the results are inconsistent

Question

When using MD5 to encrypt numbers, the results are inconsistent

zhubinsheng opened this issue 4 years ago · 7 comments

When I encrypt 100 with MD5, the result is as follows:

I/ReactNativeJS: .md5(100)===>', '30a771fb83c2f5000a74d41689f19c76'

I found in the source code, the number will be converted into a string, as follows

md5 = function (message, options) {

else if (isBuffer(message))

**else if (! Array.isArray (message) && message.constructor !== Uint8Array)

message = message.toString ();**

// else, assume byte array already

I spent three days trying, but I still couldn't find the same method as the above results in Java. I converted the number into a byte array in Java code, and then put it into the MD5 encryption provided by Apache. The returned result is the same as the result of encrypting the string "100" in this library, but I can't get the numerical result

Answer 1 · 2020-12-07T20:13:50.000Z

same thing here, please any update ?!

Answer 2 · 2020-12-07T21:03:55.000Z

I guess that you could extract the raw bytes from the number 100 (probably as a double) and hash that. But I'm not sure what you're trying to do? It doesn't make any sense to me why you would want to hash the numerical value in the first place.

Answer 3 · 2020-12-07T21:05:05.000Z

And how is Java relevant here?

Answer 4 · 2020-12-07T21:21:47.000Z

the problem present when we try to check a MD5 hash generated in php code, par example in php it is possible to generate a MD5 with type number ex: md5(10.20), and when i try to generate the same MD5 hash in js it give me another result, i try also to convert the number in js into Buffer(4096) (default number size in php), but i still have wrong md5 hash, i can't check the md5 hash generated in php by type number in my code node-js, thanks for helping

Answer 5 · 2020-12-08T06:02:02.000Z

I highly doubt that PHP uses a buffer of 4096 bytes for every number.

It's quite simple: if you have anything that isn't a string or byte array, convert it to one of those types before hashing in both languages. This way, you can make sure the result will be comparable. (For strings the charset will also be relevant, so make sure to use the same for both.)

I think I should've thrown exceptions on any other types, but now many rely on the current behavior, so I can no longer break the API.

Answer 6 · 2020-12-08T10:23:18.000Z

@pvorb thank you a lot,

some time we don't have the chose in others servers to manage the hash process,
but finally i successfully emit the MD5 hash in (PHP, java, ..etc) by storing the number into a buffer, like this

md5( Buffer.from(String(number), "utf-8") )

it's the right way to get a MD5 hash code of numerical data, similar to the others languages

@zhubinsheng

Answer 7 · 2021-02-11T23:56:08.000Z

Closing as I think the confusion around this was resolved.