Converting PHP hash to CF

Report · Sep 07, 2023

Hello. I'm hoping someone can help me convert some PHP hash code to CF (2018). I'm confused by PHPs hash_init, hash_hmac, hash_update and hash_final.

// PHP
  $sha256_hash  = hash_init("sha256",HASH_HMAC,$secret);
  hash_update($sha256_hash,$hash_string);
  $signature = hash_final($sha256_hash);

I'm having a hard time wrapping my head around the three steps being done here and what the HASH_HMAC contstant is in PHP (yes, I've Googled...).

I've taken a few stabs at it in CF with HASH and HMAC but am coming up empty.

<CFSET signature = lcase(hmac(hash_string, secret, "HMACSHA256")) >

Any thoughts?

Thanks,

John.

Report · Sep 10, 2023

The PHP code,

$secret="123";
$hash_string="The quick brown fox jumped over the lazy dog.";
$sha256_hash  = hash_init("sha256",HASH_HMAC,$secret);
hash_update($sha256_hash,$hash_string);
$signature = hash_final($sha256_hash);
echo $signature;

and the following ColdFusion code,

secret="123";
hash_string="The quick brown fox jumped over the lazy dog.";
signature=lCase(hmac(hash_string,secret,"HMACSHA256"));
writeOutput(signature);

have the same output, which is: fb5d860dae8cd951827983f9581807771f31c584541595264eed0615ec86ae78

See a similar question from last year: https://community.adobe.com/t5/coldfusion-discussions/php-base64-encode-hash-hmac-to-tobase64-hmac/m...

Converting PHP hash to CF

Photos