drrngrvy has asked for the wisdom of the Perl Monks concerning the following question:

Greetings monks,

I'm pretty new to perl, but I've just managed to make a 'fully funcional' user/identifier script. The only problem I have left is with the Digest module and after searching long and experimenting hard I don't know what the problem is exactly.

I've bascially got two related calls to md5_hex() in the script: one for registering a new name (ie. turning the pass into a hash) and the second for creating a hash when comparing it against the DB, for logging in.

The problem is that the two separate calls to the function (using the same values of course - and I've checked that so many times...) create different hashes. Not only that, but any changes in the script itself causes the md5 function to create different hashes.

Suprisingly, after submitting a login call, the first hash is different to the hash created after refreshing the page (which is the same for all subsequent refreshes). Now, I've sniffed my packets and I know that both outgoing packets are identical in the information they send... which makes it strange that all refreshes of the login script create the same hash, which is different from the first one.

I can't find an answer anywhere else and with no whiff of help from the actual documentation/source code I have trecked to the mountain. Has anyone got any advice?

Cheers

Replies are listed 'Best First'.
Re: Digest md5 scratcher
by thor (Priest) on Apr 20, 2005 at 07:46 UTC
    One of the properties of hashes is that given the same input, a hashing algorithm will produce the same output. Guaranteed. Given that you're getting different output, that means that your input is different somehow. As a debugging mechanism, try printing the input value along with its hashed value. Something like: 
    use Digest::MD5 qw(md5_hex);
my $var = "foobar";
print join("::", $var, md5_hex($var)), "\n";

    [download]
    My guess is that you're using the OO interface, calling add, and not calling reset. But that's a stab in the dark.

    thor

    Feel the white light, the light within
    Be your own disciple, fan the sparks of will
    For all of us waiting, your kingdom will come

[reply]
[d/l]
      You hit it in the face thor. I had already tested that the input (albeit without missing my earlier lack of chomping them down) was right but it was my not calling reset() that was my problem I think. Either way, switching to the slightly depressing non-OO mode got it working instantly. Now I'll have to test out those bits of the OO interface that I haven't used before.

      Thanks for your help guys.

[reply]
Re: Digest md5 scratcher
by BrowserUk (Patriarch) on Apr 20, 2005 at 07:36 UTC
    Has anyone got any advice?

    Yes. Strip the newline off the end. Or the spaces. Or both.

    Either you are passing slightly different data but do not realise (forgetting to chomp or similar), or something is broken.

    If you are genuinely getting a different digests from the same data, something is broken in your installation.

    If posting a cutdown, preferably standalone version of the code is not an option, then I would suggest that each time you call the md5_hex() function, you trace the value you are passing in and the value returned.

    Dumping the input char by char, print LOG unpack 'C*', $userid; is good idea, as it makes spaces and newlines show up more obviously.

    Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
    Lingua non convalesco, consenesco et abolesco.
    Rule 1 has a caveat! -- Who broke the cabal?
[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom