7

I would like to convert this PHP code$a ^ $b(where length of a is 16, b is 32) to javascript code. Here is my implementation.

    var xor = "";
    for (var i = 0; i < a.length; i++) {
        xor += String.fromCharCode(a.charCodeAt(i) ^ b.charCodeAt(i));
    }
    xor = b.substr(-16) + xor;

However, the result not the same. Please help me to figure it out. Thanks.

By the way, here's the part of code I'm working around:

    var secret = "secret";
    var password = "password";
    var chal = "2ba5565a539c57c1ce2356e218faa321";
    var hexchal = php.pack('H32', chal);
    var newchal, newpwd, pappassword;

    newchal = php.pack('H*', php.md5(hexchal + secret));
    newpwd = php.pack("a32", password);
    var xor = "";
    for (var i = 0; i < newchal.length; i++) {
        xor += String.fromCharCode(newchal.charCodeAt(i) ^ newpwd.charCodeAt(i));
    }
    xor = newpwd.substr(-16) + xor;

The corresponding PHP code:

    <?php
    $secret = "secret";
    $password = "password";
    $chal = "2ba5565a539c57c1ce2356e218faa321";

    $hexchal = pack ("H32", $chal);
    $newchal = pack ("H*", md5($hexchal . $secret));

    $newpwd = pack("a32", $password);
    $pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal)));
    echo $pappassword;
    ?>

Where a and b are newchal and newpwd, respectively. And php.func()s come from http://phpjs.org/. The expected output is "821f984aa1062e56dbdc8f77454e5eb3".

Improve this question
6
  • 2
    Can you post sample input and output (both actual and expected)? Commented Jun 6, 2012 at 5:32
  • @trantor so what's the expected output for the above? Commented Jun 6, 2012 at 6:06
  • @trantor with PHP I get f27eeb39d6695c32dbdc8f77454e5eb3 xor 7461746573740000000000000000000000000000000000000000000000000000 == 861f9f5ca51d5c32dbdc8f77454e5eb3 - care to also post a working PHP version? :) Commented Jun 6, 2012 at 6:14
  • @Jack I added corresponding PHP code and modified the password. Hope no mistake this time. Commented Jun 6, 2012 at 6:25
  • @trantor thanks! I've modified my answer, it produces the correct output Commented Jun 6, 2012 at 6:34

2 Answers 2

Reset to default
5

I've used your code almost literally:

String.prototype.xor = function(other)
{
  var xor = "";
  for (var i = 0; i < this.length && i < other.length; ++i) {
      xor += String.fromCharCode(this.charCodeAt(i) ^ other.charCodeAt(i));
  }
  return xor;
}

The loop should stop when the end of either string is reached.

Tested with:

String.prototype.toHex = function() {
    var hex = '', tmp;
    for(var i=0; i<this.length; i++) {
        tmp = this.charCodeAt(i).toString(16)
        if (tmp.length == 1) {
            tmp = '0' + tmp;
        }
        hex += tmp
    }
    return hex;
}

var x = "password\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000";
var y = "\u00f2~\u00eb9\u00d6i\\2\u00db\u00dc\u008fwEN^\u00b3";

x.xor(y).toHex();

Output:

821f984aa162e56dbdc8f77454e5eb3
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

toString(16) doesn't guaranteed to return to char. For example, '\t'.charCodeAt(0).toString(16) return '9'. So my for-loop in toHex() is tmp = ''+this.charCodeAt(i).toString(16); if (tmp.length == 1) tmp = '0' + tmp; hex += tmp;
@trantor isn't that what I have? Maybe it's my phone but I don't see the diff :)
For example, chal = '15ff497252bb7c5ce5a9da7a85d07121'. Then with your toHex(), newpwd.xor(newchal).toHex() returns 'd93b42daab792cc8f601a99a2e28c6b', and with mine '0d93b42daab792cc8f601a99a2e28c6b'. The only difference is the leading '0'. Because the first char code of newpwd.xor(newchal) is 13, and Number(13).toString(16) is 'd' not '0d'.
@trantor right, that make absolute sense :) weird how I couldn't see that on my phone .. i'll edit my answer, thanks!!
1

You forgot to add a check if the length of b exceeds:

if(i < b.length){
    xor += String.fromCharCode(a.charCodeAt(i) ^ b.charCodeAt(i));
}else{
    xor += a.charAt(i);
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.