MD5 Object Problem / SHA-1 Replacement
Bobb Fwed
Posts: 1,119
I'm having problems with the MD5 object.
First of all, I'm not totally sure I am using it correctly (as there are no examples, and there are nondescript parameter names, like "h").
But I think I am using it correctly, but the results are not as expected.
I have this code:
It outputs
4B43B0AEE35624CD95B910189B3DC231
When I am expecting
81dc9bdb52d04dc20036dbd8313ed055
BUT if I add a " / 2" to the clkfreq in the waitcnt, it changes the result to
7B774EFFE4A349C6DD82AD4F4F21D34C
In the MD5 object itself, I presume the parameter "h" is the hash, and I am also guessing it is the address to store the hash (as that part seems to be working correctly -- even if the hash itself is not).
What am I, or the object, doing wrong?
First of all, I'm not totally sure I am using it correctly (as there are no examples, and there are nondescript parameter names, like "h").
But I think I am using it correctly, but the results are not as expected.
I have this code:
VAR
byte str[100]
byte rt[32] ' double intended size, just in case...
PUB Main | tmp, i
tmp := string("1234")
bytemove(@str, @tmp, strsize(tmp))
MD5.hash(@str,strsize(@str),@rt)
waitcnt(clkfreq + cnt)
REPEAT i FROM 0 TO strsize(@rt) - 1
DEBUG.hex(rt[i], 2)
DEBUG.tx($D)
it outputs 16 bytes as expected. But the result is based on the local address of certain things.It outputs
4B43B0AEE35624CD95B910189B3DC231
When I am expecting
81dc9bdb52d04dc20036dbd8313ed055
BUT if I add a " / 2" to the clkfreq in the waitcnt, it changes the result to
7B774EFFE4A349C6DD82AD4F4F21D34C
In the MD5 object itself, I presume the parameter "h" is the hash, and I am also guessing it is the address to store the hash (as that part seems to be working correctly -- even if the hash itself is not).
What am I, or the object, doing wrong?
Comments
Right, of course.
Ahhhh Cryptography
A subject near and dear to my heart. Not that it directly applies to the Propeller or that it will particularly help you in this case Bobb, but it does apply to cryptography. Here is a link to some cryptographic functions that I wrote over eight years ago. That brings back some memories. Who knows, maybe I could incorporate the functions into the serial terminal that I am working on now, providing that you create a nice object on your side Bobb. Good luck with it.
http://www.codeguru.com/cpp/misc/misc/cryptoapi/comments.php/c3899/?thread=47896
Bruce
I started digging around in some of my old C++ files and came up with some fairly serious cryptographic functions that I wrote after I had gained some experience with the Crypto API. As I previously mentioned in the other post, I would be willing to add these functions to the serial terminal I am working on, and so I have been thinking about it. So let me ask you, what is encryption used for on a uC? Because as I see it, this serial terminal should be able to read and write files, and I would imagine that if the serial terminal had unicode support (which I believe it does already), the prop could send encrypted data to the terminal and be decrypted.
Bruce
More so, I was just being lazy and hoping for an already existing object for a well-established hash. But it looks as though I will have to create my own, I'll probably try my hand at creating a SHA-1 function.
I've put this much work into, guess I'll be converting it over to PASM.
Also the whole little endian, big endian thing is wiggin' me out, and I'll probably do it wrong.
Since you are wiggin' out, I am curious which one got your scalp. Was it the big indian or the little indian, or did both get a little hair from you?
Relax, take a deep breath, then go back refreshed and kick some code in their face.
Bruce
But now that I am porting it to PASM, and there ain't none of that block moving there (I'll being writing it myself). I'll figure it out in the end, I (almost) always do.
I can relate to your problem. When all you get is the result, it does make it more complicated.
Good luck with it Bobb.
Bruce
The problem comes with bitwise operations like rotates. A little-endian rotate left 1 bit and a big-endian rotate left 1 bit will have completely different results (if there is any rollover between bytes).
So, I don't feel willing to put all the time in to convert longs back and forth between the endians. Rather, I think I'll release it as Prop-SHA or SHA-Prop or something, a proprietary SHA.
Attached is my SPIN and PASM attempts at SHA-1. SPIN isn't commented much, but it's copied almost directly from the Wikipedia website, and the PASM is commented with SPIN equivalencies.
Currently (as it is in Alpha) it only works with strings that are less than 32 bytes long.
Maybe someone will see a mistake, or know an easy way to solve the problem.
Of course more modern hash functions typically have much larger output sizes than MD5 which is an issue on a space-limited microcontroller.
Perhaps RIPEMD-128 might be a good compromise? The table at wikipedia has a summary of hash functions and crypto-attacks upon them: http://en.wikipedia.org/wiki/Cryptographic_hash_function
I just read an article stating a university in German has figured out a way to force collisions some 2000 times faster than brute force, which isn't so bad when there is still 2^51 number of possibilities to go through (something like 6 months of community hacking to make that useful -- but a higher security flaw than the expected 1000 years). For online certificates it poses a potential risk, but for the extremely memory-limited platform that is the Propeller, a common hash seems more useful than a more secure hash.
SHA-2 takes up a lot of memory, and come to find out, kuroneko had a solution that he PM'ed to me.