forked from espressif/arduino-esp32
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMD5Builder.ino
95 lines (76 loc) · 2.49 KB
/
MD5Builder.ino
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#include <MD5Builder.h>
// Occasionally it is useful to compare a password that the user
// has entered to a build in string. However this means that the
// password ends up `in the clear' in the firmware and in your
// source code.
//
// MD5Builder helps you obfuscate this (it is not terribly secure, MD5
// has been phased out as insecure eons ago) by letting you create an
// MD5 of the data the user entered; and then compare this to an MD5
// string that you have put in your code.
void setup() {
Serial.begin(115200);
Serial.println("\n\n\nStart.");
// Check if a password obfuscated in an MD5 actually
// matches the original string.
//
// echo -n "Hello World" | openssl md5
{
String md5 = "b10a8db164e0754105b7a99be72e3fe5";
String password = "Hello World";
MD5Builder md;
md.begin();
md.add(password);
md.calculate();
String result = md.toString();
if (!md5.equalsIgnoreCase(result)) {
Serial.println("Odd - failing MD5 on String");
} else {
Serial.println("OK!");
}
}
// Check that this also work if we add the password not as
// a normal string - but as a string with the HEX values.
{
String passwordAsHex = "48656c6c6f20576f726c64";
String md5 = "b10a8db164e0754105b7a99be72e3fe5";
MD5Builder md;
md.begin();
md.addHexString(passwordAsHex);
md.calculate();
String result = md.toString();
if (!md5.equalsIgnoreCase(result)) {
Serial.println("Odd - failing MD5 on hex string");
Serial.println(md5);
Serial.println(result);
} else {
Serial.println("OK!");
}
}
// Check that this also work if we add the password as
// an unsigned byte array.
{
uint8_t password[] = {0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x57, 0x6f, 0x72, 0x6c, 0x64};
String md5 = "b10a8db164e0754105b7a99be72e3fe5";
MD5Builder md;
md.begin();
md.add(password, sizeof(password));
md.calculate();
String result = md.toString();
if (!md5.equalsIgnoreCase(result)) {
Serial.println("Odd - failing MD5 on byte array");
} else {
Serial.println("OK!");
}
// And also check that we can compare this as pure, raw, bytes
uint8_t raw[16] = {0xb1, 0x0a, 0x8d, 0xb1, 0x64, 0xe0, 0x75, 0x41, 0x05, 0xb7, 0xa9, 0x9b, 0xe7, 0x2e, 0x3f, 0xe5};
uint8_t res[16];
md.getBytes(res);
if (memcmp(raw, res, 16)) {
Serial.println("Odd - failing MD5 on byte array when compared as bytes");
} else {
Serial.println("OK!");
}
}
}
void loop() {}