forked from espressif/arduino-esp32
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSHA1Builder.ino
96 lines (77 loc) · 2.66 KB
/
SHA1Builder.ino
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#include <SHA1Builder.h>
// Occasionally it is useful to compare a password that the user
// has entered to a build in string. However this means that the
// password ends up `in the clear' in the firmware and in your
// source code.
//
// SHA1Builder helps you obfuscate this (This is not much more secure.
// SHA1 is past its retirement age and long obsolete/insecure, but it helps
// a little) by letting you create an (unsalted!) SHA1 of the data the
// user entered; and then compare this to an SHA1 string that you have put
// in your code.
void setup() {
Serial.begin(115200);
Serial.println("\n\n\nStart.");
// Check if a password obfuscated in an SHA1 actually
// matches the original string.
//
// echo -n "Hello World" | openssl sha1
{
String sha1_str = "0a4d55a8d778e5022fab701977c5d840bbc486d0";
String password = "Hello World";
SHA1Builder sha;
sha.begin();
sha.add(password);
sha.calculate();
String result = sha.toString();
if (!sha1_str.equalsIgnoreCase(result)) {
Serial.println("Odd - failing SHA1 on String");
} else {
Serial.println("OK!");
}
}
// Check that this also work if we add the password not as
// a normal string - but as a string with the HEX values.
{
String passwordAsHex = "48656c6c6f20576f726c64";
String sha1_str = "0a4d55a8d778e5022fab701977c5d840bbc486d0";
SHA1Builder sha;
sha.begin();
sha.addHexString(passwordAsHex);
sha.calculate();
String result = sha.toString();
if (!sha1_str.equalsIgnoreCase(result)) {
Serial.println("Odd - failing SHA1 on hex string");
Serial.println(sha1_str);
Serial.println(result);
} else {
Serial.println("OK!");
}
}
// Check that this also work if we add the password as
// an unsigned byte array.
{
uint8_t password[] = {0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x57, 0x6f, 0x72, 0x6c, 0x64};
String sha1_str = "0a4d55a8d778e5022fab701977c5d840bbc486d0";
SHA1Builder sha;
sha.begin();
sha.add(password, sizeof(password));
sha.calculate();
String result = sha.toString();
if (!sha1_str.equalsIgnoreCase(result)) {
Serial.println("Odd - failing SHA1 on byte array");
} else {
Serial.println("OK!");
}
// And also check that we can compare this as pure, raw, bytes
uint8_t raw[20] = {0x0a, 0x4d, 0x55, 0xa8, 0xd7, 0x78, 0xe5, 0x02, 0x2f, 0xab, 0x70, 0x19, 0x77, 0xc5, 0xd8, 0x40, 0xbb, 0xc4, 0x86, 0xd0};
uint8_t res[20];
sha.getBytes(res);
if (memcmp(raw, res, 20)) {
Serial.println("Odd - failing SHA1 on byte array when compared as bytes");
} else {
Serial.println("OK!");
}
}
}
void loop() {}