Move some common HEX functions into a static HEX class, remove those from MD5 and add some examples. This allows for the cleanup of various to/from HEX routines elsewhere.

Author: dirkx

cores/esp32/HEXBuilder.cpp

@@ -0,0 +1,69 @@
+/* 
+  Copyright (c) 2015 Hristo Gochkov. All rights reserved.
+  This file is part of the esp8266 core for Arduino environment.
+ 
+  This library is free software; you can redistribute it and/or
+  modify it under the terms of the GNU Lesser General Public
+  License as published by the Free Software Foundation; either
+  version 2.1 of the License, or (at your option) any later version.
+
+  This library is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+#include <Arduino.h>
+#include <HEXBuilder.h>
+
+static uint8_t hex_char_to_byte(uint8_t c)
+{
+    return  (c >= 'a' && c <= 'f') ? (c - ((uint8_t)'a' - 0xa)) :
+            (c >= 'A' && c <= 'F') ? (c - ((uint8_t)'A' - 0xA)) :
+            (c >= '0' &&  c<= '9') ? (c - (uint8_t)'0') : 0x10; // unknown char is 16
+}
+
+size_t HEXBuilder::hex2bytes(unsigned char * out, size_t maxlen, String &in) {
+	return hex2bytes(out, maxlen, in.c_str());
+}
+
+size_t HEXBuilder::hex2bytes(unsigned char * out, size_t maxlen, const char * in) {
+	size_t len = 0;
+	for(;*in;in++) {
+		uint8_t c = hex_char_to_byte(*in);
+		// Silently skip anything unknown.
+		if (c > 15) 
+			continue;
+
+		if (len & 1) {
+			if (len/2 < maxlen) 
+				out[len/2] |= c;
+		} else {
+			if (len/2 < maxlen) 
+		 		out[len/2] = c<<4;
+		}
+		len++;
+	}
+	return (len + 1)/2;
+}
+
+size_t HEXBuilder::bytes2hex(char * out, size_t maxlen, const unsigned char * in, size_t len) {
+	for(size_t i = 0; i < len; i++) 
+	    if (i*2 + 1 < maxlen)
+	        sprintf(out + (i * 2), "%02x", in[i]);
+
+        return len * 2 + 1;
+}
+
+String HEXBuilder::bytes2hex(const unsigned char * in, size_t len) {
+        size_t maxlen = len * 2 + 1;
+        char * out = (char *) malloc(maxlen);
+        if (!out) return String();
+        bytes2hex(out, maxlen, in, len);
+        String ret = String(out);
+        free(out);
+        return ret;
+}

cores/esp32/HEXBuilder.h

@@ -0,0 +1,33 @@
+/* 
+  Copyright (c) 2015 Hristo Gochkov. All rights reserved.
+  This file is part of the esp8266 core for Arduino environment.
+ 
+  This library is free software; you can redistribute it and/or
+  modify it under the terms of the GNU Lesser General Public
+  License as published by the Free Software Foundation; either
+  version 2.1 of the License, or (at your option) any later version.
+
+  This library is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+#ifndef __ESP8266_HEX_BUILDER__
+#define __ESP8266_HEX_BUILDER__
+
+#include <WString.h>
+#include <Stream.h>
+
+class HEXBuilder {
+public:
+	static size_t hex2bytes(unsigned char * out, size_t maxlen, String & in);
+	static size_t hex2bytes(unsigned char * out, size_t maxlen, const char * in);
+
+	static String bytes2hex(const unsigned char * in, size_t len);
+	static size_t bytes2hex(char * out, size_t maxlen, const unsigned char * in, size_t len);
+};
+#endif

cores/esp32/MD5Builder.cpp

@@ -17,15 +17,9 @@
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */
 #include <Arduino.h>
+#include <HEXBuilder.h>
 #include <MD5Builder.h>
 
-static uint8_t hex_char_to_byte(uint8_t c)
-{
-    return  (c >= 'a' && c <= 'f') ? (c - ((uint8_t)'a' - 0xa)) :
-            (c >= 'A' && c <= 'F') ? (c - ((uint8_t)'A' - 0xA)) :
-            (c >= '0' &&  c<= '9') ? (c - (uint8_t)'0') : 0;
-}
-
 void MD5Builder::begin(void)
 {
     memset(_buf, 0x00, ESP_ROM_MD5_DIGEST_LEN);
@@ -39,16 +33,12 @@ void MD5Builder::add(uint8_t * data, uint16_t len)
 
 void MD5Builder::addHexString(const char * data)
 {
-    uint16_t i, len = strlen(data);
+    uint16_t len = strlen(data);
     uint8_t * tmp = (uint8_t*)malloc(len/2);
     if(tmp == NULL) {
         return;
     }
-    for(i=0; i<len; i+=2) {
-        uint8_t high = hex_char_to_byte(data[i]);
-        uint8_t low = hex_char_to_byte(data[i+1]);
-        tmp[i/2] = (high & 0x0F) << 4 | (low & 0x0F);
-    }
+    hex2bytes(tmp, len/2, data);
     add(tmp, len/2);
     free(tmp);
 }
@@ -104,9 +94,7 @@ void MD5Builder::getBytes(uint8_t * output)
 
 void MD5Builder::getChars(char * output)
 {
-    for(uint8_t i = 0; i < ESP_ROM_MD5_DIGEST_LEN; i++) {
-        sprintf(output + (i * 2), "%02x", _buf[i]);
-    }
+    bytes2hex(output, ESP_ROM_MD5_DIGEST_LEN*2+1, _buf, ESP_ROM_MD5_DIGEST_LEN);
 }
 
 String MD5Builder::toString(void)

cores/esp32/MD5Builder.h

@@ -25,7 +25,9 @@
 #include "esp_system.h"
 #include "esp_rom_md5.h"
 
-class MD5Builder
+#include "HEXBuilder.h"
+
+class MD5Builder : HEXBuilder
 {
 private:
     md5_context_t _ctx;

libraries/ESP32/examples/HEXBuilder/HEXBuilder.ino

@@ -0,0 +1,76 @@
+#include <HEXBuilder.h>
+
+void setup() {
+  Serial.begin(115200);
+  delay(100);
+  Serial.println("\n\n\nStart.");
+
+  // Convert a HEX string like 6c6c6f20576f726c64 to a binary buffer
+  //
+  {
+    const char * out = "Hello World";
+    const char * hexin = "48656c6c6f20576f726c6400"; // As the string above is \0 terminated too
+
+    unsigned char buff[256];
+    size_t len = HEXBuilder::hex2bytes(buff, sizeof(buff), hexin);
+
+    if (len != 1 + strlen(out))
+      Serial.println("Odd - length 1 is wrong");
+
+    if (memcmp(buff,  out, len) != 0)
+      Serial.println("Odd - decode 1 went wrong");
+
+    // Safe to print this binary buffer -- as we've included a \0 in the hex sequence.
+    //
+    Serial.printf("IN: <%s>\nOUT <%s\\0>\n", hexin, buff);
+  };
+
+  {
+    String helloHEX = "48656c6c6f20576f726c64";
+    const char hello[] = "Hello World";
+
+    unsigned char buff[256];
+    size_t len = HEXBuilder::hex2bytes(buff, sizeof(buff), helloHEX);
+
+    if (len != strlen(hello))
+      Serial.println("Odd - length 2 is wrong");
+
+    if (strcmp((char *) buff,  hello) != 0)
+      Serial.println("Odd - decode 2 went wrong");
+  }
+
+  {
+    const unsigned char helloBytes[] = { 0x48, 0x56, 0x6c, 0x6c, 0x6f, 0x20, 0x57, 0x6f, 0x72, 0x6c, 0x64 };
+    String helloHEX = "48566c6c6f20576f726c64";
+
+
+    String out = HEXBuilder::bytes2hex(helloBytes, sizeof(helloBytes));
+    if (out.length() != 2 * sizeof(helloBytes))
+      Serial.println("Odd - length 3 is wrong");
+
+    // we need to ignore case - as a hex string can be spelled in uppercase and lowercase
+    //
+    if (!out.equalsIgnoreCase(helloHEX)) {
+      Serial.println("Odd - decode 3 went wrong");
+    }
+  }
+
+  {
+    const unsigned char helloBytes[] = { 0x6c, 0x6c, 0x6f, 0x20, 0x57, 0x6f, 0x72, 0x6c, 0x64 };
+    const char helloHex[] = "6c6c6f20576f726c64";
+
+    char buff[256];
+    size_t len = HEXBuilder::bytes2hex(buff, sizeof(buff), helloBytes, sizeof(helloBytes));
+    if (len != 1 + 2 * sizeof(helloBytes))
+      Serial.println("Odd - length 4 is wrong");
+
+    // we need to ignore case - as a hex string can be spelled in uppercase and lowercase
+    //
+    if (strcasecmp(buff, helloHex))
+      Serial.println("Odd - decode 4 went wrong");
+  }
+  Serial.println("Done.");
+}
+
+void loop() {
+}

libraries/ESP32/examples/MD5Builder/MD5Builder.ino

@@ -0,0 +1,97 @@
+#include <MD5Builder.h>
+
+// Occasionally it is useful to compare a password that the user
+// has entered to a build in string. However this means that the
+// password ends up `in the clear' in the firmware and in your
+// source code.
+//
+// MD5Builder helps you obfuscate this (it is not terribly secure, MD5
+// has been phased out as insecure eons ago) by letting you create an
+// MD5 of the data the user entered; and then compare this to an MD5
+// string that you have put in your code.
+//
+void setup() {
+  Serial.begin(115200);
+  delay(100);
+  Serial.println("\n\n\nStart.");
+
+  // Check if a password obfuscated in an MD5 actually
+  // matches the original string.
+  //
+  // echo -n "Hello World" | openssl md5
+  //
+  {
+    String md5 = "b10a8db164e0754105b7a99be72e3fe5";
+    String password = "Hello World";
+
+    MD5Builder md;
+
+    md.begin();
+    md.add(password);
+    md.calculate();
+
+    String result = md.toString();
+
+    if (!md5.equalsIgnoreCase(result))
+      Serial.println("Odd - failing MD5 on String");
+    else
+      Serial.println("OK!");
+  }
+  // Check that this also work if we add the password not as
+  // a normal string - but as a string with the HEX values.
+  {
+    String passwordAsHex = "48656c6c6f20576f726c64";
+    String md5 = "b10a8db164e0754105b7a99be72e3fe5";
+
+    MD5Builder md;
+
+    md.begin();
+    md.addHexString(passwordAsHex);
+    md.calculate();
+
+    String result = md.toString();
+
+    if (!md5.equalsIgnoreCase(result)) {
+      Serial.println("Odd - failing MD5 on hex string");
+      Serial.println(md5);
+      Serial.println(result);
+    }
+    else
+      Serial.println("OK!");
+
+  }
+  // Check that this also work if we add the password as
+  // an unsigned byte array.
+  {
+    uint8_t password[] = { 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x57, 0x6f, 0x72, 0x6c, 0x64 };
+    String md5 = "b10a8db164e0754105b7a99be72e3fe5";
+    MD5Builder md;
+
+    md.begin();
+    md.add(password, sizeof(password));
+    md.calculate();
+
+    String result = md.toString();
+
+    if (!md5.equalsIgnoreCase(result))
+      Serial.println("Odd - failing MD5 on byte array");
+    else
+      Serial.println("OK!");
+
+    // And also check that we can compare this as pure, raw, bytes
+    //
+    uint8_t raw[16] = {   0xb1, 0x0a, 0x8d, 0xb1, 0x64, 0xe0, 0x75, 0x41,
+                          0x05, 0xb7, 0xa9, 0x9b, 0xe7, 0x2e, 0x3f, 0xe5
+                      };
+    uint8_t res[16];
+    md.getBytes(res);
+    if (memcmp(raw, res, 16)) 
+      Serial.println("Odd - failing MD5 on byte array when compared as bytes"); 
+    else
+      Serial.println("OK!");
+
+  }
+}
+
+void loop() {
+}