OpenSSL SHA1没有validationNIST SHAKE测试向量?
我编写了一个C代码,它调用OpenSSL SHA1来生成摘要,但我生成的摘要不匹配。
#define MSG_SIZE 190 #include #include #include void str2hex(char *str, unsigned char *hex, int len) { int tt, ss; char temp[5]; for (tt = 0, ss = 0; tt < len, ss < 2 * len; tt++, ss += 2) { temp[0] = '0'; temp[1] = 'x'; temp[2] = str[ss]; temp[3] = str[ss + 1]; temp[4] = 0; hex[tt] = strtol(temp, NULL, 0); } } int main() { unsigned char digest[MSG_SIZE],stringt[MSG_SIZE]; int i; char *string = "df1300"; str2hex(string, stringt, MSG_SIZE); SHA_CTX ctx; SHA1_Init(&ctx); SHA1_Update(&ctx, stringt, strlen(string)/2); SHA1_Final(digest, &ctx); printf("SHA1 digest\n"); for (i = 0; i < 16; i++) printf("%02x", digest[i]); printf("\n"); return 0; } 我收到的输出是
SHA1 digest 0450c758f08f726ef77880a15118a237
但输出应该是(来自NIST的SHAKE测试向量):
daf289eea10de7fef76e085ad70a3bc6
如果有人可以查看我的代码并让我知道我在哪里做错了会有所帮助。
除了你显示20个字节的前16个,你已经计算出正确的答案。
$ echo df1300 | xxd -r -p | openssl dgst -sha1 (stdin)= 0450c758f08f726ef77880a15118a2379e45f032 $ echo df1300 | xxd -r -p | sha1sum 0450c758f08f726ef77880a15118a2379e45f032 -
http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html#shavs(FIPS 180-4)中的CAVP测试向量不会将df1300列为测试用例,因此不清楚你的df1300是什么重新采购以及为什么这是错误的。
既然你做了16个字节,也许你的意思是MD5? 我们试试吧:
$ openssl dgst -? ... -md4 to use the md4 message digest algorithm -md5 to use the md5 message digest algorithm -ripemd160 to use the ripemd160 message digest algorithm -sha to use the sha message digest algorithm -sha1 to use the sha1 message digest algorithm -sha224 to use the sha224 message digest algorithm -sha256 to use the sha256 message digest algorithm -sha384 to use the sha384 message digest algorithm -sha512 to use the sha512 message digest algorithm -whirlpool to use the whirlpool message digest algorithm $ echo df1300 | xxd -r -p | openssl dgst -md4 (stdin)= 76dfc0e2cf5e5206ed12237d98018416 $ echo df1300 | xxd -r -p | openssl dgst -md5 (stdin)= 7fca8bd4d9be0b3f0e1783ad3aed3413 $ echo df1300 | xxd -r -p | openssl dgst -ripemd160 (stdin)= 30797300cf85c2c5f9135053a757b578cb5856f4 $ echo df1300 | xxd -r -p | openssl dgst -sha (stdin)= 01f78f8a5c08ccb197d01c005f203e326bf435a2 $ echo df1300 | xxd -r -p | openssl dgst -sha1 (stdin)= 0450c758f08f726ef77880a15118a2379e45f032 $ echo df1300 | xxd -r -p | openssl dgst -sha224 (stdin)= 1b680a76915e27d88c269d63817e04dbca207dd38cca7e9d927a3c40 $ echo df1300 | xxd -r -p | openssl dgst -sha256 (stdin)= f0ac1a347ed5d335113b20a763533bea7d7fff610f5f143d811297aa95dd5f0a $ echo df1300 | xxd -r -p | openssl dgst -sha384 (stdin)= 6b18f2ef884a7126d88389b4410e46524b0f501af3f847eb4c4fe0e97ffc24735e30a247799768cac4c38d0d85235502 $ echo df1300 | xxd -r -p | openssl dgst -sha512 (stdin)= 4752e6b0bc2d2e80dec50546ea0eb8aad04b944193c3f1eda7b82c2c0bab042ccad2f20f609b8f1dd6abbc3b480d0478a2cf636a3a917706ed785b0d56375a3c $ echo df1300 | xxd -r -p | openssl dgst -whirlpool (stdin)= f19a5cd03adb2856eec83f88e8d39d34ac591d61e37fbb3831a82a12177d19a761b08df38a4f8d591a694cfd0ff81ef46651d943b4fabec192f64cb4befd00ac
但是这些都不像你的期望值,无论是在big-endian还是little-endian表示。 也许你正在看HMAC?
为了交叉检查OpenSSL的准确性,让我们从CAVP11数据集中获取一个例子,该数据集也是三个字节:
Len = 24 Msg = df4bd2 MD = bf36ed5d74727dfd5d7854ec6b1d49468d8ee8aa $ echo df4bd2 | xxd -r -p | openssl dgst -sha1 (stdin)= bf36ed5d74727dfd5d7854ec6b1d49468d8ee8aa
是的,看起来不错。