Announcement

Collapse
No announcement yet.

MD5 Hash

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • MD5 Hash

    Does any one have examples of how to do a MD5 or some form of
    one way hash on a string using PowerBASIC?

    Thanks

  • #2
    I have the source code in C, I'm just trying to find the time to port it over, it's about 4 pages worth...

    If you DO get it, I'd be most interested in swapping some code with you. I'm working an SSL project right now, got the RC4 down but I need to be able ot do the server side authentication as well...
    There's a *LOT* more to it than a one way hash, at least 5 critical steps involved at a minimum to get the private key down, depending on exactly what you are doing...MD5 is basically used for message digest, certificates etc...if all you want to do is verify a certificate, it's not too difficult...except the source code of course...
    The concept I understand, how to implement it with an SSL server at a code level I don't quite YET understand...but I use it daily at work...I'm hoping I can get some info from our engineers but that may not fly too well...

    Scott

    -------------
    Scott Turchin




    [This message has been edited by Scott Turchin (edited October 07, 1999).]
    Scott Turchin
    MCSE, MCP+I
    http://www.tngbbs.com
    ----------------------
    True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

    Comment


    • #3
      Has anyone looked at the Windows Crypto API. I probably does everything that you need without all the effort.

      Also, I downloaded a freeware crypto library from somewhere called cryptlib. It's nicely documented and does a lot. Don't have the location handy though.

      I'm having problems trying to verify digital signatures currently. Anyone done that before?

      Ray

      Comment


      • #4
        Yes, I did look at both the Windows Crypto Library and Cryptlib.

        I was looking for a specific code solution I could just plug into my
        application without having to get a large, multi-purpose DLL.

        I'd like to get the source code for MD5 and give a stab at porting it.

        I was looking at the MD4 implementation Samba has for encrypting passwords,
        and for what I am doing right now, it may make more sense for this project.

        Comment


        • #5
          Well, with the crypt api, it's there already and other things use it so it's not an issue. It might be quicker to do that.

          Ray

          Comment


          • #6
            Code:
            Just to offer a word of caution:
               
            For most purpose, the Windows crypto API serves just fine.  However, 
            doubts exist about certain aspects of its security.  Moreover, 
            applications that demand the most serious cryptographic capabilities 
            never rely on crypto implementations for which source code is not 
            available.  (The only exceptions involve purchase of cryptographic 
            plug-in implementations from a limited number of respected sources such 
            as RSA.)  Algorithms alone imply nothing about security.  Most crypto 
            is broken through attacks that exploit weaknesses in an algorithm's 
            implementation.  
               
            In other words, if you're interested in obscuring something to prevent 
            browsing and hacking by amateurs, then the Windows cryptographic 
            capabilities are a sensible choice.  For protection against more 
            sophisticated attacks, however, a different crypto capability is 
            appropriate.
            -------------
            -- Greg
            [email protected]

            Comment


            • #7
              I wholeheartedly agree with Greg, most companies don't mess wiht the Crypto API, that would be placing trust in antoher company that doubt exists with currently, especially with a key called NSA_KEY, while innocence is claimed, it's claimed on a lot more things that can't be verified either...

              If you want professional crypto, you write it yourself so you KNOW what's in it.

              Now, my company actually purchased some code, but are also working on their own, just depends where you place your trust at.


              I'll attempt to get the C code typed in tomorrow, then start the conversion, once it's typed in and someone wants a copy of the C implementation (Which may be available on teh web), just send me an email.

              [email protected]


              Scott

              -------------
              Scott Turchin


              Scott Turchin
              MCSE, MCP+I
              http://www.tngbbs.com
              ----------------------
              True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

              Comment


              • #8
                I have the source now, including the header file, it's in C and will require a few days to port it over, maybe longer depending how it goes, if you want a copy email me at [email protected]

                scott

                -------------
                Scott Turchin


                Scott Turchin
                MCSE, MCP+I
                http://www.tngbbs.com
                ----------------------
                True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

                Comment


                • #9
                  Code:
                  Anyone considering the utility of the Win32 crypto API might want to 
                  have a look here: 
                        
                   http://www.theregister.co.uk/000412-000020.html

                  ------------------
                  -- Greg
                  [email protected]

                  Comment

                  Working...
                  X