Tweet
Does any one have examples of how to do a MD5 or some form of
one way hash on a string using PowerBASIC?
Thanks
one way hash on a string using PowerBASIC?
Thanks
-
-
I have the source code in C, I'm just trying to find the time to port it over, it's about 4 pages worth...
If you DO get it, I'd be most interested in swapping some code with you. I'm working an SSL project right now, got the RC4 down but I need to be able ot do the server side authentication as well...
There's a *LOT* more to it than a one way hash, at least 5 critical steps involved at a minimum to get the private key down, depending on exactly what you are doing...MD5 is basically used for message digest, certificates etc...if all you want to do is verify a certificate, it's not too difficult...except the source code of course...
The concept I understand, how to implement it with an SSL server at a code level I don't quite YET understand...but I use it daily at work...I'm hoping I can get some info from our engineers but that may not fly too well...
Scott
-------------
Scott Turchin
[This message has been edited by Scott Turchin (edited October 07, 1999).]Scott Turchin
MCSE, MCP+I
http://www.tngbbs.com
----------------------
True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi -
Has anyone looked at the Windows Crypto API. I probably does everything that you need without all the effort.
Also, I downloaded a freeware crypto library from somewhere called cryptlib. It's nicely documented and does a lot. Don't have the location handy though.
I'm having problems trying to verify digital signatures currently. Anyone done that before?
Ray
Comment
-
Yes, I did look at both the Windows Crypto Library and Cryptlib.
I was looking for a specific code solution I could just plug into my
application without having to get a large, multi-purpose DLL.
I'd like to get the source code for MD5 and give a stab at porting it.
I was looking at the MD4 implementation Samba has for encrypting passwords,
and for what I am doing right now, it may make more sense for this project.
Comment
-
Well, with the crypt api, it's there already and other things use it so it's not an issue. It might be quicker to do that.
Ray
Comment
-
-------------Code:Just to offer a word of caution: For most purpose, the Windows crypto API serves just fine. However, doubts exist about certain aspects of its security. Moreover, applications that demand the most serious cryptographic capabilities never rely on crypto implementations for which source code is not available. (The only exceptions involve purchase of cryptographic plug-in implementations from a limited number of respected sources such as RSA.) Algorithms alone imply nothing about security. Most crypto is broken through attacks that exploit weaknesses in an algorithm's implementation. In other words, if you're interested in obscuring something to prevent browsing and hacking by amateurs, then the Windows cryptographic capabilities are a sensible choice. For protection against more sophisticated attacks, however, a different crypto capability is appropriate.
-- Greg
[email protected]Comment
-
I wholeheartedly agree with Greg, most companies don't mess wiht the Crypto API, that would be placing trust in antoher company that doubt exists with currently, especially with a key called NSA_KEY, while innocence is claimed, it's claimed on a lot more things that can't be verified either...
If you want professional crypto, you write it yourself so you KNOW what's in it.
Now, my company actually purchased some code, but are also working on their own, just depends where you place your trust at.
I'll attempt to get the C code typed in tomorrow, then start the conversion, once it's typed in and someone wants a copy of the C implementation (Which may be available on teh web), just send me an email.
[email protected]
Scott
-------------
Scott Turchin
Scott Turchin
MCSE, MCP+I
http://www.tngbbs.com
----------------------
True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin FunakoshiComment
-
I have the source now, including the header file, it's in C and will require a few days to port it over, maybe longer depending how it goes, if you want a copy email me at [email protected]
scott
-------------
Scott Turchin
Scott Turchin
MCSE, MCP+I
http://www.tngbbs.com
----------------------
True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin FunakoshiComment
-
Code:Anyone considering the utility of the Win32 crypto API might want to have a look here: [url="http://www.theregister.co.uk/000412-000020.html"]http://www.theregister.co.uk/000412-000020.html[/url]
------------------
-- Greg
[email protected]Comment
Comment