96 lines
2.7 KiB
C++
96 lines
2.7 KiB
C++
#include <SHA1Builder.h>
|
|
|
|
// Occasionally it is useful to compare a password that the user
|
|
// has entered to a build in string. However this means that the
|
|
// password ends up `in the clear' in the firmware and in your
|
|
// source code.
|
|
//
|
|
// SHA1Builder helps you obfuscate this (This is not much more secure.
|
|
// SHA1 is past its retirement age and long obsolete/insecure, but it helps
|
|
// a little) by letting you create an (unsalted!) SHA1 of the data the
|
|
// user entered; and then compare this to an SHA1 string that you have put
|
|
// in your code.
|
|
|
|
void setup() {
|
|
Serial.begin(115200);
|
|
|
|
Serial.println("\n\n\nStart.");
|
|
|
|
// Check if a password obfuscated in an SHA1 actually
|
|
// matches the original string.
|
|
//
|
|
// echo -n "Hello World" | openssl sha1
|
|
{
|
|
String sha1_str = "0a4d55a8d778e5022fab701977c5d840bbc486d0";
|
|
String password = "Hello World";
|
|
|
|
SHA1Builder sha;
|
|
|
|
sha.begin();
|
|
sha.add(password);
|
|
sha.calculate();
|
|
|
|
String result = sha.toString();
|
|
|
|
if (!sha1_str.equalsIgnoreCase(result)) {
|
|
Serial.println("Odd - failing SHA1 on String");
|
|
} else {
|
|
Serial.println("OK!");
|
|
}
|
|
}
|
|
|
|
// Check that this also work if we add the password not as
|
|
// a normal string - but as a string with the HEX values.
|
|
{
|
|
String passwordAsHex = "48656c6c6f20576f726c64";
|
|
String sha1_str = "0a4d55a8d778e5022fab701977c5d840bbc486d0";
|
|
|
|
SHA1Builder sha;
|
|
|
|
sha.begin();
|
|
sha.addHexString(passwordAsHex);
|
|
sha.calculate();
|
|
|
|
String result = sha.toString();
|
|
|
|
if (!sha1_str.equalsIgnoreCase(result)) {
|
|
Serial.println("Odd - failing SHA1 on hex string");
|
|
Serial.println(sha1_str);
|
|
Serial.println(result);
|
|
} else {
|
|
Serial.println("OK!");
|
|
}
|
|
}
|
|
|
|
// Check that this also work if we add the password as
|
|
// an unsigned byte array.
|
|
{
|
|
uint8_t password[] = {0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x57, 0x6f, 0x72, 0x6c, 0x64};
|
|
String sha1_str = "0a4d55a8d778e5022fab701977c5d840bbc486d0";
|
|
SHA1Builder sha;
|
|
|
|
sha.begin();
|
|
sha.add(password, sizeof(password));
|
|
sha.calculate();
|
|
|
|
String result = sha.toString();
|
|
|
|
if (!sha1_str.equalsIgnoreCase(result)) {
|
|
Serial.println("Odd - failing SHA1 on byte array");
|
|
} else {
|
|
Serial.println("OK!");
|
|
}
|
|
|
|
// And also check that we can compare this as pure, raw, bytes
|
|
uint8_t raw[20] = {0x0a, 0x4d, 0x55, 0xa8, 0xd7, 0x78, 0xe5, 0x02, 0x2f, 0xab, 0x70, 0x19, 0x77, 0xc5, 0xd8, 0x40, 0xbb, 0xc4, 0x86, 0xd0};
|
|
uint8_t res[20];
|
|
sha.getBytes(res);
|
|
if (memcmp(raw, res, 20)) {
|
|
Serial.println("Odd - failing SHA1 on byte array when compared as bytes");
|
|
} else {
|
|
Serial.println("OK!");
|
|
}
|
|
}
|
|
}
|
|
|
|
void loop() {}
|