Geek Answers Handbook

How to check cryptography methods

I recently had a problem with a crypto library that creates md5 bad output. Instead of 32 digits, 30 is returned.

Since we are not using unit test, this problem was quite a headache to solve ... because we assumed that the md5 line is correct and is looking for errors elsewhere.

This makes me realize the real value of unit tests (unit test first, tdd later).

But I'm not sure how to test cryptographic methods well enough. How do you get the correct expected values?

EDIT: Thanks for the answers, I think I haven’t explained it enough.

The problem was using a third-party tool that produces md5 bad output. Then how do you get that value? I know that this should not change, I just don’t understand how to get it from a reliable source.

+5
source share
4 answers

Known valid data for cryptographic algorithms are usually called test vectors. So google "MD5 test vectors" to get tons of good input for your tests.

, , , . . , RFC 1321 :

MD5 ("") = d41d8cd98f00b204e9800998ecf8427e
MD5 ("a") = 0cc175b9c0f1b6a831c399e269772661
MD5 ("abc") = 900150983cd24fb0d6963f7d28e17f72
MD5 ("message digest") = f96b697d7cb7938d525a2f31aaf161d0
MD5 ("abcdefghijklmnopqrstuvwxyz") = c3fcd3d76192e4007dfb496cca67e13b
MD5 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")
  = d174ab98d277d9f5a5611c2c9f419d9f
MD5 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") 
  = 57edf4a22be3c955ac49da2e2107b67a
+18

MD5 . , , , , .

assert_equals encode("str"), "341be97d9aff90c9978347f66f945b77"

"str" "341be97d9aff90c9978347f66f945b77".
, . .

+4

, , .

, , . , : " ". , "Guvf vf fbzr grfg qngn".

.

unit test , . unit test ( , ).

, , . , , .

, MD5-, , MD5--, /, , .

+1

, , .

, : , , MD5. , - .

, SHA-256 ( FIPS-180-2, ). 256 , 128, MD5.

0

More articles:


All Articles