Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Java
tree: 02301fad4e

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
lib
src
.gitignore
README

README

Allows you to test hashextension (extending an existing hash).

This is meant to prove that signatures on the form Hash(secret + data to sign) are vulnerable.

Most notably this was a problem for Flickr a while back because they used
MD5(API_KEY + parameters)

You need bouncycastle to use this
Tested with bcprov-jdk16-146.jar

For a thorough explanation see:
http://rdist.root.org/2009/10/29/stop-using-unsafe-keyed-hashes-use-hmac/

Oh, and don't use hash(secret + data). Use HMAC instead.



Testing it with TestSignature:
------------------------------
Initial run:
java -cp ..\lib\bcprov-jdk16-146.jar;. TestSignature
Running with given signed value:
java -cp ..\lib\bcprov-jdk16-146.jar;. TestSignature id=1 36beedfbdfeff01a77b65173c343c0b3
Extending the hash (notice the missing = character in the last parameter):
java -cp ..\lib\bcprov-jdk16-146.jar;. ExtendMD5 36beedfbdfeff01a77b65173c343c0b3 11 id2
Running the extended hash (garbling the name of the first parameter, adding the padding, and adding a new id=2 at the end):
java -cp ..\lib\bcprov-jdk16-146.jar;. TestSignature "i=d1%80%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%58%00%00%00%00%00%00%00&id=2" 0b6d44409e9d5be9257dbd531ef583ca
Something went wrong with that request. Please try again.