-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathmd5_test.go
77 lines (68 loc) · 6.74 KB
/
md5_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package detectcoll
import (
"crypto/md5"
"crypto/subtle"
"encoding/hex"
"testing"
)
func TestMD5(t *testing.T) {
var h Hash = NewMD5()
var ret []byte
ret = h.Sum(nil)
expected, _ := hex.DecodeString("d41d8cd98f00b204e9800998ecf8427e")
if subtle.ConstantTimeCompare(ret, expected) != 1 {
t.Errorf("Empty hash incorrect: %x (not %x)", ret, expected)
}
// h.Reset()
h.Write([]byte("abc"))
expected, _ = hex.DecodeString("900150983cd24fb0d6963f7d28e17f72")
ret = h.Sum(nil)
if subtle.ConstantTimeCompare(ret, expected) != 1 {
t.Errorf("Hash('abc') incorrect: %x (not %x)", ret, expected)
}
}
func TestMD5Coll(t *testing.T) {
testcases := []struct{ name, hex string }{
{"ticket", "3c313839342d323735362d333339382e363937372d303334352d3138354070617373776f72645f6465746563746f725f6462632e6d74766965772e63612e7573a41d6e98067d7083dd1d6ea8dbee64e29fe168ffb3a50e12e2d337743d540f60abc5637cd9d9eae91ec5b5a923f609c31e4f53fdadc733adc68003fd6af345772cbebe6c174d9e53d12b346fe9b4e278259c5def4ed32be0bd984d7722067b1f3e4142434445464748494a4b4c4d4e4f505152535455565758595a3031323333"},
{"TBSCertificate from 'MD5 considered harmful today' cert", "3082039ba003020102020309cfc7300d06092a864886f70d0101040500305a310b3009060355040613025553311c301a060355040a1313457175696661782053656375726520496e632e312d302b06035504031324457175696661782053656375726520476c6f62616c2065427573696e6573732043412d31301e170d3038313130333037353230325a170d3039313130343037353230325a3082011c310b300906035504061302555331493047060355040a1340692e62726f6b652e7468652e696e7465726e65742e616e642e616c6c2e692e676f742e7761732e746869732e742d73686972742e7068726565646f6d2e6f726731133011060355040b130a475431313032393030313131302f060355040b1328536565207777772e726170696473736c2e636f6d2f7265736f75726365732f637073202863293038312f302d060355040b1326446f6d61696e20436f6e74726f6c2056616c696461746564202d20526170696453534c2852293149304706035504031340692e62726f6b652e7468652e696e7465726e65742e616e642e616c6c2e692e676f742e7761732e746869732e742d73686972742e7068726565646f6d2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b2d32581aa28e878b1e50ad53c0f36576ea95f06410e6bb4cb07170000005bfd6b1c7b9ce8a9a3c5450b36bb01d153aac3088f6ff84f3e87874411dc60e0df9255f9b8731b5493c59fd046c460b63562cdb9af1ca86b1ac95b3c9637c0ed67efbbfec08b9c502f29bd83229e8e08faac1370a2587f62628a11f789f6dfb667597316fb63168ab49138ce2ef5b6be4ca49449e465510a4215c9c130e269d5457da526bbb961ec6264f039e1e7bc68d850519e1d60d3d1a3a70af80320a170011791364f0270318683ddf70fd8071d11b31304a5daf0ae50b1280e63692a0c826f8f4733df6ca20692f14f45bed93036a32b8cd677ae35637f4e4c9a934836d99f0203010001a381bd3081ba300e0603551d0f0101ff0404030204f0301d0603551d0e04160414cda683faa56037f796371729de4178f1878955e7303b0603551d1f043430323030a02ea02c862a687474703a2f2f63726c2e67656f74727573742e636f6d2f63726c732f676c6f62616c6361312e63726c301f0603551d23041830168014bea8a07472506b44b7c923d8fba8ffb3576b686c301d0603551d250416301406082b0601050507030106082b06010505070302300c0603551d130101ff04023000"},
{"TBSCertificate from Flame malware attack", "30820568a00302010202021b7e300906052b0e030203050030818031133011060a0992268993f22c6401191603636f6d31193017060a0992268993f22c64011916096d6963726f736f667431183016060a0992268993f22c640119160865787472616e657431183016060a0992268993f22c6401191608706172746e657273311a3018060355040313114d6963726f736f6674204c535241205041301e170d3130303231393231343833395a170d3132303231393231343833395a300d310b3009060355040313024d5330820122300d06092a864886f70d01010105000382010f003082010a0282010100a689436fc6ca9d42adbd28d54649e055f2cc38e03dc07cba1dcabb92c4be4c5f1af9d6424b340b2f8aaccb9731ef762fc385af95934746f6ff7ccadfc8f9d06aecdf0e915523ab640690d33783a80e3e5e7f773566742087421f25178ad528053805c8486d63763efd5a116707096d98a3084af1117f80a74e37d4f00e347ad5ba83ad601e5744655072cdaf1ed01e30c2eb6a51e2aa548557fa9cb159e8245ed438d3568168d5058b482592a2111be85154d9d90460ee1cfb6aecf06e38bbadda3587637486ef1fcd8092a2983a979abd35d17d2e3a4704481774dba367d98278e0772cccac3961a6d89daafcde6f604c7c730731932f67284a7ed1ae4c42dd020301000181820378006a4ce01ff59169b27436f07f7b4b7bc6beeb3f9f983da38487547e728771254b6835ae65bd6c8fdc8dacc4e89892dedc5362f5726a2527a31246eb7f6d58cd3083d77a85b848e60e011168657d53380b40f43b684359c13c05c340269d5197e2eb2eb8c2196e4e94463bd8d4fd0d00d168fadff3fa188a7c659bda23119f16a68b23248887226919c211ea9d3681adfbe88bd2d0eb06f21a868dc684f388c5e0d964c64895d4bed3544891e66ce91e33971542eeb46d1f150b27dd08bb81deb6961639d926446a5fd16b3f1271dcf09962d2431458f86ef82235d290f7fd936ac449b8cb0ce965a8f722b5f2051920ef2563c7b3974a823eb2e3eeb45ecb1db3598f8df47901b1b6688914b48f9d60d771a53d950203010001a382025a30820256301d0603551d0e041604149a9a5d77bd8466a4f1de18101b6e67a597c11487301f0603551d2304183016801475e803585dfb65e4d9a6ac17b6037e47ad2e81af3081c20603551d1f0481ba3081b73081b4a081b1a081ae8656687474703a2f2f746b78706173727633362e706172746e6572732e65787472616e65742e6d6963726f736f66742e636f6d2f43657274456e726f6c6c2f4d6963726f736f66742532304c53524125323050412e63726c865466696c653a2f2f5c5c746b78706173727633362e706172746e6572732e65787472616e65742e6d6963726f736f66742e636f6d5c43657274456e726f6c6c5c4d6963726f736f6674204c5352412050412e63726c3082013106082b06010505070101048201233082011f30818e06082b06010505073002868181687474703a2f2f746b78706173727633362e706172746e6572732e65787472616e65742e6d6963726f736f66742e636f6d2f43657274456e726f6c6c2f746b78706173727633362e706172746e6572732e65787472616e65742e6d6963726f736f66742e636f6d5f4d6963726f736f66742532304c53524125323050412e63727430818b06082b06010505073002867f66696c653a2f2f5c5c746b78706173727633362e706172746e6572732e65787472616e65742e6d6963726f736f66742e636f6d5c43657274456e726f6c6c5c746b78706173727633362e706172746e6572732e65787472616e65742e6d6963726f736f66742e636f6d5f4d6963726f736f6674204c5352412050412e637274301a06082b060104018237120101ff040b1609544c537e4241534943"},
}
for i, tc := range testcases {
data, _ := hex.DecodeString(tc.hex)
var h Hash = NewMD5()
h.Write(data)
sum, ok := h.DetectSum(nil)
if ok {
t.Errorf("No collisions found for testcase %d (%s, hash %x)", i, tc.name, sum)
}
}
}
func TestMD5Many(t *testing.T) {
var zeroes [5000]byte
for i := 0; i <= len(zeroes); i++ {
var h Hash = NewMD5()
data := zeroes[:i]
expected := md5.Sum(data)
h.Write(data)
ret, ok := h.DetectSum(nil)
if subtle.ConstantTimeCompare(ret, expected[:]) != 1 {
t.Errorf("MD5(0x00 * %d) incorrect: %x (not %x)", i, ret, expected)
}
if !ok {
t.Errorf("MD5(0x00 * %d) detected spurious collision", i)
}
}
}
func TestMD5Large(t *testing.T) {
var zeroes [2500000]byte
var h Hash = NewMD5()
expected := md5.Sum(zeroes[:])
h.Write(zeroes[:])
ret, ok := h.DetectSum(nil)
if subtle.ConstantTimeCompare(ret, expected[:]) != 1 {
t.Errorf("MD5(0x00 * %d) incorrect: %x (not %x)", len(zeroes), ret, expected)
}
if !ok {
t.Errorf("MD5(0x00 * %d) detected spurious collision", len(zeroes))
}
}