6 Centrum Wiskunde & Informatica
7 P.O. Box 94079, 1090 GB Amsterdam, Netherlands
10 License: see LICENSE file
14 Compile libdetectcoll.c libdetectcoll.h into your project
16 Use library interface:
17 void MD5Init(MD5_CTX*);
18 void MD5Init_unsafe(MD5_CTX*);
19 void MD5Update(MD5_CTX*, const char* buf, unsigned len);
20 int MD5Final(unsigned char hash[16], MD5_CTX*);
22 void SHA1Init(SHA1_CTX*);
23 void SHA1Init_unsafe(SHA1_CTX*);
24 void SHA1Update(SHA1_CTX*, const char* buf, unsigned len);
25 int SHA1Final(unsigned char hash[20], SHA1_CTX*);
27 Allocate a context and call MD5Init/SHA1Init.
28 Process your message (in chunks) with MD5Update/SHA1Update.
29 Obtain digest with MD5Final/SHA1Final and auxilary input indicating whether a collision attack was detected.
32 MD5Final and SHA1Final store the computed digest in hash and return 0 if no collision attack was detected.
33 Non-zero return value indicates a detected collision attack and the application should act accordingly.
35 MD5Init_unsafe and SHA1Init_unsafe will result in the correct and possibly unsafe MD5 and SHA-1 hash.
37 MD5Init and SHA1Init will result in the correct MD5 and SHA-1 hash *if no collision attack was detected*,
38 otherwise they will return a different but safe to use hash (how this is generated may change in future revisions).
39 In this manner they can protect an application against collision attacks without further action in the application.
46 Run: detectcoll <files>
47 Run: detectcollv <files> (verbose version)
49 (Run: detectcoll_reducedsha <files> (also reports detected collision attacks on *reduced-round* SHA-1, only for testing))
54 Please let us know if and where you're using it.
55 We'd be happy to know where it is being used
56 and if desired can keep you updated on new improved versions.
projects / cassiopeia.git / blob