HMAC has a totally different implementation so "key or no key"
Hi, thanks for your improvements.Hi, you're welcome :)
which compiler gave the inline hint?The thing with inline hints was interesting and it was D2010.
I do not think disabling rtti is the best solution even though it works.I do agree but we use RTTI in our project only for certain classes and that's why the hints have appeared.
according to your commit, I can see that only two units, hlpmurmur2 and hlpsiphash2_4 gives that hint?Yes, exactly.
please confirm if I am correct.
I do not think disabling rtti is the best solution even though it works.I do agree but we use RTTI in our project only for certain classes and that's why the hints have appeared.according to your commit, I can see that only two units, hlpmurmur2 and hlpsiphash2_4 gives that hint?Yes, exactly.
please confirm if I am correct.
RTTI should never ever be used in security related code.
This library contains multiple "secure" hashes.
Is this really essential for this library?
Then it is unusable. Because that is runtime readable code.
There are many more alternatives that don't make that mistake.
Maybe I misunderstood. In that case please explain.
v1.1 Release.
Below is a Summary of (but not limited to) changes in this release.
* optimizations and performance improvements in various hashes
especially those that descends from TBlockHash.
* fix for timing attack when comparing the internal state of hashes.
https://github.com/Xor-el/HashLib4Pascal
- There is still RTTI, which is not a good idea. I wasn't the only one to complain.
- There are some readability issues regarding string types:
You have a lot of {$ifdef FPC} to determine UnicodeString. you need only one per unit:That cleans things up a bit.....
unit xxx {$ifdef fpc}{$mode delphiunicode}{$H+}{$endif} .... //One per unit! instead of one per codeblock
I added to my comment and our posts crossed when I was still testing. Plz read it again.thanks for replying.
As for RTTI scan the code for published.
Xor-El,
Is there any way to only include the ciphers that are desired in a particular application?
I have several projects where I need only MD5, SHA1 and SHA2, as an example, or SHA1, SHA2 and SHA3.
Currently, the only (or easiest) way to use the encyrption is HlpHashFactory, and that brings every hash algorithm into the mix.
Regards,
yes it is very possible but why do you want to complicate things for yourself?
if it's because of size, don't worry, smartlinking in FreePascal removes unused details in the final binary.
well to answer your question, you can do this.
uses SysUtils, HlpIHash, HlpMD5; var MD5Hash: IHash; Value : TBytes; begin MD5Hash := TMD5.Create(); Value := MD5Hash.ComputeBytes(TBytes.Create($01, $02)); end.
uses SysUtils, HlpIHash, HlpMD5; var MD5Hash: IHash; Value : TBytes; begin MD5Hash := TMD5.Create(); Value := MD5Hash.ComputeBytes(TBytes.Create($01, $02)); end.
SomeString := MD5Hash.ComputeFile(ThisFile).ToString(); // This results in an access violation.Are you sure you created the MD5Hash instance before calling MD5Hash.ComputeFile?
You are right, my bad.
My previous example will not compile.
Are you sure you created the MD5Hash instance before calling MD5Hash.ComputeFile?
Can you upload your sample code that throws the access violation?
by the way, what version of Lazarus/FPC are you using?
Just released v3.0 of this Library.
https://github.com/Xor-el/HashLib4Pascal
Added support for Shake128 and Shake256 XOF.
Regards.
Hi!
Thanks for this great library!
My question is, what is the default blocksize for TBlake2B?
And... I want 32 byte blocksize for TBlake2B (64bit) like as TBlake2S, so:
{$IFDEF WIN32} Hash := TBlake2S.Create(); {$ENDIF} {$IFDEF WIN64} Hash := TBlake2B.Create(32, 65535); {$ENDIF}
I got error after run: "config."
1. I guess what you mean is HashSize (which is probably what you mean). Default HashSize for Blake2B is 512bit (64 bytes)
2. With respect to HashSize, this is what you need
https://github.com/Xor-el/HashLib4Pascal/blob/master/HashLib/src/Base/HlpHashFactory.pas#L386
Create(a_hash_size, a_block_size:int32)So, if I set a_hash_size and a_block_size why the result is: "config. exception"? Something wrong with it.
What are you trying to achieve in question 1?
keccak = sha3?
Hi!
I'd like selectable hash algorithm, so I use common variable for it:
var Hash: IHash;
and for example:
Hash := THashFactory.TCrypto.CreateBlake2S_256();
So, can I use this next line with IHash variable?
Hash := THashFactory.THash32.CreateXXHash32;
Because as I see the result is IHashWithKey
class function THashFactory.THash32.CreateXXHash32: IHashWithKey;
Thanks!
Hello.
I'm trying to use HashLib4Pascal to hash a string using Shake-256. I wrote this sample test code but it produces nothing (an empty string). Am I missing anything?
Hello.
I'm trying to use HashLib4Pascal to hash a string using Shake-256. I wrote this sample test code but it produces nothing (an empty string). Am I missing anything?
uses Classes, SysUtils, Forms, Controls, Graphics, Dialogs, StdCtrls, HlpIHash, HlpIHashResult, HlpSHA3; ... procedure TForm1.Button1Click(Sender: TObject); var cHash: IHash; Value : string; begin cHash := TShake_256.Create(); Value := cHash.ComputeString(Edit1.Text, TEncoding.UTF8).ToString(); Memo1.lines.Clear; Memo1.lines.Text:=Value; end;
Thanks!
Hi,
You do have to understand that shake256 is a XOF https://en.m.wikipedia.org/wiki/Category:Extendable-output_functions (https://en.m.wikipedia.org/wiki/Category:Extendable-output_functions) so it can output variable length output based on your input.
Unfortunately, you didn't specify what output size you wanted that's why your output is empty.
In this example below, I will use output XOF size as 256 bits (32 bytes)
uses Classes, SysUtils, Forms, Controls, Graphics, Dialogs, StdCtrls, HlpIHash, HlpHashFactory; ... procedure TForm1.Button1Click(Sender: TObject); var cHash: IHash; Value : string; begin cHash := THashFactory.TXOF.CreateShake_256(256); Value := cHash.ComputeString(Edit1.Text, TEncoding.UTF8).ToString(); Memo1.lines.Clear; Memo1.lines.Text:=Value; end;
Is it possible to make a password for Apache (like in htpasswd (https://httpd.apache.org/docs/2.4/misc/password_encryptions.html)) with HashLib4Pascal? :-\
"{SHA}" + Base64-encoded SHA-1 digest of the passwordonly (-nbs).
Is it possible to make a password for Apache (like in htpasswd (https://httpd.apache.org/docs/2.4/misc/password_encryptions.html)) with HashLib4Pascal? :-\Hi trevor, what exact algorithms does Apache Password use and in what order is it used?
BTW I need aHashLib4Pascal has support for SHA-1 including a host of other algorithms.Quote"{SHA}" + Base64-encoded SHA-1 digest of the passwordonly (-nbs).
BTW I need aHashLib4Pascal has support for SHA-1 including a host of other algorithms.Quote"{SHA}" + Base64-encoded SHA-1 digest of the passwordonly (-nbs).
for Base64, you can use https://github.com/Xor-el/SimpleBaseLib4Pascal (https://github.com/Xor-el/SimpleBaseLib4Pascal)
@trevor, below is a Demo that computes the output using the SHA-1 algorithm and compares the result to the one found at https://httpd.apache.org/docs/2.4/misc/password_encryptions.html (https://httpd.apache.org/docs/2.4/misc/password_encryptions.html).
You will need the HashLib4Pascal and SimpleBaseLib4Pascal packages as they are dependencies.
program PassDemo; uses SysUtils, SbpBase64, HlpHashFactory; var Password, Result: string; begin Password := 'myPassword'; Result := '{SHA}' + TBase64.Default.Encode( THashFactory.TCrypto.CreateSHA1().ComputeString( Password, TEncoding.UTF8).GetBytes()); WriteLn(Result); Assert(Result = '{SHA}VBPuJHI7uixaa6LQGWx4s+5GKNE='); ReadLn; end.
@trevor, below is a Demo that computes the output using the SHA-1 algorithm and compares the result to the one found at https://httpd.apache.org/docs/2.4/misc/password_encryptions.html (https://httpd.apache.org/docs/2.4/misc/password_encryptions.html).
You will need the HashLib4Pascal and SimpleBaseLib4Pascal packages as they are dependencies.
program PassDemo; uses SysUtils, SbpBase64, HlpHashFactory; var Password, Result: string; begin Password := 'myPassword'; Result := '{SHA}' + TBase64.Default.Encode( THashFactory.TCrypto.CreateSHA1().ComputeString( Password, TEncoding.UTF8).GetBytes()); WriteLn(Result); Assert(Result = '{SHA}VBPuJHI7uixaa6LQGWx4s+5GKNE='); ReadLn; end.
Thanks a lot (https://i.gifer.com/origin/8f/8fec972f7dccfc995ee799f8044a0341_w200.gif)! You're the best! Exactly what I need! ;D
updated to version 4.1
- changelog from 4.0 to 4.1
* add Blake3 and Blake3XOF support
* performance improvements especially XOF Related.
** Now updated in OPM