Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mapping to openssl implementations #58

Open
wires opened this issue Nov 30, 2016 · 4 comments
Open

Mapping to openssl implementations #58

wires opened this issue Nov 30, 2016 · 4 comments

Comments

@wires
Copy link

wires commented Nov 30, 2016
edited
Loading

How exactly does this table hashtable.csv map to the implementation in openssl, as used by say node:
https://stackoverflow.com/questions/14168703/crypto-algorithm-list

[ 'DSA',
  'DSA-SHA',
  'DSA-SHA1',
  'DSA-SHA1-old',
  'RSA-MD4',
  'RSA-MD5',
  'RSA-MDC2',
  'RSA-RIPEMD160',
  'RSA-SHA',
  'RSA-SHA1',
  'RSA-SHA1-2',
  'RSA-SHA224',
  'RSA-SHA256',
  'RSA-SHA384',
  'RSA-SHA512',
  'dsaEncryption',
  'dsaWithSHA',
  'dsaWithSHA1',
  'dss1',
  'ecdsa-with-SHA1',
  'md4',
  'md4WithRSAEncryption',
  'md5',
  'md5WithRSAEncryption',
  'mdc2',
  'mdc2WithRSA',
  'ripemd',
  'ripemd160',
  'ripemd160WithRSA',
  'rmd160',
  'sha',
  'sha1',
  'sha1WithRSAEncryption',
  'sha224',
  'sha224WithRSAEncryption',
  'sha256',
  'sha256WithRSAEncryption',
  'sha384',
  'sha384WithRSAEncryption',
  'sha512',
  'sha512WithRSAEncryption',
  'shaWithRSAEncryption',
  'ssl2-md5',
  'ssl3-md5',
  'ssl3-sha1',
  'whirlpool' ]

I'm not sure which hash function would give a correct hash to label it sha2-256 for instance,
is it RSA-SHA256 sha256 ? etc...

Could you provide any guidance on this?
thnx :-)
@RichardLitt
Copy link
Member

RichardLitt commented Nov 30, 2016
edited
Loading

Basically, what you see in the hashtable defined by multihash are hash functions which we have already given function codes. We mention in the README that there are other tables, too, which exist; your list looks like another possible table we could link. Specifically, it is returning names for hash algorithms as defined by crypto, which contains openssl as a dep. However, more specifically, it also includes functions which are not strictly hashing functions, but hashing and signing - really, a list of suites. For example, sha1WithRSAEncryption (how that is different from RSA-SHA1, I don't know). Multihash is only for hashing functions, so we won't support those at the moment, although there may be a future multi-* which will.

You'll have to look closer and figure out which hashing algorithm you are using specifically, and see if it is in the multihash table, and it if isn't, feel free to PR with a new function code.

Thanks to @Kubuxu and mib_kd743naq for helping me understand this on IRC. If I'm wrong at all, the fault is mine and not theirs. :)

@wires
Copy link
Author

wires commented Dec 1, 2016

It's a bit subtle indeed.

Do you happen to know of a correct mapping between a multihash function code and some (secure) hash function I can use from node? For instance the hash function that IPFS uses in it's JS implementation? If not I'd proceed scouring through it's source or I'll dive into some docs to figure out which name maps where.

Thanks for your (joint) efforts!

@wires
Copy link
Author

wires commented Dec 1, 2016
edited
Loading

BTW. Since the hash functions are deterministic, it would be very easy to compute a few hash values for each function and make them part of the multihash specification: require their implementations to compute the same result for some given numbers/bytes. (Effectively, making the examples part of the spec.)

Pick a few random numbers and you are near certain if hash function matches the code or not. (Unless I'm missing some more subtle things about hash functions)

multihash function code algorithm name x0 x1 x2 x3
0x0a foo foo(x0) foo(x1) ...
0x12 bar bar(x0) ...

You should even be able to detect which code should be used for a given function fully automatically, without requiring an explicit mapping. You can probably find some minimum set of colums needed to add to the specification to detect all listed hash functions without collision.

In other words, I rather take such a table and write a program that computes and verifies my wanted mapping between multihash and OpenSSL.

@RichardLitt
Copy link
Member

Do you happen to know of a correct mapping between a multihash function code and some (secure) hash function I can use from node? For instance the hash function that IPFS uses in it's JS implementation?

I personally don't. @diasdavid might have a better idea of what is used.

You're right, I believe, that it should be easy to add some hash values to verify that you are using the right function. I think this is a good idea, but it's a bit beyond the scope of this issue; perhaps open that idea in another one?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wires @RichardLitt