Nmap Development mailing list archives
RE: [RFC] Lua bindings for OpenSSL md5 and sha1 hash functions
From: Matthew Boyle <matt_boyle32 () hotmail com>
Date: Thu, 6 Dec 2007 20:07:06 +0000
From: TBuchanan () thecompassgrp net
So, I was working on another NSE script recently, and needed the ability to calculate SHA1 hashes. I did a Google search, and found Lua bindings against the OpenSSL library for MD5 and SHA1 hashes[1]. Using that code as a starting point, I created a new NSE library called openssl, which includes two functions, digest_md5() and digest_sha1().
cool! i've been meaning to get the luacrypto ( http://luacrypto.luaforge.net/ ) package working with NSE for a while now. it provides access to the full set of openSSL message digests, as well as HMAC and the random number generator.
These two functions take a string as the primary argument, and an optional boolean value for a second. By default, they return the hex representation of MD5 or SHA1 digest calculated from the string. If the second boolean argument is true, they return the raw 16 or 20 digit digests.
i think it would be better to have separate functions for the raw digest output,
rather than using the boolean field. digest_{md5,sha1}_raw(), perhaps?
Since Nmap is currently in feature freeze, I'm certainly not suggesting this be included at the moment, but I thought I'd put it out there to see if there was any interest, and to get feedback and comments. I'm not too familiar with the OpenSSL library, or Lua bindings, but if there's interest in exposing other functions to Lua/NSE, I'd be happy to look into it.
at some point i intend to finish off the X509 bindings i started last year. i remember someone expressing an interest in having some interface for creating ASN.1 objects, for SNMP and the like. openSSL would be one way to provide that, since plenty of people will already have it available. on the other hand, the API looks quite nasty, and there doesn't seem to be a whole lot of documentation... --matt _________________________________________________________________ Celeb spotting – Play CelebMashup and win cool prizes https://www.celebmashup.com _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [RFC] Lua bindings for OpenSSL md5 and sha1 hash functions Thomas Buchanan (Dec 05)
- RE: [RFC] Lua bindings for OpenSSL md5 and sha1 hash functions Matthew Boyle (Dec 06)
- Re: [RFC] Lua bindings for OpenSSL md5 and sha1 hash functions Brandon Enright (Dec 06)
- Re: [RFC] Lua bindings for OpenSSL md5 and sha1 hash functions Thomas Buchanan (Dec 07)
- RE: [RFC] Lua bindings for OpenSSL md5 and sha1 hash functions Matthew Boyle (Dec 06)