• State Resolved
  • Locked Locked
  • Replies 5 replies
  • Subscribers 30 subscribers
  • Views 2921 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

TM4C129ENCPDT: SHA-256 Results differ from openssl sha256 and online calculators

Brian Willoughby18
Intellectual 935 points
Part Number: TM4C129ENCPDT
Other Parts Discussed in Thread: SHA-256

I could be doing something wrong, but if I feed the same data into the TM4C SHA/MD5 peripheral and another reference SHA-256 implementation such as openssl, the results are different.

If I create a text file containing "Now is the time for all good men to come to the aid of their country.\n" and feed it to "openssl sha256 -binary test.txt > test.sha256" then the result is:

00000000  f0 b4 34 ec 0e d6 18 4f  c8 84 4c 7f e4 da bd cc  |..4....O..L.....|

00000010  9f 66 76 bc a1 3f 18 87  79 24 f7 a3 00 6c 1e 8e  |.fv..?..y$...l..|

But that same data fed to the SHA-256 mode peripheral in the TM4C results in:

SHA2: 34F85BD52F2FFDC96E6F2CA5255A30C3E46214C923B3222F94D8DAC695C64791

Is there something about openssl sha256 digests that are different from raw SHA-256 computations? Is it just a coincidence that a SHA256 Hash Calculator produces the same result as openssl? Is it possible that I am printing out the SHA Results incorrectly? (I'm printing one byte at a time, in hex, rather than one word at a time)

  • 0
    TI__Guru*** 135355 points

    Hello Brian,

    It seems that other customers have noticed the way TM4C calculates the SHA 256 hash ends up being a bit different from online tools. This post talked about that and then Amit posted an example that calculates it per the tool: https://e2e.ti.com/support/microcontrollers/other/f/908/p/375927/1364965#1364965

    Can you check if that is sufficient for you to get the results you are looking for?

    If not, I'll have to look into this in more detail on Monday when I am back in the office.

  • 0 in reply to Ralph Jacobi
    Intellectual 935 points

    Hello Ralph,

    The other discussion refers to HMAC, where a seed can be provided. Obviously, providing a different seed will produce a different hash. I am working with plain SHA-256, and have not set the HMAC bit in the SHA/MD5 peripheral configuration. Thus, I assume that the final hash should alway be the same, since the peripheral provides the constants for the start of the hash.

    Granted, I'm showing my ignorance here, because I do not know whether the standard `openssl` and `shasum -a 256` commands are using HMAC or not. I'll have to dig deeper on those external tools.

    Meanwhile, do you have any information on whether the non-HMAC SHA-256 hash results can be expected to match between the TM4C peripheral and other implementations?

    Thanks,

    Brian

  • 0 in reply to Brian Willoughby18
    Intellectual 935 points

    Oops! This was my mistake. My C strings were including the terminating NULL, which of course altered the hash compared to the files used with `openssl` and `shasum` that did not have any NULL characters.

    I was careful to make sure that the carriage return and line feed characters matched between my various test data, but I had overlooked the fact that sizeof(string) includes the NULL.

    I've now confirmed the exact same hash results from the TM4C SHA/MD5 peripheral match other implementations of SHA-256.

    Brian

  • 0 in reply to Brian Willoughby18
    TI__Guru*** 135355 points

    Hi Brian,

    The devil is in the details sometimes :).

    I wouldn't have thought of that right away so glad you caught it because I was scratching my head a bit about why non-HMAC results would not match.

    Thanks for the quick follow-up!

  • 0 in reply to Ralph Jacobi
    Intellectual 935 points

    ... and thank you for being a weekend warrior and replying on a Saturday. I appreciated that reply when I saw it, but didn't get a chance to access my work computer until the morning.