What is the correct pose generated by hashing? In three steps:
1. Collect relevant business parameters, in this case amount and target account. Of course, there are a lot more parameters than that in practice, but this is just a simplification.
2. According to the rules, the parameter name and parameter value are concatenated into a string, and the given key is also concatenated. The key is needed because an attacker might also know the concatenation rules.
3. Generate hash values from the original text using THE MD5 algorithm. The hash generated by MD5 is a 128-bit binary number, which is a 32-bit hexadecimal number.
How does the third-party payment platform verify the signature of the request? Also divided into three steps:
1. The sender and the requester agree on the same string concatenation rules and the same key.
2. After receiving a payment request, the third-party platform splices service parameters and keys according to rules and generates Sign using the MD5 algorithm.
3. Make a comparison between the Sign generated by the third-party platform and the Sign sent by the request. If the two Sign values are identical, the signature is correct; if the two Sign values are different, the information has been tampered. This process is called verification.
Underlying principles of the MD5 algorithm:
In a nutshell, the process of MD5 algorithm is divided into four steps: processing the original text, setting the initial value, cyclic processing, and stitching the result.
Step 1: Process the text
First, we calculate the result of mod 512 of the length of the original text (bit). If it is not 448, we need to fill the original text so that the mod 512 of the original text is 448. The method of filling is that the first bit is filled with 1 and the remaining bits are filled with 0. After filling in, the length of the message is 512*N+448.
Then, use the remaining position (512-448=64 bits) to record the actual length of the text, and add the binary value of the length at the end. The resulting message length is 512*(N+1).
Step 2: Set the initial value
The length of MD5 hash is 128 bits, divided into four groups according to each 32 bits. These 4 groups of results are obtained from the continuous evolution of 4 initial values A, B, C and D. In the official implementation of MD5, the initial values of A, B, C, and D are as follows (hexadecimal) :
A=0x01234567
B=0x89ABCDEF
C=0xFEDCBA98
D=0x76543210
The third step: cycle processing
This is the most complicated step. Let’s take A look at the diagram below, which represents the flow of A,B,C, and D values.
In the diagram, A, B, C, and D are the four groups of hash values. Each cycle will cause the old ABCD to produce a new ABCD. How many cycles are there? It is determined by the length of the processed text.
Assume that the length of the processed text is M
Number of main cycles = M / 512
Each main loop contains 512/32 * 4 = 64 subloops.
The diagram above shows the flow of a single subloop.
Here are the other elements in the diagram:
1. The green F
The green F is the nonlinear function. There are four functions used by the official MD5:
F(X, Y, Z) =(X&Y) | ((~X) & Z)
G(X, Y, Z) =(X&Z) | (Y & (~Z))
H(X, Y, Z) =X^Y^Z
I(X, Y, Z)=Y^(X|(~Z))
In the 64 subloops below the main loop, F, G, H, and I are used alternately, with F 16 times in the first, G 16 times in the second, H 16 times in the third, and I 16 times in the fourth.
2. “Tian” in red
Very simple, red tian represents the meaning of addition.
3.Mi
Mi is the original text after the first step. In the first step, the length of the processed text is an integer multiple of 512. Divide each 512 bits of the original text into 16 equal parts, named M0 to M15, and each equal part is 32 in length. In 64 sub-loops, one of M1 to M16 is used alternately every 16 times.
4.Ki
A constant, and in 64 subloops, the constant is used differently each time.
5. Yellow <<
If we move S to the left, the value of S is constant.
At the end of the “pipeline”, the result of the calculation is added to B instead of B. The generation of new ABCD can be summarized as follows:
The new A is equal to the old D
New B = B + ((a + F (B, c, d) + Mj + Ki) < < < s)
The new C is equal to the old B
The new D is equal to the old C
The 64 sub-loops of the main loop can be summarized in the following four parts:
The first round:
FF(a, B, C, D,M0,7,0 xd76AA478) s[0]=7, K[0] = 0xD76AA478
FF(a,b,c,d,M1,12,0xe8c7b756) s[1]=12, K[1] = 0xe8c7b756
FF (a, b, c, d, M2, 17, 0 x242070db)
FF (a, b, c, d, M3, 22, 0 xc1bdceee)
FF (a, b, c, d, M4, 7, 0 xf57c0faf)
FF (a, b, c, d, M5, 12, 0 x4787c62a)
FF (a, b, c, d, M6, 17, 0 xa8304613)
FF (a, b, c, d, M7, 22, 0 xfd469501)
FF (a, b, c, d, M8, 7, 0 x698098d8)
FF (a, b, c, d, M9, 12, 0 x8b44f7af)
FF (a, b, c, d, M10, 17, 0 xffff5bb1)
FF (a, b, c, d, M11, 22, 0 x895cd7be)
FF (a, b, c, d, M12, 7, 0 x6b901122)
FF (a, b, c, d, M13, 12, 0 xfd987193)
FF (a, b, c, d, M14, 17, 0 xa679438e)
FF (a, b, c, d, M15, 22, 0 x49b40821)
The second round:
GG (a, b, c, d, M1, 5, 0 xf61e2562)
GG (a, b, c, d, M6, 9, 0 xc040b340)
GG (a, b, c, d, M11, 14, 0 x265e5a51)
GG (a, b, c, d, M0, 20, 0 xe9b6c7aa)
GG (a, b, c, d, M5, 5, 0 xd62f105d)
GG (a, b, c, d, M10, 9, 0 x02441453)
GG (a, b, c, d, M15, 14, 0 xd8a1e681)
GG (a, b, c, d, M4, 20, 0 xe7d3fbc8)
GG (a, b, c, d, M9, 5, 0 x21e1cde6)
GG (a, b, c, d, M14, 9, 0 xc33707d6)
GG (a, b, c, d, M3, 14, 0 xf4d50d87)
GG (a, b, c, d, M8, 20, 0 x455a14ed)
GG (a, b, c, d, M13, 5, 0 xa9e3e905)
GG (a, b, c, d, M2, 9, 0 xfcefa3f8)
GG (a, b, c, d, M7, 14, 0 x676f02d9)
GG (a, b, c, d, M12, 20, 0 x8d2a4c8a)
The third round:
HH (a, b, c, d, M5, 4, 0 xfffa3942)
HH (a, b, c, d, M8, 11, 0 x8771f681)
HH (a, b, c, d, M11, 16, 0 x6d9d6122)
HH (a, b, c, d, M14, 23, 0 xfde5380c)
HH (a, b, c, d, M1, 4, 0 xa4beea44)
HH (a, b, c, d, M4, 11, 0 x4bdecfa9)
HH (a, b, c, d, M7, 16, 0 xf6bb4b60)
HH (a, b, c, d, M10, 23, 0 xbebfbc70)
HH (a, b, c, d, M13, 4, 0 x289b7ec6)
HH (a, b, c, d, M0, 11, 0 xeaa127fa)
HH (a, b, c, d, M3, 16, 0 xd4ef3085)
HH (a, b, c, d, M6, 23, 0 x04881d05)
HH (a, b, c, d, M9, 4, 0 xd9d4d039)
HH (a, b, c, d, M12, 11, 0 xe6db99e5)
HH (a, b, c, d, M15, 16, 0 x1fa27cf8)
HH (a, b, c, d, M2, 23, 0 xc4ac5665)
The fourth round:
Ⅱ (a, b, c, d, M0, 6, 0 xf4292244)
Ⅱ (a, b, c, d, M7, 10, 0 x432aff97)
Ⅱ (a, b, c, d, M14, 15, 0 xab9423a7)
Ⅱ (a, b, c, d, M5, 21, 0 xfc93a039)
Ⅱ (a, b, c, d, M12, 6, 0 x655b59c3)
Ⅱ (a, b, c, d, M3, 10, 0 x8f0ccc92)
Ⅱ (a, b, c, d, M10, 15, 0 xffeff47d)
Ⅱ (a, b, c, d, M1, 21, 0 x85845dd1)
Ⅱ (a, b, c, d, M8, 6, 0 x6fa87e4f)
Ⅱ (a, b, c, d, M15, 10, 0 xfe2ce6e0)
Ⅱ (a, b, c, d, M6, 15, 0 xa3014314)
Ⅱ (a, b, c, d, M13, 21, 0 x4e0811a1)
Ⅱ (a, b, c, d, M4, 6, 0 xf7537e82)
Ⅱ (a, b, c, d, M11, 10, 0 xbd3af235)
Ⅱ (a, b, c, d, M2, 15, 0 x2ad7d2bb)
Ⅱ (a, b, c, d, M9, 21, 0 xeb86d391)
Step 4: Concatenate results
This step is very simple, the circular processing of the final A, B, C, D four values together, converted into A string.
— — the END — — –
If you like this article, please click on the picture below to watch more exciting content