If you need to find the algorithm to a CRC, checksum or hash value you can use Jacksum.
For those who don't know: Jacksum is a free and cross platform data integrity software tool. For more information go to https://jacksum.net
Let's keep things simple and let's pretend that you know your algorithm returns a message digest of 16 bits, and the the message digest is d893 in hex, lowercase. Input was 050000 in hex, lowercase. You can call jacksum with the following options:
- Option -a unknown:16 means you don't know the algorithm, but at least you know it returns 16 bits
- Option -E hex means you want a hexadecimal encoding for the message digest
- Option -q hex:050000 means you want to calcualate the message digest from the hex input 050000 quickly
- Option -e d893 means an expected hash value of d893, expressed as hex
jacksum -a unknown:16 -q hex:050000 -E hex -e d893
produces the following output:
Trying 13 algorithms with a width of 16 bits that are supported by Jacksum 3.0.0 ...
Trying 30 CRC algorithms with a width of 16 bits by testing against well known CRCs ...
Trying all CRC algorithms with a width of 16 bits by brute force (be patient!) ...
Jacksum: algorithms tested: 1048620
Jacksum: algorithms found: 21
Jacksum: elapsed time: 6 s, 460 ms
Means Jacksum has tested more than one million algorithms in about 7 seconds and it found 21 matching algorithms. Each of those returns the same CRC value. Test with more input/output sequences and/or longer input sequences in order to find the right algorithm. The most likely algorithm is printed with a name if it is a well known CRC. In this example it has been identified as the CRC-16/GENIBUS.
Once you have identified the correct algorithm, you can calculate your own input data using the CRC definitions that have been found:
jacksum -a crc:16,1021,FFFF,false,false,FFFF -E hex -q hex:050000
The output "d893 3" means that 3 bytes have been read (050000) in order to produce the 16 bit (2 byte) hexadecimal value d893 using the algorithm as defined by -a.