does SecureHashAlgorithm pad correctly?
Howard Stearns
howard.stearns at qwaq.com
Tue Oct 30 00:11:15 UTC 2007
That sounds right. Fits some other flotsam on the net.
Thanks, Rob!
-H
Rob Withers wrote:
> Oh, I see what you are saying now. I got hung up on 64 bits vs bytes.
>
> So I changed SHA1 to compute the final buffer and return it. I get:
> 'DA39A3EE5E6B4B0D3255BFEF95601890AFD80709'
> as a result. This matches http://en.wikipedia.org/wiki/SHA1:
> SHA1("") = da39a3ee 5e6b4b0d 3255bfef 95601890 afd80709
>
> Here is the code change I made in #hashStream:
>
> aPositionableStream atEnd ifTrue: [self processFinalBuffer: #()
> bitLength: 0].
>
> instead of the error.
>
> Rob
>
> ----- Original Message ----- From: "Howard Stearns"
> <howard.stearns at qwaq.com>
> To: "The general-purpose Squeak developers list"
> <squeak-dev at lists.squeakfoundation.org>
> Sent: Monday, October 29, 2007 3:16 PM
> Subject: Re: does SecureHashAlgorithm pad correctly?
>
>
>> And zero length messages? What should I get back?
>>
>> Rob Withers wrote:
>>> Howard,
>>>
>>> I think you are reading the code wrong. In
>>> #processFinalBuffer:bitLength: a final buffer of soze 64 BYTES is
>>> being created and populated. That is 512 bits. Both
>>> SecureHashAlgorithm, from the base image, and SHA1, from the
>>> Cryptography Team Package are doing this.
>>>
>>> Rob
>>>
>>> ----- Original Message ----- From: "Howard Stearns"
>>> <howard.stearns at qwaq.com>
>>> To: "The general-purpose Squeak developers list"
>>> <squeak-dev at lists.squeakfoundation.org>
>>> Sent: Monday, October 29, 2007 2:05 PM
>>> Subject: does SecureHashAlgorithm pad correctly?
>>>
>>>
>>>> The class comment for SecureHashAlgorithm says it implements the SHA
>>>> standard, but I'm not sure it's padding correctly.
>>>>
>>>> My reading of the standard is that all messages -- including zero
>>>> length messages -- should be padded to 512 bit size in a certain way.
>>>>
>>>> See section "4. Message Padding" of
>>>> http://www.itl.nist.gov/fipspubs/fip180-1.htm
>>>>
>>>> My reading of the code is that it explicitly fails with an error for
>>>> zero length messages, and pads to 64 bit sizes.
>>>>
>>>> Am I nuts?
>>>>
>>>> --
>>>> Howard Stearns
>>>> AIM: qwaqHoward
>>>> Qwaq: +1-650-331-1437
>>>> office: +1-608-850-4482
>>>> mobile: +1-608-658-2419
>>>>
>>>>
>>>
>>>
>>
>> --
>> Howard Stearns
>> AIM: qwaqHoward
>> Qwaq: +1-650-331-1437
>> office: +1-608-850-4482
>> mobile: +1-608-658-2419
>>
>>
>
>
--
Howard Stearns
AIM: qwaqHoward
Qwaq: +1-650-331-1437
office: +1-608-850-4482
mobile: +1-608-658-2419
More information about the Squeak-dev
mailing list
|