does SecureHashAlgorithm pad correctly?Howard Stearns howard.stearns at qwaq.comTue Oct 30 00:11:15 UTC 2007
That sounds right. Fits some other flotsam on the net. Thanks, Rob! -H Rob Withers wrote: > Oh, I see what you are saying now. I got hung up on 64 bits vs bytes. > > So I changed SHA1 to compute the final buffer and return it. I get: > 'DA39A3EE5E6B4B0D3255BFEF95601890AFD80709' > as a result. This matches http://en.wikipedia.org/wiki/SHA1: > SHA1("") = da39a3ee 5e6b4b0d 3255bfef 95601890 afd80709 > > Here is the code change I made in #hashStream: > > aPositionableStream atEnd ifTrue: [self processFinalBuffer: #() > bitLength: 0]. > > instead of the error. > > Rob > > ----- Original Message ----- From: "Howard Stearns" > <howard.stearns at qwaq.com> > To: "The general-purpose Squeak developers list" > <squeak-dev at lists.squeakfoundation.org> > Sent: Monday, October 29, 2007 3:16 PM > Subject: Re: does SecureHashAlgorithm pad correctly? > > >> And zero length messages? What should I get back? >> >> Rob Withers wrote: >>> Howard, >>> >>> I think you are reading the code wrong. In >>> #processFinalBuffer:bitLength: a final buffer of soze 64 BYTES is >>> being created and populated. That is 512 bits. Both >>> SecureHashAlgorithm, from the base image, and SHA1, from the >>> Cryptography Team Package are doing this. >>> >>> Rob >>> >>> ----- Original Message ----- From: "Howard Stearns" >>> <howard.stearns at qwaq.com> >>> To: "The general-purpose Squeak developers list" >>> <squeak-dev at lists.squeakfoundation.org> >>> Sent: Monday, October 29, 2007 2:05 PM >>> Subject: does SecureHashAlgorithm pad correctly? >>> >>> >>>> The class comment for SecureHashAlgorithm says it implements the SHA >>>> standard, but I'm not sure it's padding correctly. >>>> >>>> My reading of the standard is that all messages -- including zero >>>> length messages -- should be padded to 512 bit size in a certain way. >>>> >>>> See section "4. Message Padding" of >>>> http://www.itl.nist.gov/fipspubs/fip180-1.htm >>>> >>>> My reading of the code is that it explicitly fails with an error for >>>> zero length messages, and pads to 64 bit sizes. >>>> >>>> Am I nuts? >>>> >>>> -- >>>> Howard Stearns >>>> AIM: qwaqHoward >>>> Qwaq: +1-650-331-1437 >>>> office: +1-608-850-4482 >>>> mobile: +1-608-658-2419 >>>> >>>> >>> >>> >> >> -- >> Howard Stearns >> AIM: qwaqHoward >> Qwaq: +1-650-331-1437 >> office: +1-608-850-4482 >> mobile: +1-608-658-2419 >> >> > > -- Howard Stearns AIM: qwaqHoward Qwaq: +1-650-331-1437 office: +1-608-850-4482 mobile: +1-608-658-2419
More information about the Squeak-dev mailing list |