[squeak-dev] MD5 is broken (Cryptography)

Levente Uzonyi leves at caesar.elte.hu
Thu Jun 8 18:13:26 UTC 2017


On Thu, 8 Jun 2017, casimiro barreto wrote:

> I loaded it in Squeak 6.0 (trunk), Pharo 6.0 (32), Squeak 5.1 all in one, Pharo 5 all in one... All the last versions. Not from ConfigurationOfCryptography (which does not exist in the
> repository) but http://www.squeaksource.com/Cryptography package is Cryptography-rww.71.mcz but same error is present in Cryptography-acp.70.mcz and olders. Assume it worked in squeak 3.9 &
> 4 (because I used it at that point with no problems). To reproduce the error just do:
> 
> md5hash := MD5 new.
> md5hash initializeState.
> md5hash processBuffer: 'Casimiro de Almeida Barreto'.

#processBuffer: is a private method, which expects a ByteArray of size 64. 
A ByteString, or a smaller collection should not and will not work.
The following is expected to produce the correct output:

(MD5 hashMessage: 'Casimiro de Almeida Barreto') hex

In recent images, there's WebUtils, which uses a different MD5 
implementation:

WebUtils md5Digest: 'Casimiro de Almeida Barreto'

It uses a plugin shipped with the released VMs, so it's at least 10x 
faster.

Levente

> hc := sha256hash finalHash.
> 
> and you´ll get the corresponding error & debug needed.
> 
> It is not an urgent problem (since nobody is using MD5 anymore) but I just recovered old code that used it and the error appeared. I´m using SHA256 instead and it runs OK. But it is bad to
> have broken code in the repository.
> 
> Best regards,
> 
> Casimiro
> 
> 2017-06-07 18:28 GMT-03:00 Nicolas Cellier <nicolas.cellier.aka.nice at gmail.com>:
>       OK,  so which MC version exactly, which image, which VM, which OS, and what step to reproduce? Is it from SqueakMap? a ConfigurationOfCryptography?
> 
> If I load in up-to-date trunk spur 32 bits image, for example Cryptography-rww.55 (because it has reasonnable log message),
> then test this snippet:
> 
>     MD5NonPrimitive hashStream: 'foobar' readStream.
> 
> I get a ByteArray answer without failure:
> 
>     #[56 88 246 34 48 172 60 145 95 48 12 102 67 18 198 63]
> 
> same for
>     MD5 new hashMessage: 'foo'
> 
> same with latest Cryptography-rww.71...
> 
> 
> 
> 
> 2017-06-07 22:26 GMT+02:00 casimiro barreto <casimiro.barreto at gmail.com>:
>       From MonticelloBrowser: http://www.squeaksource.com/Cryptography package Cryptography
> 
> 2017-06-07 17:14 GMT-03:00 Nicolas Cellier <nicolas.cellier.aka.nice at gmail.com>:
> 
>
>       2017-06-07 21:40 GMT+02:00 casimiro barreto <casimiro.barreto at gmail.com>:
>             MD5 (non primitive and with primitive) is broken because it relies on the conversion of Character to SmallInteger so the method shiftBits:
> 
> Problem happens at ThirthyTwoBitRegister>>reverseLoadFrom:at:
> 
> which is called from MD5NonPrimitive>>proccessBuffer:
> 
> Error is: Instance of Character did not understand #bitShift and happened at:
> 
> reverseLoadFrom: aByteArray at: index
>     "Load my 32-bit value from the four bytes of the given ByteArray
> starting at the given index. Consider the first byte to contain the most
> significant bits of the word (i.e., use big-endian byte ordering)."
> 
>     hi := ((aByteArray at: index + 3) bitShift: 8) + ( aByteArray at: index + 2).
>     low := ((aByteArray at: index + 1) bitShift: 8) + ( aByteArray at: index).
> 
> 
> Thanks for reporting. Obviously, the code expects a ByteArray, not a String, so there is some contract broken.
> 
> Could you remind me where to find/load which package?
>  
>       --
>       The information contained in this message is confidential and
>       intended to the recipients specified in the headers. If you received
>       this message by error, notify the sender immediately. The
>       unauthorized use, disclosure, copy or alteration of this message
>       are strictly forbidden and subjected to civil and criminal sanctions.
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> --
> The information contained in this message is confidential and
> intended to the recipients specified in the headers. If you received
> this message by error, notify the sender immediately. The
> unauthorized use, disclosure, copy or alteration of this message
> are strictly forbidden and subjected to civil and criminal sanctions.
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> --
> The information contained in this message is confidential and
> intended to the recipients specified in the headers. If you received
> this message by error, notify the sender immediately. The
> unauthorized use, disclosure, copy or alteration of this message
> are strictly forbidden and subjected to civil and criminal sanctions.
> 
>


More information about the Squeak-dev mailing list