Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 18 Nov 2011 11:05:35 +0100
From: Simon Marechal <simon@...quise.net>
To: john-dev@...ts.openwall.com
Subject: Re: hmacMD5 and sse-intrisics.c  (Bartavelle, please look
 at this).

On 18/11/2011 09:38, magnum wrote:
> I may be daft but I do not get this. If I add a couple of zero-length
> updates to generic MD4 (or MD5 or SHA1), like this:
> 
> 	MD4_Init(&ctx);
> 	MD4_Update(&ctx, "", 0);
> 	MD4_Update(&ctx, saved_key, saved_key_length);
> 	MD4_Update(&ctx, "", 0);
> 	MD4_Final((unsigned char *)crypt_out, &ctx);

Here the body function might only be called once if the length is low
enough. 0 Length updates should be noops. You can convince youself of
this by looking at the update function or just dumping the ctx.

> this is md4(''.key.'') so it still produces the same hash as before. But
> when I do this to SSEmd4body (patches 26 & 28 applied of course), it
> does not work.
> 
> 	SSEmd4body(saved_key2, (unsigned int *)crypt_key, 1);
> 	SSEmd4body(saved_key, (unsigned int *)crypt_key, 0);
> 	SSEmd4body(saved_key2, (unsigned int *)crypt_key, 0);

In this case, you are calling the body function trice. The "classic" API
(init, update, final) is of higher level than what is exposed with the
intrinsics API, where you basically only have the body function and have
to emulate the behaviour of the update function.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ