Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 18 Nov 2011 09:38:50 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: hmacMD5 and sse-intrisics.c  (Bartavelle, please look
 at this).

2011-11-16 21:08, jfoug wrote:
> Once this change was made, then things like:
> 
> SSEmd5body(ipad, ((unsigned int *)dump), 1);
> SSEmd5body(cursalt, ((unsigned int *)dump), 0);
> 
> Now works fine, and the proper MD5 for "ipad"."cursalt" is returned.

I may be daft but I do not get this. If I add a couple of zero-length
updates to generic MD4 (or MD5 or SHA1), like this:

	MD4_Init(&ctx);
	MD4_Update(&ctx, "", 0);
	MD4_Update(&ctx, saved_key, saved_key_length);
	MD4_Update(&ctx, "", 0);
	MD4_Final((unsigned char *)crypt_out, &ctx);

this is md4(''.key.'') so it still produces the same hash as before. But
when I do this to SSEmd4body (patches 26 & 28 applied of course), it
does not work.

	SSEmd4body(saved_key2, (unsigned int *)crypt_key, 1);
	SSEmd4body(saved_key, (unsigned int *)crypt_key, 0);
	SSEmd4body(saved_key2, (unsigned int *)crypt_key, 0);

Here saved_key2 is an empty buffer, with 0x80 at GETPOS(0,n) and all
length bytes set as 0.

I've tried it in MD4, MD5 and SHA1, it just plain does not work. What do
I miss here? Do I need to byte swap something?

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.