Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 18 Nov 2011 11:05:35 +0100
From: Simon Marechal <>
Subject: Re: hmacMD5 and sse-intrisics.c  (Bartavelle, please look
 at this).

On 18/11/2011 09:38, magnum wrote:
> I may be daft but I do not get this. If I add a couple of zero-length
> updates to generic MD4 (or MD5 or SHA1), like this:
> 	MD4_Init(&ctx);
> 	MD4_Update(&ctx, "", 0);
> 	MD4_Update(&ctx, saved_key, saved_key_length);
> 	MD4_Update(&ctx, "", 0);
> 	MD4_Final((unsigned char *)crypt_out, &ctx);

Here the body function might only be called once if the length is low
enough. 0 Length updates should be noops. You can convince youself of
this by looking at the update function or just dumping the ctx.

> this is md4(''.key.'') so it still produces the same hash as before. But
> when I do this to SSEmd4body (patches 26 & 28 applied of course), it
> does not work.
> 	SSEmd4body(saved_key2, (unsigned int *)crypt_key, 1);
> 	SSEmd4body(saved_key, (unsigned int *)crypt_key, 0);
> 	SSEmd4body(saved_key2, (unsigned int *)crypt_key, 0);

In this case, you are calling the body function trice. The "classic" API
(init, update, final) is of higher level than what is exposed with the
intrinsics API, where you basically only have the body function and have
to emulate the behaviour of the update function.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.