Date: Fri, 30 Dec 2011 22:30:53 -0500 From: <jfoug@....net> To: john-dev@...ts.openwall.com Cc: magnum <john.magnum@...hmail.com> Subject: Re: SSE/intrinsics for sapB/sapG [was: john-users] > Jim, Simon, how would I do a crypt of between 56 and 63 bytes? Is this > not possible? Can we actually only do 0-55 *or* 64-119 bytes? To encrypt 56 bytes, do this: 1. set the 56 bytes, then set 0x80 as the 57th, and null out the rest. Do the sha. 2. create another buffer. NULL the entire buffer, but put 56<<3 into the length location (last 8 bytes, BE format, I think). 3. perform sha on this, using the results of step 1 as the init seed. I believe this can be done in sha1-mmx.S also. I know it can be done in sse2-i > And how much would it take to introduce a way to do more 64-byte limbs, > for 128+ bytes of data? Would that merely be another fairly trivial > if/else in the intrinsics code, or is it more complicated? To perform sha of any length, you simply cut up the message into 64 byte blocks. Only the 'first' one of these gets the normal init of the crypt. From the first one forward, you need to reapply the results of the prior crypt into the next crypt. SHA1 (or md4/md5, etc), ALL must have a 0x80 (1 bit) set right after the bytes of data (we are assuming data to be encrypted is byte data). Also, the last 8 bytes of the last block are the number of bits being encrypted. So, you need to have 9 bytes free on the last block. If when cutting up the data to be encrypted, you end up with 56 to 64 bytes, then you properly append the bit (the 0x80), and then a new whole 'NULL' block, with only the bit length set. NOTE, if you have exactly 64 bytes (or 128, etc), then you encrypt that block, then create a 'NULL' block, but set the length into the length field, and set the very first byte of this block to a 0x80. Jim.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.