Date: Sun, 17 Jun 2012 23:39:44 +0200 From: magnum <john.magnum@...hmail.com> To: john-dev@...ts.openwall.com Subject: Re: rawSHA1_LI internals On 2012-06-08 09:22, magnum wrote: > On 06/08/2012 09:11 AM, magnum wrote: >> BTW Jim, I'm just now comparing rawSHA1_fmt_plug.c and >> rawSHA1_LinkedIn_fmt_plug.c using meld. I notice cmp_all() is unchanged. >> I must be missing something, how can this work? We should only look at >> binary but as far as I can see this is not the case. I know the code >> works, but how!? >> >> Also, I really think half of the self-tests should have the zeroed bits. > > Here is a patch that does what I mean. I just don't understand how it > can possibly work without this patch. BTW the new self-tests fails > unless this is done to cmp_all(). Jim, the current code in magnum-jumbo still has this weird cmp_all() bug where we look at binary that might be crippled and compare it to a full sha1 digest. This ought to mean we get false negatives in any case cmp_all() is used. I'm not sure if you or me are to blame but I'll fix this. And again I will put crippled hashes in the self tests to avoid things like this going unseen. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.