Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 17 Jun 2012 23:39:44 +0200
From: magnum <>
Subject: Re: rawSHA1_LI internals

On 2012-06-08 09:22, magnum wrote:
> On 06/08/2012 09:11 AM, magnum wrote:
>> BTW Jim, I'm just now comparing rawSHA1_fmt_plug.c and
>> rawSHA1_LinkedIn_fmt_plug.c using meld. I notice cmp_all() is unchanged.
>> I must be missing something, how can this work? We should only look at
>> binary[1] but as far as I can see this is not the case. I know the code
>> works, but how!?
>> Also, I really think half of the self-tests should have the zeroed bits.
> Here is a patch that does what I mean. I just don't understand how it
> can possibly work without this patch. BTW the new self-tests fails
> unless this is done to cmp_all().

Jim, the current code in magnum-jumbo still has this weird cmp_all() bug 
where we look at binary[0] that might be crippled and compare it to a 
full sha1 digest. This ought to mean we get false negatives in any case 
cmp_all() is used.

I'm not sure if you or me are to blame but I'll fix this. And again I 
will put crippled hashes in the self tests to avoid things like this 
going unseen.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.