mIRC Home    About    Download    Register    News    Help

Print Thread
$sha1 $hmac corrupt &binvar lengths multiple of 64 #264710 04/01/19 11:45 PM
Joined: Jan 2004
Posts: 1,206
maroon Offline OP
Hoopy frood
OP Offline
Hoopy frood
Joined: Jan 2004
Posts: 1,206
Using $sha1 or $hmac against a &binvar corrupts every 64-byte block of the &binvar following the 1st 64-byte block if the &binvar's length is an exact multiple of 64 greater than 64, and that 64-byte block does not consist entirely of 0x00's.

All earlier and later 64-byte blocks of the &binvar are not affected if they consist entirely of 0x00's. This does not affect other &binvar lengths nor using md5, sha256, sha384, or sha512.

This also happens for both identifiers in v7.52, and also happens in v6.35 for sha1.

The correct hash is calculated against the &binvar as existing prior to being corrupted.

Code:
editbox:
//bset &v 128 1 | noop $sha1(&v,1)          | echo -a $bvar(&v,1-)
//bset &v 128 1 | noop $hmac(&v,key,sha1,1) | echo -a $bvar(&v,1-)

alias test_sha1_hmac_binvar {
  var %i 0 , %c 3 , %hash , %size 256 | echo -a ===== length %size
  bset &v %size 0
  ; first block not corrupted by being non-0x00's
  bset &v 1 $regsubex($str(x,64),/x/g,$calc(\n -1) $chr(32))
  ; changing the next line from 1 to 0 means that block will not become corrupted
  bset &v 65 1
  while (%i < 3) {
    echo %c -a after $ord(%i) hash $bvar(&v,1-) hash: %hash
    if (%size >=   1) echo -a offset $v2 -> $bvar(&v,$v2,64)
    if (%size >=  65) echo -a offset $v2 -> $bvar(&v,$v2,64)
    if (%size >= 129) echo -a offset $v2 -> $bvar(&v,$v2,64)
    if (%size >= 193) echo -a offset $v2 -> $bvar(&v,$v2,64)
    ; trade hashes $hmac vs $sha1 produces identical results
    var %hash $sha1(&v,1)
    ; var %hash $hmac(&v,key,sha1,1)
    var %c 7 - %c , %i %i + 1
  }
}

Re: $sha1 $hmac corrupt &binvar lengths multiple of 64 [Re: maroon] #264715 05/01/19 07:05 PM
Joined: Dec 2002
Posts: 4,567
Khaled Offline
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 4,567
Thanks this issue has been fixed for the next version.