mIRC Home    About    Download    Register    News    Help

Topic Options
#264710 - 04/01/19 11:45 PM $sha1 $hmac corrupt &binvar lengths multiple of 64
maroon Offline
Hoopy frood

Registered: 12/01/04
Posts: 1098
Using $sha1 or $hmac against a &binvar corrupts every 64-byte block of the &binvar following the 1st 64-byte block if the &binvar's length is an exact multiple of 64 greater than 64, and that 64-byte block does not consist entirely of 0x00's.

All earlier and later 64-byte blocks of the &binvar are not affected if they consist entirely of 0x00's. This does not affect other &binvar lengths nor using md5, sha256, sha384, or sha512.

This also happens for both identifiers in v7.52, and also happens in v6.35 for sha1.

The correct hash is calculated against the &binvar as existing prior to being corrupted.

Code:
editbox:
//bset &v 128 1 | noop $sha1(&v,1)          | echo -a $bvar(&v,1-)
//bset &v 128 1 | noop $hmac(&v,key,sha1,1) | echo -a $bvar(&v,1-)

alias test_sha1_hmac_binvar {
  var %i 0 , %c 3 , %hash , %size 256 | echo -a ===== length %size
  bset &v %size 0
  ; first block not corrupted by being non-0x00's
  bset &v 1 $regsubex($str(x,64),/x/g,$calc(\n -1) $chr(32))
  ; changing the next line from 1 to 0 means that block will not become corrupted
  bset &v 65 1
  while (%i < 3) {
    echo %c -a after $ord(%i) hash $bvar(&v,1-) hash: %hash
    if (%size >=   1) echo -a offset $v2 -> $bvar(&v,$v2,64)
    if (%size >=  65) echo -a offset $v2 -> $bvar(&v,$v2,64)
    if (%size >= 129) echo -a offset $v2 -> $bvar(&v,$v2,64)
    if (%size >= 193) echo -a offset $v2 -> $bvar(&v,$v2,64)
    ; trade hashes $hmac vs $sha1 produces identical results
    var %hash $sha1(&v,1)
    ; var %hash $hmac(&v,key,sha1,1)
    var %c 7 - %c , %i %i + 1
  }
}

Top
#264715 - 05/01/19 07:05 PM Re: $sha1 $hmac corrupt &binvar lengths multiple of 64 [Re: maroon]
Khaled Offline


Planetary brain

Registered: 04/12/02
Posts: 4369
Loc: London, UK
Thanks this issue has been fixed for the next version.

Top