RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 03:47:35 +00:00
Code Issues Activity Actions

LibCrypto: Correctly add length to SHA384 and SHA512 hashes

Browse source 
The SHA384 and SHA512 hashes would produce incorrect results for data
where the length % 128 was in the range 112-119. This was because the
total number of bits in the hashed values was added at the end as a
64-bit number instead of a 128-bit number. In most cases this would not
cause any issues, as this space was padded with zeroes, however in the
case that the length % 128 was 112-119, some incorrect data ended up
where this 128-bit length value was expected.

This change fixes the problems in LibTLS where some websites would
result in a DecryptError on handshake.
This commit is contained in:
Michiel Visser 2022-03-25 21:51:47 +01:00 committed by Ali Mohammad Pur
parent acdb0860b1
commit 37da5cb3b3
3 changed files with 40 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

20
Tests/LibCrypto/TestHash.cpp
View file

@ -181,6 +181,16 @@ TEST_CASE(test_SHA384_hash_string)
EXPECT(memcmp(result, digest.data, Crypto::Hash::SHA384::digest_size()) == 0);
}
TEST_CASE(test_SHA384_hash_bug)
{
u8 result[] {
0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8, 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47, 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2, 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12, 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9, 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39
};
ReadonlyBytes result_bytes { result, 48 };
auto digest = Crypto::Hash::SHA384::hash("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu");
EXPECT_EQ(result_bytes, digest.bytes());
}
TEST_CASE(test_SHA512_name)
{
Crypto::Hash::SHA512 sha;
@ -196,6 +206,16 @@ TEST_CASE(test_SHA512_hash_string)
EXPECT(memcmp(result, digest.data, Crypto::Hash::SHA512::digest_size()) == 0);
}
TEST_CASE(test_SHA512_hash_bug)
{
u8 result[] {
0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda, 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f, 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1, 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18, 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4, 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a, 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54, 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09
};
ReadonlyBytes result_bytes { result, 64 };
auto digest = Crypto::Hash::SHA512::hash("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu");
EXPECT_EQ(result_bytes, digest.bytes());
}
TEST_CASE(test_SHA512_hash_empty_string)
{
u8 result[] {