RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-28 15:57:36 +00:00
Code Issues Activity Actions

LibCrypto: Correctly add length to SHA384 and SHA512 hashes

Browse source 
The SHA384 and SHA512 hashes would produce incorrect results for data
where the length % 128 was in the range 112-119. This was because the
total number of bits in the hashed values was added at the end as a
64-bit number instead of a 128-bit number. In most cases this would not
cause any issues, as this space was padded with zeroes, however in the
case that the length % 128 was 112-119, some incorrect data ended up
where this 128-bit length value was expected.

This change fixes the problems in LibTLS where some websites would
result in a DecryptError on handshake.
This commit is contained in:
Michiel Visser 2022-03-25 21:51:47 +01:00 committed by Ali Mohammad Pur
parent acdb0860b1
commit 37da5cb3b3
3 changed files with 40 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

18
Userland/Libraries/LibCrypto/Hash/SHA2.cpp
View file

@ -241,6 +241,15 @@ SHA384::DigestType SHA384::peek()
m_data_buffer[BlockSize - 6] = m_bit_length >> 40;
m_data_buffer[BlockSize - 7] = m_bit_length >> 48;
m_data_buffer[BlockSize - 8] = m_bit_length >> 56;
// FIXME: Theoretically we should keep track of the number of bits as a u128, now we can only hash up to 2 EiB.
m_data_buffer[BlockSize - 9] = 0;
m_data_buffer[BlockSize - 10] = 0;
m_data_buffer[BlockSize - 11] = 0;
m_data_buffer[BlockSize - 12] = 0;
m_data_buffer[BlockSize - 13] = 0;
m_data_buffer[BlockSize - 14] = 0;
m_data_buffer[BlockSize - 15] = 0;
m_data_buffer[BlockSize - 16] = 0;
transform(m_data_buffer);
@ -356,6 +365,15 @@ SHA512::DigestType SHA512::peek()
m_data_buffer[BlockSize - 6] = m_bit_length >> 40;
m_data_buffer[BlockSize - 7] = m_bit_length >> 48;
m_data_buffer[BlockSize - 8] = m_bit_length >> 56;
// FIXME: Theoretically we should keep track of the number of bits as a u128, now we can only hash up to 2 EiB.
m_data_buffer[BlockSize - 9] = 0;
m_data_buffer[BlockSize - 10] = 0;
m_data_buffer[BlockSize - 11] = 0;
m_data_buffer[BlockSize - 12] = 0;
m_data_buffer[BlockSize - 13] = 0;
m_data_buffer[BlockSize - 14] = 0;
m_data_buffer[BlockSize - 15] = 0;
m_data_buffer[BlockSize - 16] = 0;
transform(m_data_buffer);

4
Userland/Libraries/LibCrypto/Hash/SHA2.h
View file

@ -176,7 +176,7 @@ private:
u64 m_bit_length { 0 };
u64 m_state[8];
constexpr static auto FinalBlockDataSize = BlockSize - 8;
constexpr static auto FinalBlockDataSize = BlockSize - 16;
constexpr static auto Rounds = 80;
};
@ -228,7 +228,7 @@ private:
u64 m_bit_length { 0 };
u64 m_state[8];
constexpr static auto FinalBlockDataSize = BlockSize - 8;
constexpr static auto FinalBlockDataSize = BlockSize - 16;
constexpr static auto Rounds = 80;
};