mirror of
https://github.com/RGBCube/serenity
synced 2025-07-28 08:17:34 +00:00
LibCrypto: Correctly add length to SHA384 and SHA512 hashes
The SHA384 and SHA512 hashes would produce incorrect results for data where the length % 128 was in the range 112-119. This was because the total number of bits in the hashed values was added at the end as a 64-bit number instead of a 128-bit number. In most cases this would not cause any issues, as this space was padded with zeroes, however in the case that the length % 128 was 112-119, some incorrect data ended up where this 128-bit length value was expected. This change fixes the problems in LibTLS where some websites would result in a DecryptError on handshake.
This commit is contained in:
parent
acdb0860b1
commit
37da5cb3b3
3 changed files with 40 additions and 2 deletions
|
@ -241,6 +241,15 @@ SHA384::DigestType SHA384::peek()
|
|||
m_data_buffer[BlockSize - 6] = m_bit_length >> 40;
|
||||
m_data_buffer[BlockSize - 7] = m_bit_length >> 48;
|
||||
m_data_buffer[BlockSize - 8] = m_bit_length >> 56;
|
||||
// FIXME: Theoretically we should keep track of the number of bits as a u128, now we can only hash up to 2 EiB.
|
||||
m_data_buffer[BlockSize - 9] = 0;
|
||||
m_data_buffer[BlockSize - 10] = 0;
|
||||
m_data_buffer[BlockSize - 11] = 0;
|
||||
m_data_buffer[BlockSize - 12] = 0;
|
||||
m_data_buffer[BlockSize - 13] = 0;
|
||||
m_data_buffer[BlockSize - 14] = 0;
|
||||
m_data_buffer[BlockSize - 15] = 0;
|
||||
m_data_buffer[BlockSize - 16] = 0;
|
||||
|
||||
transform(m_data_buffer);
|
||||
|
||||
|
@ -356,6 +365,15 @@ SHA512::DigestType SHA512::peek()
|
|||
m_data_buffer[BlockSize - 6] = m_bit_length >> 40;
|
||||
m_data_buffer[BlockSize - 7] = m_bit_length >> 48;
|
||||
m_data_buffer[BlockSize - 8] = m_bit_length >> 56;
|
||||
// FIXME: Theoretically we should keep track of the number of bits as a u128, now we can only hash up to 2 EiB.
|
||||
m_data_buffer[BlockSize - 9] = 0;
|
||||
m_data_buffer[BlockSize - 10] = 0;
|
||||
m_data_buffer[BlockSize - 11] = 0;
|
||||
m_data_buffer[BlockSize - 12] = 0;
|
||||
m_data_buffer[BlockSize - 13] = 0;
|
||||
m_data_buffer[BlockSize - 14] = 0;
|
||||
m_data_buffer[BlockSize - 15] = 0;
|
||||
m_data_buffer[BlockSize - 16] = 0;
|
||||
|
||||
transform(m_data_buffer);
|
||||
|
||||
|
|
|
@ -176,7 +176,7 @@ private:
|
|||
u64 m_bit_length { 0 };
|
||||
u64 m_state[8];
|
||||
|
||||
constexpr static auto FinalBlockDataSize = BlockSize - 8;
|
||||
constexpr static auto FinalBlockDataSize = BlockSize - 16;
|
||||
constexpr static auto Rounds = 80;
|
||||
};
|
||||
|
||||
|
@ -228,7 +228,7 @@ private:
|
|||
u64 m_bit_length { 0 };
|
||||
u64 m_state[8];
|
||||
|
||||
constexpr static auto FinalBlockDataSize = BlockSize - 8;
|
||||
constexpr static auto FinalBlockDataSize = BlockSize - 16;
|
||||
constexpr static auto Rounds = 80;
|
||||
};
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue