RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 17:27:35 +00:00
Code Issues Activity Actions

LibCrypto: Correctly add length to SHA384 and SHA512 hashes

Browse source 
The SHA384 and SHA512 hashes would produce incorrect results for data
where the length % 128 was in the range 112-119. This was because the
total number of bits in the hashed values was added at the end as a
64-bit number instead of a 128-bit number. In most cases this would not
cause any issues, as this space was padded with zeroes, however in the
case that the length % 128 was 112-119, some incorrect data ended up
where this 128-bit length value was expected.

This change fixes the problems in LibTLS where some websites would
result in a DecryptError on handshake.
This commit is contained in:
Michiel Visser 2022-03-25 21:51:47 +01:00 committed by Ali Mohammad Pur
parent acdb0860b1
commit 37da5cb3b3
3 changed files with 40 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Userland/Libraries/LibCrypto/Hash/SHA2.h
View file

@ -176,7 +176,7 @@ private:
u64 m_bit_length { 0 };
u64 m_state[8];
constexpr static auto FinalBlockDataSize = BlockSize - 8;
constexpr static auto FinalBlockDataSize = BlockSize - 16;
constexpr static auto Rounds = 80;
};
@ -228,7 +228,7 @@ private:
u64 m_bit_length { 0 };
u64 m_state[8];
constexpr static auto FinalBlockDataSize = BlockSize - 8;
constexpr static auto FinalBlockDataSize = BlockSize - 16;
constexpr static auto Rounds = 80;
};