From 63cc2f58ea5d5481afa570aebd047dbe9cd78e28 Mon Sep 17 00:00:00 2001 From: AnotherTest Date: Thu, 4 Jun 2020 16:46:26 +0430 Subject: [PATCH] LibCrypto: Correctly pad blocks with FinalBlockSize < size < BlockSize This fixes #2488 --- Libraries/LibCrypto/Hash/SHA1.cpp | 11 ++++++++++- Libraries/LibCrypto/Hash/SHA2.cpp | 22 ++++++++++++++++++++-- 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/Libraries/LibCrypto/Hash/SHA1.cpp b/Libraries/LibCrypto/Hash/SHA1.cpp index c6afad79b08..42b23209a01 100644 --- a/Libraries/LibCrypto/Hash/SHA1.cpp +++ b/Libraries/LibCrypto/Hash/SHA1.cpp @@ -115,17 +115,26 @@ SHA1::DigestType SHA1::peek() __builtin_memcpy(data, m_data_buffer, m_data_length); __builtin_memcpy(state, m_state, 20); + if (BlockSize == m_data_length) { + transform(m_data_buffer); + m_bit_length += BlockSize * 8; + m_data_length = 0; + i = 0; + } + if (m_data_length < FinalBlockDataSize) { m_data_buffer[i++] = 0x80; while (i < FinalBlockDataSize) m_data_buffer[i++] = 0x00; } else { + // First, complete a block with some padding. m_data_buffer[i++] = 0x80; while (i < BlockSize) m_data_buffer[i++] = 0x00; - transform(m_data_buffer); + + // Then start another block with BlockSize - 8 bytes of zeros __builtin_memset(m_data_buffer, 0, FinalBlockDataSize); } diff --git a/Libraries/LibCrypto/Hash/SHA2.cpp b/Libraries/LibCrypto/Hash/SHA2.cpp index a0fb9de78ac..60ad8e4a09c 100644 --- a/Libraries/LibCrypto/Hash/SHA2.cpp +++ b/Libraries/LibCrypto/Hash/SHA2.cpp @@ -110,17 +110,26 @@ SHA256::DigestType SHA256::peek() DigestType digest; size_t i = m_data_length; + if (BlockSize == m_data_length) { + transform(m_data_buffer); + m_bit_length += BlockSize * 8; + m_data_length = 0; + i = 0; + } + if (m_data_length < FinalBlockDataSize) { m_data_buffer[i++] = 0x80; while (i < FinalBlockDataSize) m_data_buffer[i++] = 0x00; } else { + // First, complete a block with some padding. m_data_buffer[i++] = 0x80; while (i < BlockSize) m_data_buffer[i++] = 0x00; - transform(m_data_buffer); + + // Then start another block with BlockSize - 8 bytes of zeros __builtin_memset(m_data_buffer, 0, FinalBlockDataSize); } @@ -218,17 +227,26 @@ SHA512::DigestType SHA512::peek() DigestType digest; size_t i = m_data_length; + if (BlockSize == m_data_length) { + transform(m_data_buffer); + m_bit_length += BlockSize * 8; + m_data_length = 0; + i = 0; + } + if (m_data_length < FinalBlockDataSize) { m_data_buffer[i++] = 0x80; while (i < FinalBlockDataSize) m_data_buffer[i++] = 0x00; } else { + // First, complete a block with some padding. m_data_buffer[i++] = 0x80; while (i < BlockSize) m_data_buffer[i++] = 0x00; - transform(m_data_buffer); + + // Then start another block with BlockSize - 8 bytes of zeros __builtin_memset(m_data_buffer, 0, FinalBlockDataSize); }