Staffan Forsell created GROOVY-9049:
---------------------------------------
Summary: EncodingGroovyMethods.digest() truncates hashes over 128
bits starting with 0's
Key: GROOVY-9049
URL: https://issues.apache.org/jira/browse/GROOVY-9049
Project: Groovy
Issue Type: Bug
Components: groovy-runtime
Affects Versions: 2.5.4, 3.x, 2.5.x
Reporter: Staffan Forsell
The extension method
org.codehaus.groovy.runtime.EncodingGroovyMethods#digest(byte[],
java.lang.String) produces erroneous hashes for all hash functions not having
128-bits length when the resulting hash starts with 0.
This is due to padding the resulting string with zeroes to 32 chars length. 32
chars are only valid for 128 bit hash functions like md5. The padding should
applied differently depending on the length of the digest returned.
Of the MessageDigest built-in hash functions this affects SHA-1 and SHA-256 at
least.
Solution would be to use
*[getDigestLength|https://docs.oracle.com/javase/7/docs/api/java/security/MessageDigest.html#getDigestLength()]*()
or the length of the returned digest and add some proper unit tests.
Example of erroneous hashes:
{code:java}
(1..100).each {
def sha1 = it.toString().digest("SHA-1")
if (sha1.size() != 40) {
println "String '$it' length: ${sha1.size()} sha1: $sha1"
}
}
{code}
Which produces:
{noformat}
String '9' length: 39 sha1: ade7c2cf97f75d009975f4d720d1fa6c19f4897
String '17' length: 39 sha1: 716d9708d321ffb6a00818614779e779925365c
String '28' length: 39 sha1: a57cb53ba59c46fc4b692527a38a87c78d84028
String '43' length: 39 sha1: 286dd552c9bea9a69ecb3759e7b94777635514b
String '93' length: 39 sha1: 8a35293e09f508494096c1c1b3819edb9df50db
{noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
