[Wesnoth-bugs] [bug #19312] src/sha1.cpp is not really SHA-1

Fri, 20 Jan 2012 14:11:22 -0800 

URL:
  <http://gna.org/bugs/?19312>

                 Summary: src/sha1.cpp is not really SHA-1
                 Project: Battle for Wesnoth
            Submitted by: kernigh
            Submitted on: Fri 20 Jan 2012 10:11:16 PM GMT
                Category: Bug
                Severity: 2 - Minor
                Priority: 5 - Normal
              Item Group:  None of the others
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: v1.9.14+svn (52635)
        Operating System: OpenBSD

    _______________________________________________________

Details:

Since http://r.wesnoth.org/t32494 from December 2010, we know that Wesnoth
makes incorrect SHA-1 hashes.

I found two mistakes in src/sha1.cpp:
* sha_ch() must use ~ bitwise complement, not ! boolean negation.
* Length at end of block requires 8 bytes, not 4 bytes.

I attached a patch (fix-sha1.diff) to fix both problems. I used a small
program (try-sha1.cpp) to test my fix. I can compile it with


g++ `sdl-config --cflags` -o try-sha1 try-sha1.cpp


The correct output from try-sha1.cpp matches the hashes from FIPS 180-1
<http://www.itl.nist.gov/fipspubs/fip180-1.htm>.


abc
  a9993e364706816aba3e25717850c26c9cd0d89d
abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq
  84983e441c3bd26ebaae4aa1f95129e5e54670f1
million 'a's
  34aa973cd4c4daa4f61eeb2bdbad27316534016f


As far as I know, Wesnoth uses these hashes only to identify cache files; so
fix-sha1.diff should not break network games.



    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Fri 20 Jan 2012 10:11:16 PM GMT  Name: fix-sha1.diff  Size: 814B   By:
kernigh

<http://gna.org/bugs/download.php?file_id=14827>
-------------------------------------------------------
Date: Fri 20 Jan 2012 10:11:16 PM GMT  Name: try-sha1.cpp  Size: 548B   By:
kernigh

<http://gna.org/bugs/download.php?file_id=14828>

    _______________________________________________________

Reply to this item at:

  <http://gna.org/bugs/?19312>

_______________________________________________
  Message sent via/by Gna!
  http://gna.org/


_______________________________________________
Wesnoth-bugs mailing list
[email protected]
https://mail.gna.org/listinfo/wesnoth-bugs

Reply via email to