Package: rhash / 1.2.9-8+deb7u1

03_fix_sha512_and_gost.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
Description: Fix calculation of SHA-512 and GOST hash
 This patch backports two critical bug fixes from RHash 1.2.10.
 SHA-512 was not correctly calculated for files with size
   112 <= (file_size % 128) < 120.
 The bug occurs only when several files are sequentually hashed.
 .
 Internal buffer of SHA-512 context was not fully cleared by zeroes,
 when processing final block of data.
 See also SF-Bug: https://sourceforge.net/p/rhash/bugs/31/
 .
 Also the GOST R 34.11-94 hash was broken on non x86 CPUs
 on some messages containg sequences of words 0xFFFFFFFF.
 The bug does not occur on x86 and x86-64, because
 on these archs assembly code replaces C.

Author: Aleksey Kravchenko <rhash.admin@gmail.com>
Origin: upstream
Forwarded: not-needed
Last-Update: 2013-05-31

--- rhash-1.2.9.orig/librhash/sha512.c
+++ rhash-1.2.9/librhash/sha512.c
@@ -238,6 +238,7 @@ void rhash_sha512_final(sha512_ctx *ctx,
 
 	/* if no room left in the message to store 64-bit message length */
 	if(index >= 15) {
+		if(index == 15) ctx->message[index] = 0;
 		rhash_sha512_process_block(ctx->hash, ctx->message);
 		index = 0;
 	}
--- rhash-1.2.9.orig/librhash/gost.c
+++ rhash-1.2.9/librhash/gost.c
@@ -321,10 +321,10 @@ static void rhash_gost_compute_sum_and_h
 
 	/* compute the 256-bit sum */
 	for(i = 0; i < 8; i++) {
-		const unsigned old = ctx->sum[i];
 		LOAD_BLOCK_LE(i);
 		ctx->sum[i] += block_le[i] + carry;
-		carry = (ctx->sum[i] < old || ctx->sum[i] < block_le[i] ? 1 : 0);
+		carry = (ctx->sum[i] < block_le[i] ? 1 :
+			ctx->sum[i] == block_le[i] ? carry : 0);
 	}
 #endif /* USE_GCC_ASM_IA32 */