diff options
author | Jack Lloyd <[email protected]> | 2019-08-26 20:17:51 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2019-08-26 20:17:51 -0400 |
commit | 1b6d67af0a1228ba714417f9c53b57d1c84c2335 (patch) | |
tree | ca3d1cc7f93a669180f0af3abd95f51d6c10e2dd /src | |
parent | 14ba8584069e927210bc5a1707f865746f6f93c6 (diff) |
Fix a carry handling bug in Streebog
Closes #2082
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/hash/streebog/streebog.cpp | 7 | ||||
-rw-r--r-- | src/tests/data/hash/streebog.vec | 12 |
2 files changed, 16 insertions, 3 deletions
diff --git a/src/lib/hash/streebog/streebog.cpp b/src/lib/hash/streebog/streebog.cpp index c92e1123f..0e2a43b78 100644 --- a/src/lib/hash/streebog/streebog.cpp +++ b/src/lib/hash/streebog/streebog.cpp @@ -194,10 +194,11 @@ void Streebog::compress_64(const uint64_t M[], bool last_block) { const uint64_t m = force_le(M[i]); const uint64_t hi = force_le(m_S[i]); - const uint64_t t = hi + m; + const uint64_t t = hi + m + carry; - m_S[i] = force_le(t + carry); - carry = (t < hi ? 1 : 0) | (t < m ? 1 : 0); + m_S[i] = force_le(t); + if(t != m) + carry = (t < m); } } } diff --git a/src/tests/data/hash/streebog.vec b/src/tests/data/hash/streebog.vec index 8e5037558..2d9d258a9 100644 --- a/src/tests/data/hash/streebog.vec +++ b/src/tests/data/hash/streebog.vec @@ -396,6 +396,10 @@ Out = 1ef768f7ae820c2966b7c60b0cf208ab89c1f7b60f9b2cab61253c38d1f2c987 In = 290f597702e009d86f49d5362346309e26919eacbcb86165be4906056d43f95a1e181b2b0c12785c929f17a3d25943f5313641c915bf5dd38882d587da1da65d6658f89764e28ee13a24ac9349e6803579baa17d6ca571793c13f7a0fe46043deeed08922fb2e2353d8718c5f1c7f1fba2df54e9cbbad54a750da656863d2843 Out = c9c82e740ccc34fc0c14c61ab4eb037542d77ffda00d484aff97c1144346704f +# https://github.com/randombit/botan/issues/2082 +In = ffffffffffffffffffffffffffffffff7700000000000000ffffffffffffffff0f000000c3000000ffffffff2dfff2ffffffffffffffff23ff27feffffff002c +Out = 68e8d77a02aac4a844a1d8e46b27f35bb9293e3dc584dc0e42a7e1b079945380 + [Streebog-512] # From https://tools.ietf.org/html/rfc6986 In = 303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132 @@ -794,3 +798,11 @@ Out = a7bcd688131c97b57dedc7aebd845e0042ea9f8d3a425f11f57ddfef8eaec040e93d9219b6 In = 25894e39aef06148d682f48a34f100ea694e446bbf79caa7806c7c6f3f8a60a94b9c8b2877c617fead17ac576d8dafd3f8514e49825d54dc9a8916330dc560204bd795d0ce00a49ba3c25c7921381c057bc6a1abb362db79497c878321c2a71793f2bfb7ad211700fecd486241cc6197a50075560147b20b9cbe2f992f516c61 Out = b4ce87a416b83be3417ccbd7000d658acce2a5c3b57c92aa8ca3d912f20580748c2534a157b4ead16059499b9b11ae8ff07cca94a2a5a314b4ac4faaddcb0162 +# https://github.com/randombit/botan/issues/2082 +# https://github.com/gpg/libgcrypt/commit/da6cd4fea30f79cf9d8f9b2f1c6daf3aea39fa9c + +In = EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE16111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111116 +Out = 8b06f41e59907d9636e892caf5942fcdfb71fa31169a5e70f0edb873664df41c2cce6e06dc6755d15a61cdeb92bd607cc4aaca6732bf3568a23a210dd520fd41 + +In = ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff +Out = 90a161d12ad309498d3fe5d48202d8a4e9c406d6a264aeab258ac5ecc37a7962aaf9587a5abb09b6bb81ec4b3752a3ff5a838ef175be5772056bc5fe54fcfc7e
\ No newline at end of file |