engti / crypto-js

Automatically exported from code.google.com/p/crypto-js
0 stars 0 forks source link

Broken hashing with sigBytes< bytes #143

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
function sigBytesTest(data) {
    var hex = data.toString();
    console.debug("hex: " + hex);
    var unhex = CryptoJS.enc.Hex.parse(hex);

    console.log("sigBytes/length: " + data.sigBytes + "/" + (data.words.length * 4));
    console.log("sha256 expected: " + CryptoJS.SHA256(unhex));
    console.log("sha256 actual  : " + CryptoJS.SHA256(data));
}

function sigBytesTest1() {
    var Pbkdf2Result = CryptoJS.PBKDF2("asdfasdf", "abcdefg", { hasher: CryptoJS.algo.SHA1, iterations: 1000, keySize: 8 });
    console.debug("PBKDF2: " + Pbkdf2Result);
    console.debug(Pbkdf2Result);

    sigBytesTest(Pbkdf2Result);
}

function sigBytesTest2() {
    var Pbkdf2Result = CryptoJS.PBKDF2("asdfasdf", "abcdefg", { hasher: CryptoJS.algo.SHA256, iterations: 1000, keySize: 8 });
    console.debug("PBKDF2: " + Pbkdf2Result);
    console.debug(Pbkdf2Result);

    sigBytesTest(Pbkdf2Result);
}

sigBytesTest1();
sigBytesTest2();

What is the expected output? What do you see instead?
sigBytes/length: 32/40
sha256 expected: 
0578c093ded12b2eea50ca35e9d009e513c6008a1b21141945c29500136027b0
sha256 actual  : 
57a3cdda5062a51beb4f282c24895216f0ed4f00ea0717d47c06974e069d15a6
sigBytes/length: 32/32
sha256 expected: 
27a3e1b87b96da1cc364d4211f3f04dcb78cf72fe5e86b135809af3edd3e7023
sha256 actual  : 
27a3e1b87b96da1cc364d4211f3f04dcb78cf72fe5e86b135809af3edd3e7023 

What version of the product are you using? On what operating system?
Chrome 38.0.2125.111 on Windows 7

Please provide any additional information below.
Different types of hashing (tested: SHA1, SHA256, SHA512 and MD5) return wrong 
hashes if sigBytes of the input is smaller than the bytes in the data.

Original issue reported on code.google.com by qistoph on 5 Nov 2014 at 12:06