zero padding error - Githubissues

indutny / hash.js

Hash functions in pure javascript

318 stars 43 forks source link

zero padding error #25

Closed frosty00 closed 5 years ago

frosty00 commented 5 years ago

> hash.hmac (hash.sha256, '1').update([0x00]).digest().map (x => x.toString (16)).join ('')
'3a52aaa98583bed0c473ebb9ac57c14c536c93e85c99844dfb2b4a7b59c9476'
> CryptoJS['HmacSHA256'] ('\x00', '1').toString (CryptoJS.enc.Hex)
'3a52aaa98583bed0c473ebb9ac57c104c536c93e85c99844dfb2b4a7b59c9476'

clearly hash.js is missing a single '0', probably to halves were concatenated and you forgot to do .pad ('0', 32), gl with finding this bug m8

frosty00 commented 5 years ago

c['SHA256'] ('\x00', '1').toString (c.enc.Hex)
'6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d'
hash.sha256 ('1').update([0x00]).digest().map (x => x.toString (16)).join ('')
'6e34b9cffb37a989ca544e6bb78a2c78901d3fb33738768511a3617afa01d'

it seems every 32 bit block is missing padding

indutny commented 5 years ago

Thank for reporting this. Could you try digest('hex')?

frosty00 commented 5 years ago

digest('hex') has the correct padding. Thanks )