#17733 closed defect (fixed)
bug in dojox/encoding/digests/SHA256,SHA512, _hmac result is incorrect.
Reported by: | swaron | Owned by: | |
---|---|---|---|
Priority: | undecided | Milestone: | 1.9.4 |
Component: | Dojox | Version: | 1.9.2 |
Keywords: | Cc: | ||
Blocked By: | Blocking: |
Description
the bug is relative to sha256,sha224,sha384,sha512. in version 1.9.2. take sha256._hmac for example:
here is the last part of /dojox/encoding/digests/SHA256.js
make the final digest var r1 = sha32.digest(ipad.concat(sha32.toWord(data)), 512 + data.length * 8, hash, 256);
swaron: 512 + 160 is incorrect, because the length of sha256 is 256bit, should be 512+256, var r2 = sha32.digest(opad.concat(r1), 512 + 160, hash, 256);
swaron: the r2 should be return instead of wa. assign r2 to wa will fix it. wa = r2;
return the output. switch(out){
case sha32.outputTypes.Raw: {
return wa;
} case sha32.outputTypes.Hex: {
return sha32.toHex(wa);
} case sha32.outputTypes.String: {
return sha32._toString(wa);
} default: {
return sha32.toBase64(wa);
}
}
Change History (6)
comment:1 Changed 6 years ago by
comment:3 Changed 6 years ago by
Owner: | set to Colin Snover <[email protected]…> |
---|---|
Resolution: | → fixed |
Status: | new → closed |
comment:6 Changed 6 years ago by
Milestone: | tbd → 1.9.4 |
---|
I have also experienced this problem with SHA256, and I confirm that the provided fix appears to work - return
r2
instead ofwa
and use 512 + 256 rather than 512 + 160 for ther2
input length.Some comments might clear up where theses numbers come from. Assuming we're using the 32-bit version of the algorithm, 512 is
ipad.length
* 32 (andopad.length
* 32), and 256 isr1.length
* 32.