Python-Crypto

Regression on SHA-384 and SHA-512

Bug #1209399 reported by Legrandin
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Python-Crypto
New
Undecided
Unassigned

Bug Description

The following code behaves differently now than in PyCrypto 2.6.

===
from Crypto.Hash import SHA384, HMAC

payload = "test"
key = '\x00'*48
print HMAC.new(key, payload, SHA384).hexdigest()
print HMAC.new(key, payload, SHA384.new()).hexdigest()
===

With PyCrypto 2.6 it displays:
a154ade5eb70996838bffda2b49a00df11b43b70264dc8eff989444bf6afd61064d39926b22bb8fc988089128932dcea
a154ade5eb70996838bffda2b49a00df11b43b70264dc8eff989444bf6afd61064d39926b22bb8fc988089128932dcea

But now (master on github) it displays:
a154ade5eb70996838bffda2b49a00df11b43b70264dc8eff989444bf6afd61064d39926b22bb8fc988089128932dcea
4704b48c24b27a946500c3407119e2d16241ac2b6c7f0486f6bda46b5c0e95f4af80a84d9171bf311153ed6d8b6a5c5a

Legrandin (gooksankoo)
summary: - Regression on SHA-2 hashes
+ Regression on SHA-384 and SHA-512
Revision history for this message
Legrandin (gooksankoo) wrote :

I believe I narrowed down the regression to this specific changeset:

https://github.com/dlitz/pycrypto/commit/fd398a28e3a227a539b264a9f1e11287b904c7da

the previous version worked fine.
Still, I cannot see anything harmful in that change.

Revision history for this message
Legrandin (gooksankoo) wrote :

Patch available on this pull request:

https://github.com/dlitz/pycrypto/pull/57

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.