This patch makes Tiger output the correct checksum for the null string. Previously, hashing /dev/null or the null string (echo -n "") would output the contents of the initial Tiger context. $ digest tiger /dev/null TIGER (/dev/null) = 0123456789abcdeffedcba9876543210f096a5b4c3b2e187 It should be: $ ./digest tiger /dev/null TIGER (/dev/null) = 24f0130c63ac933216166e76b1bb925ff373de2d49584e7a See: http://www.cs.technion.ac.il/~biham/Reports/Tiger/testresults.html The bug is in the Tiger code (not digest) because the emulation of the MD*/SHA* interface isn't well done. When any of the *End() or *Final() is called after finishing a hash operation on zero-byte data, it must make sure the relevant update function (in this case, TigerUpdate) was called at least once, even with len=0. This patch just adds a 192-bit static array containing the initial Tiger state (which now uses TigerInit()) that both TigerEnd() and TigerFinal() use to compare it to tiger_context_t (which contains just a Tiger state). A "less cleaner" way would be to add an integer flag to tiger_context_t. It also makes TigerFinal() truly emulate the MD*/SHA*Final() calls. This (trivial) patch to tiger.c was tested on a 32-bit Pentium-4 (little endian) running FreeBSD 6.2-STABLE and a Sun SPARC (big endian) running SunOS 5.10. IMO, it could have been spotted earlier with a better test script. The remaining algorithms work OK with the null string. Note: This patch was tested against the current NetBSD's CVS version of pkgsrc/digest/files/tiger.c (as of this time of writing, version 1.2) and FreeBSD's (present in ports/security/digest) and (currently installed as digest-20050323_1. http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/pkgtools/digest/files/tiger.c To apply this patch on a FreeBSD system copy this patch to /usr/ports/security/digest/files as patch-tiger.c.patch and reinstall The original author (agc@netbsd.org) was notified. These comments are reproduced on the patch for your convenience. Fix: Attached is a UUEncoded patch. Patch attached with submission follows:
miwi 2007-05-29 14:54:04 UTC FreeBSD ports repository Added files: security/digest/files patch-triger.c Log: - Add a patch for output the correct checksum for the null string. PR: 112553 Submitted by: Ighighi<ighighi@gmail.com> Obtained from: pkgsrc Revision Changes Path 1.1 +62 -0 ports/security/digest/files/patch-triger.c (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!