Date: Tue, 10 Jul 2007 06:36:55 -0400 From: Wesley Shields <wxs@atarininja.org> To: Christian Baer <christian.baer@uni-dortmund.de> Cc: freebsd-security@freebsd.org Subject: Re: slight irritation using digest (from the ports) Message-ID: <20070710103655.GA87426@atarininja.org> In-Reply-To: <f6vjfa$2d5v$1@nermal.rz1.convenimus.net> References: <f6vjfa$2d5v$1@nermal.rz1.convenimus.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 10, 2007 at 11:28:10AM +0200, Christian Baer wrote: > Hello Folks! > > For a special application I needed to create digests (or hashes) using > the whirlpool algorithem. It was kind of hard to find something that > actually did that. But I found digest in the ports tree - ok, with some > help from someone who seemed to know what to look for. :-) > > What irritates me is the Wikipedia-page on Whirlpool: > http://en.wikipedia.org/wiki/Whirlpool_%28algorithm%29 > > There is a chance that the author of the article messed up somehow but > when you are handling sensitive stuff, chances aren't really the things > you want to take. > > My irritations in detail: > > My zero-hash is the same as the example shown for whirlpool > (whirlpool-2). That's a good sign so far. > > My hash for "The quick brown fox jumps over the lazy dog" is: > 72687676756b91ad986f2e56df761b354b748bc20098354b017b924e82cc67ae > 059da85f009d1a17c0f12ec0e644c0c3a193f3fc0fee22f053edbfcd95cbf873 > And that is nowhere near the examples shown in the article. The same > basic thing applies for the change of "dog" to "eog". My hashes are > completely different - as in "no chance the hashes were transfered by > typing and a typo snuck in". I've tried changing the first letter to a > small 't' in case the author didn't hash the sentence with a capital, > but that didn't resolve the problem, nor did adding a full stop. I even > added the quotes to the string that whirlpool digested - didn't change > anything. I know I could try changing the input until kingdom come > without finding the error, so I left it at that. I think this illustrates what you're seeing... wxs@rst wxs > echo "The quick brown fox jumps over the lazy dog" > foo wxs@rst wxs > digest whirlpool foo WHIRLPOOL (foo) = 72687676756b91ad986f2e56df761b354b748bc20098354b017b924e82cc67ae059da85f009d1a17c0f12ec0e644c0c3a193f3fc0fee22f053edbfcd95cbf873 wxs@rst wxs > echo -n "The quick brown fox jumps over the lazy dog" > wxs@rst wxs > digest whirlpool foo WHIRLPOOL (foo) = b97de512e91e3828b40d2b0fdce9ceb3c4a71f9bea8d88e75c4fa854df36725fd2b52eb6544edcacd6f8beddfea403cb55ae31f03ad62a5ef54e42ee82c3fb35 wxs@rst wxs > It was including the trailing newline character in your example. -- WXS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070710103655.GA87426>