Skip to content
This repository has been archived by the owner on Dec 29, 2022. It is now read-only.

Java doesn't produce the same hash for non 128 bit keysizes of AES as C++&Python #105

Closed
GoogleCodeExporter opened this issue Mar 7, 2015 · 10 comments
Closed

Java doesn't produce the same hash for non 128 bit keysizes of AES as C++&Python #105

GoogleCodeExporter opened this issue Mar 7, 2015 · 10 comments
Labels
auto-migrated Implementation-Java Priority-High Type-Patch

Comments

@GoogleCodeExporter
Copy link 

What steps will reproduce the problem?

http://code.google.com/p/keyczar/source/browse/java/code/src/org/keyczar/AesKey.
java#119

byte[] fullHash = Util.hash(Util.fromInt(BLOCK_SIZE), aesBytes, 
hmacKey.getEncoded());

What is the expected output? What do you see instead?

byte[] fullHash = Util.hash(Util.fromInt(aesBytes.length), aesBytes, 
hmacKey.getEncoded());

so that it is compatable with:
http://code.google.com/p/keyczar/source/browse/python/src/keyczar/keys.py#341
 fullhash = util.Hash(util.IntToBytes(len(self.key_bytes)),
                         self.key_bytes,
                         self.hmac_key.key_bytes)
or
http://code.google.com/p/keyczar/source/browse/cpp/src/keyczar/key.cc#202
 digest_impl.Update(util::Int32ToByteString(trimmed_field->size()));
 digest_impl.Update(*trimmed_field);

or wiki:
http://code.google.com/p/keyczar/wiki/KeyHash
4-byte integer valued length of the raw AES key bytes
Raw AES key bytes
Raw HMAC key bytes

What version of the product are you using? On what operating system?

Rev 275f433163c1

Original issue reported on code.google.com by jtu...@gmail.com on 11 Sep 2012 at 12:56
@GoogleCodeExporter
Copy link
Author 

I added some interop unit tests to python

http://code.google.com/r/jtuley-keyczar-python-interop-unittests/source/browse

they demonstrate the java key hash bug.

The interop data is generated by these scripts for java, c#, and python.
https://gist.github.com/4519944

Original comment by jtu...@gmail.com on 19 Jan 2013 at 12:14

@GoogleCodeExporter
Copy link
Author 

Merged previous clone into
http://code.google.com/r/jtuley-keyczar-python-usekey-exposed/source/checkout

and added better unit tests to test every size.

Original comment by jtu...@gmail.com on 23 Jan 2013 at 1:46

@GoogleCodeExporter
Copy link
Author 

For easier review moved squashed interop unit tests into a a single commit 
without data.
http://code.google.com/r/jtuley-keyczar-python-usekey-exposed/source/detail?r=e8
7b4ebd30a828b5728af38fede0b3a296a10770

and then data is in the next commit
http://code.google.com/r/jtuley-keyczar-python-usekey-exposed/source/detail?r=44
72ce82f5e0b5d22fbae3e622dd9b9b3ac185ff

Original comment by jtu...@gmail.com on 28 Jan 2013 at 11:47

@GoogleCodeExporter
Copy link
Author 

Added specific test for handling the buggy java ciphertext in python, (also did 
cpp aes string bytes just because it was easy)
http://code.google.com/r/jtuley-python-collisions/source/detail?r=2be3da0e3622e3
4b36961c096c3f473b28fda316

Fixed both with fallback hash support:
http://code.google.com/r/jtuley-python-collisions/source/detail?r=5ee72a56d192c1
bf469ff0427bed76363a0a7493

Java version requires similar support along with fixing the regular hash as 
well.

Original comment by jtu...@gmail.com on 6 Feb 2013 at 4:30

@GoogleCodeExporter
Copy link
Author

Original comment by jtu...@gmail.com on 2 Mar 2013 at 9:24

  • Added labels: Type-Patch, Priority-High, Implementation-Java
  • Removed labels: Type-Defect, Priority-Medium

@GoogleCodeExporter
Copy link
Author 

This is fixed for java too in a backwards compatible way in

https://code.google.com/r/jtuley-keyczar-dev/

Original comment by jtu...@gmail.com on 4 Jul 2013 at 4:37

  • Changed state: Started

@GoogleCodeExporter
Copy link
Author 

rebased java fix, in to patch 
https://code.google.com/r/jtuley-keyczar-dev/source/detail?r=fbf4e09bb9074193f0e
8e0b6e1a1a5b38c7f4e4b&name=java/aes_hash_fix

Original comment by jtu...@gmail.com on 13 Aug 2013 at 4:34

@GoogleCodeExporter
Copy link
Author 

As requested separated out (by hand) the previous patch into 3 functional 
commits off master

in the branch `java/aes_hash_remix`
https://github.com/jbtule/keyczar-dev/pull/5

https://code.google.com/r/jtuley-keyczar-dev/source/detail?r=33bb22369983822898d
d1247bb630ff8790a930d&name=java/aes_hash_remix

https://code.google.com/r/jtuley-keyczar-dev/source/detail?r=8a078eb98f29c715ef2
87b624eaee54e5820df48&name=java/aes_hash_remix

https://code.google.com/r/jtuley-keyczar-dev/source/detail?r=663454af84b30a78cd0
890b2981a1d6b642d5262&name=java/aes_hash_remix

Original comment by jtu...@gmail.com on 21 Aug 2013 at 5:16

@GoogleCodeExporter
Copy link
Author 

Another change set, with changes from review

https://code.google.com/r/jtuley-keyczar-dev/source/detail?r=a87ad570fe6f3e8807d
dd06fa1e0ca0fa0d999d1&name=java/aes_hash_remix

Original comment by jtu...@gmail.com on 22 Aug 2013 at 3:26

@jbtule jbtule mentioned this issue Apr 16, 2015
Merged
jbtule added a commit to jbtule/keyczar that referenced this issue May 3, 2016
@jbtule
AES >128bit key hash fallback, fixes issue google#105
febca55 
Review based changes
  - Possible extraneous memory alloc
  - whitespace fixes

Conflicts:

	java/code/src/org/keyczar/Verifier.java
@jbtule
Copy link
Contributor

jbtule commented May 20, 2016

This issue can be closed!!

@sweis sweis closed this as completed Mar 15, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
auto-migrated Implementation-Java Priority-High Type-Patch
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jbtule @sweis @GoogleCodeExporter