Comments (2)
emulbreh
commented on July 21, 2024
I agree that reusing the variable like that is ugly. The round number i is still used to salt the hash though: it's packed into key before i is reset.
If we wouldn't include the round number directly and instead just used it as an offset for i all rounds would end up using the same sequence, just shifted by the round number.
Thanks for bringing the post to my attention, I hadn't seen that before!
from pyffx.
clyfar
commented on July 21, 2024
In my testing it is not incremented in the generator and is set to 0 each round. The way I see the code, i is set in the encrypt function using the range of self.rounds:
a, b = self.split(v)
for i in range(self.rounds):
c = self.add(radix, a, self.round(radix, i, b))
a, b = b, c
return a + b
In this way, i is incrementing already and there doesn't seem to be a reason to attempt to increment again.
To test, I simply put a print(i) in the round function:
key = struct.pack('I%sI' % len(s), i, *s)
chars_per_hash = int(self.digest_size * math.log(256, radix))
i = 0
while True:
print(i)
h = hmac.new(self.key, key + struct.pack('I', i), self.digestmod)
d = int(h.hexdigest(), 16)
for _ in range(chars_per_hash):
d, r = divmod(d, radix)
yield r
key = h.digest()
i += 1
However, if you want to keep the increment inside round, you just have to move the i += 1 to inside the for loop (this brings up that the assignment of key should also be moved if that is indeed needed):
key = struct.pack('I%sI' % len(s), i, *s)
chars_per_hash = int(self.digest_size * math.log(256, radix))
i = 0
while True:
print(i)
h = hmac.new(self.key, key + struct.pack('I', i), self.digestmod)
d = int(h.hexdigest(), 16)
for _ in range(chars_per_hash):
d, r = divmod(d, radix)
yield r
i += 1
key = h.digest()
from pyffx.
Related Issues (10)
- Something wrong with pyffx.Integer HOT 3
- Apparent issues with cipher quality HOT 1
- Integer codec does not preserve length HOT 1
- pycrypto dependency should be updated to pycryptodome HOT 1
- Installation Error on Centos 7(Python 3.6)
- pip install encoding issue in setup.py on Windows HOT 5
- ValueError for capital letters and special characters HOT 1
- how can I exlude the combination of \n and \r characters in the encrypted result? HOT 2
- Are there guaranteed to be no collisions when using hashlib.sha1? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pyffx.