[ntp:hackers] How to find hash length without calculating a hash?

brian utterback brian.utterback at oracle.com
Wed Jun 1 03:03:33 UTC 2016


Is there anyway to determine the expected hash length for an
indeterminate hash object without actually calculating the hash? In the
MAC extension draft RFC, the format is that the hash lengths all appear
at the beginning of the extension field before the hashes themselves. I
think that the only secure way of implementing this is to have each hash
calculated for the entire packet up to the beginning of the hash.
Therefore we would want to know the lengths of all of the hashes before
we actually calculate them because once the first hash is calculated the
lengths can not be changed. It would be really ugly if we had to
calculate each hash twice, once to determine the length and once with
the actual values. Of course the length, once known could be cached with
the key, or the openssl object number, but I would think that attributes
like that ought to be able to be determined ahead of time. But just
because I would have thought it should be possible doesn't mean it is. I
tried looking at some openssl docs, but nothing jumped out at me.
-- 
Oracle <http://www.oracle.com>
Brian Utterback | Principal Software Engineer
Phone: +1 6038973049 <tel:+1%206038973049>
Oracle Systems/RPE Solaris Network
1 Oracle Dr. | Nashua, NH 03062
------------------------------------------------------------------------
All working systems eventually start to exhibit their own agenda
------------------------------------------------------------------------
Green Oracle <http://www.oracle.com/commitment> Oracle is committed to
developing practices and products that help protect the environment


More information about the hackers mailing list