Boost :

From: Andrey Semashev (andrey.semashev_at_[hidden])
Date: 2024-12-09 22:16:05

• Next message: Darryl Green: "Re: [hash2] Formal Review Begins"
• Previous message: Matt Borland: "Re: [hash2] Formal Review Begins"
• In reply to: Peter Dimov: "Re: [Hash2] Result extension"
• Next in thread: Claudio DeSouza: "Re: [Hash2] Result extension"
• Reply: Claudio DeSouza: "Re: [Hash2] Result extension"

On 12/9/24 21:49, Peter Dimov via Boost wrote:
>
> Note that reaching a multiple of block_size is important,
> because it ensures that the secret key you passed as
> the seed is not left in the internal buffer of the hash
> algorithm, visible in memory dumps.
>
> The test
>
> https://github.com/pdimov/hash2/blob/develop/test/plaintext_leak.cpp
>
> tries to catch these mistakes.
>
> That's why this line
>
> https://github.com/pdimov/hash2/blob/7a25f8518692b657e9272884519519fbaca2ec54/include/boost/hash2/md5.hpp#L257
>
> is needed, for example.

Plain memset may be optimized away by the compiler. If you want to
guarantee this data doesn't leak, a secure memset should be used.

• Next message: Darryl Green: "Re: [hash2] Formal Review Begins"
• Previous message: Matt Borland: "Re: [hash2] Formal Review Begins"
• In reply to: Peter Dimov: "Re: [Hash2] Result extension"
• Next in thread: Claudio DeSouza: "Re: [Hash2] Result extension"
• Reply: Claudio DeSouza: "Re: [Hash2] Result extension"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk