Boost :

From: Peter Dimov (pdimov_at_[hidden])
Date: 2024-12-10 16:51:30

• Next message: Andrey Semashev: "Re: [hash2] Andrey's review"
• Previous message: Alexander Grund: "Re: Github Actions CI updates - e.g. Node 20"
• In reply to: Andrey Semashev: "Re: [hash2] Andrey's review"
• Next in thread: Andrey Semashev: "Re: [hash2] Andrey's review"
• Reply: Andrey Semashev: "Re: [hash2] Andrey's review"

Andrey Semashev wrote:
> I think, HashAlgorithm should allow implementations to use the seed arguments
> to the hash algorithm constructors as salt, i.e. the constructor would implicitly
> call update().

No, this is a bad practice and should never be used. As I already said, the
algorithm should at minimum include the size of the seed, and then pad to
a multiple of the block size. This is not just something I made up, it's existing
practice. See for instance how KMAC is defined in

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-185.pdf

If not that, you should at minimum include the hash of the seed in the initial
prefix, instead of (or in addition to) the seed, like HMAC does. Don't forget
to pad to a multiple of the block size.

• Next message: Andrey Semashev: "Re: [hash2] Andrey's review"
• Previous message: Alexander Grund: "Re: Github Actions CI updates - e.g. Node 20"
• In reply to: Andrey Semashev: "Re: [hash2] Andrey's review"
• Next in thread: Andrey Semashev: "Re: [hash2] Andrey's review"
• Reply: Andrey Semashev: "Re: [hash2] Andrey's review"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk