General Programming | SHA1 Question

Author	Message	Time
warz	I've been reading up on SHA1, in order to better understand what CheckRevision is doing, and I see that it's taking one parameter from the stack - pointer to the data to be sha1'd. Does SHA1 only take one parameter, and create the 160-bit digest simply based on that alone? Or, is there other factors that can influence the output of this? It looks like lockdown is incrementing a second argument, the value returned from storm.350, while it loops around the SHA1 function, as well as inside of the SHA1 function. It SHA1'd the data three times.	November 6, 2006, 2:12 AM
JoeTheOdd	If I understand correctly, it's like MD5. It hashes the data, and that's it. If you wanted to hash it with a "key" or "seed", it'd be perfectly legit to append or preappend that directly onto the data, though. EDIT - I don't know what storm.350 does, but I bet it's a seed of some sort, or makes a seed from the server/client tokens or something. But then again if CheckRevision()'s signature didn't change then you couldn't be passing the tokens to it in the first place..	November 6, 2006, 3:31 AM
warz	Well, after looking at an actual sha1 implementation in C, it looks like the value returned from storm.350, or from within storm.350, is one of the parameters for SHA1Transform.	November 6, 2006, 3:51 AM
Ersan	[quote author=Joe[x86] link=topic=15988.msg160853#msg160853 date=1162783911]If I understand correctly, it's like MD5. It hashes the data, and that's it. If you wanted to hash it with a "key" or "seed", it'd be perfectly legit to append or preappend that directly onto the data, though. [/quote] This is called salting, and it's very likely that this is what it's doing. salt = seed Try: SHA1 ( salt + value ) or SHA1 ( value + salt ) or SHA1 ( salt + value + salt ) Most common usage.	November 10, 2006, 12:30 AM
UserLoser	[quote author=warz link=topic=15988.msg160856#msg160856 date=1162785063] Well, after looking at an actual sha1 implementation in C, it looks like the value returned from storm.350, or from within storm.350, is one of the parameters for SHA1Transform. [/quote] You don't have to worry about SHA1Transform, only SHA1Init (no brainer), SHA1Update and SHA1Final. SHA1Update calls SHA1Transform for you	November 10, 2006, 12:41 AM
warz	Yes. Also, it doesn't appear to be using a salt.	November 10, 2006, 2:28 AM

Author

Message

Time

warz

I've been reading up on SHA1, in order to better understand what CheckRevision is doing, and I see that it's taking one parameter from the stack - pointer to the data to be sha1'd. Does SHA1 only take one parameter, and create the 160-bit digest simply based on that alone? Or, is there other factors that can influence the output of this? It looks like lockdown is incrementing a second argument, the value returned from storm.350, while it loops around the SHA1 function, as well as inside of the SHA1 function. It SHA1'd the data three times.

November 6, 2006, 2:12 AM

JoeTheOdd

If I understand correctly, it's like MD5. It hashes the data, and that's it. If you wanted to hash it with a "key" or "seed", it'd be perfectly legit to append or preappend that directly onto the data, though.

EDIT -
I don't know what storm.350 does, but I bet it's a seed of some sort, or makes a seed from the server/client tokens or something. But then again if CheckRevision()'s signature didn't change then you couldn't be passing the tokens to it in the first place..

November 6, 2006, 3:31 AM

warz

Well, after looking at an actual sha1 implementation in C, it looks like the value returned from storm.350, or from within storm.350, is one of the parameters for SHA1Transform.

November 6, 2006, 3:51 AM

Ersan

[quote author=Joe[x86] link=topic=15988.msg160853#msg160853 date=1162783911]If I understand correctly, it's like MD5. It hashes the data, and that's it. If you wanted to hash it with a "key" or "seed", it'd be perfectly legit to append or preappend that directly onto the data, though.
[/quote]

This is called salting, and it's very likely that this is what it's doing.
salt = seed
Try:
SHA1 ( salt + value )
or
SHA1 ( value + salt )
or
SHA1 ( salt + value + salt )

Most common usage.

November 10, 2006, 12:30 AM

UserLoser

[quote author=warz link=topic=15988.msg160856#msg160856 date=1162785063]
Well, after looking at an actual sha1 implementation in C, it looks like the value returned from storm.350, or from within storm.350, is one of the parameters for SHA1Transform.
[/quote]

You don't have to worry about SHA1Transform, only SHA1Init (no brainer), SHA1Update and SHA1Final. SHA1Update calls SHA1Transform for you

November 10, 2006, 12:41 AM

warz

Yes. Also, it doesn't appear to be using a salt.

November 10, 2006, 2:28 AM

Valhalla Legends Forums Archive | General Programming | SHA1 Question