• Welcome to Valhalla Legends Archive.
 

SHA1 Question

Started by warz, November 05, 2006, 08:12 PM

Previous topic - Next topic
Print
|
Go Down Pages1
User actions

warz

November 05, 2006, 08:12 PM Last Edit: November 05, 2006, 08:35 PM by warz
I've been reading up on SHA1, in order to better understand what CheckRevision is doing, and I see that it's taking one parameter from the stack - pointer to the data to be sha1'd. Does SHA1 only take one parameter, and create the 160-bit digest simply based on that alone? Or, is there other factors that can influence the output of this? It looks like lockdown is incrementing a second argument, the value returned from storm.350, while it loops around the SHA1 function, as well as inside of the SHA1 function. It SHA1'd the data three times.

Joe[x86]

#1
November 05, 2006, 09:31 PM Last Edit: November 05, 2006, 09:33 PM by Joe[x86]
If I understand correctly, it's like MD5. It hashes the data, and that's it. If you wanted to hash it with a "key" or "seed", it'd be perfectly legit to append or preappend that directly onto the data, though.

EDIT -
I don't know what storm.350 does, but I bet it's a seed of some sort, or makes a seed from the server/client tokens or something. But then again if CheckRevision()'s signature didn't change then you couldn't be passing the tokens to it in the first place..
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

warz

#2
November 05, 2006, 09:51 PM
Well, after looking at an actual sha1 implementation in C, it looks like the value returned from storm.350, or from within storm.350, is one of the parameters for SHA1Transform.

Ersan

#3
November 09, 2006, 06:30 PM Last Edit: November 09, 2006, 06:35 PM by Ersan
Quote from: Joex86] link=topic=15988.msg160853#msg160853 date=1162783911]If I understand correctly, it's like MD5. It hashes the data, and that's it. If you wanted to hash it with a "key" or "seed", it'd be perfectly legit to append or preappend that directly onto the data, though.

This is called salting, and it's very likely that this is what it's doing.
salt = seed
Try:
SHA1 ( salt + value )
or
SHA1 ( value + salt )
or
SHA1 ( salt + value + salt )

Most common usage.

UserLoser

#4
November 09, 2006, 06:41 PM
Quote from: warz on November 05, 2006, 09:51 PM
Well, after looking at an actual sha1 implementation in C, it looks like the value returned from storm.350, or from within storm.350, is one of the parameters for SHA1Transform.

You don't have to worry about SHA1Transform, only SHA1Init (no brainer), SHA1Update and SHA1Final.  SHA1Update calls SHA1Transform for you

warz

#5
November 09, 2006, 08:28 PM
Yes. Also, it doesn't appear to be using a salt.
Print
|
Go Up Pages1
User actions