preImageResistantHashAs results in 3x hashing

Description

When implementing a new hash algorithm via the DigestAlgorithm interface and only implementing its digest method, the DigestService's methods 'computeNonce' and 'componentHash' will calculate the hash via a 3x hashing.

The current workaround would be to override the DigestAlgorithm's preImageResistantDigest method with a method that simply returns the byte array, in the case of an algorithm that is resistant to length extension attacks, or calculating the digest once in the other case.

The proper fix would be to change

val firstHash = digest.preImageResistantDigest(bytes)
HASH(algorithm, digest.digest(firstHash))

to

val hash = digest.preImageResistantDigest(bytes)
HASH(algorithm, hash))

NOTE: after the fix, transactions created with nodes running in experimental mode will fail to validate. We should probably inform interested customers.

SecureHash's preImageResistantHashAs method

DigestAlgorithm's preImageResistantDigest method

Activity

Show:
Sachin Gokhale
February 16, 2021, 9:11 AM

- What needs to be QA’ed here? can you please elaborate any specific test cases?

Done

Assignee

Edoardo Ierina

Reporter

Edoardo Ierina

Labels

Sprint

None

Epic Link

None

Priority

Medium

Engineering Teams

None

Fix versions

Affects versions

None

Ported to...

None

Story Points / Dev Days

None

Build cut

None

Squad

None