From fd91519093fccc6db8fff7dbbc600e4b8ea5847e Mon Sep 17 00:00:00 2001 From: Steve Thomas Date: Sun, 10 Mar 2024 21:01:06 -0500 Subject: [PATCH] Output of KDF repeats For the blocks of 64 bytes of output, the first and forth blocks are the same (among others). Since it is "H(0 XOR data)" and "H(0 XOR 1 XOR 2 XOR 3 XOR data)" --- bscrypt.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/bscrypt.cpp b/bscrypt.cpp index 3e8f201..957484f 100644 --- a/bscrypt.cpp +++ b/bscrypt.cpp @@ -562,12 +562,13 @@ int bscrypt_kdf(void *output, size_t outputSize, const void *password, size_t pa // Step 3: output = kdf(work, seed) uint64_t i = 1; + uint64_t workSeed0 = workSeed[0]; while (outputSize > 64) { blake2b_nativeIn(output, 64, workSeed, 16 * sizeof(uint64_t)); output = ((uint8_t*) output) + 64; outputSize -= 64; - workSeed[0] ^= i; + workSeed[0] = workSeed0 ^ i; i++; } if (outputSize != 0)