[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Difference between a+b and bit32.band(a+b)
- From: Duncan Cross <duncan.cross@...>
- Date: Fri, 9 Sep 2011 17:34:19 +0100
On Fri, Sep 9, 2011 at 3:35 PM, waspoza <email@example.com> wrote:
> On Fri, Sep 9, 2011 at 4:29 PM, Lee Hickey <firstname.lastname@example.org> wrote:
>>> >> > In digestblock function there is a line: H = band(H + a).
>>> >> I'm not sure about this, but I've heard of people doing similar things
>>> >> taking overflow into account correctly, etc.
>>> > That's what the comment says:
>>> > -- Add (mod 2^32) this chunk's hash to result so far:
>>> Yes, but on http://en.wikipedia.org/wiki/SHA-2 pseudocode says:
>>> Add this chunk's hash to result so far:
>>> h0 := h0 + a
>>> So in pseudocode this line is no different from other additions. And
>>> in lua code there is a difference. Why?
>> From that same wikipedia page and in reference to the pseudocode:
>> Note 1: All variables are unsigned 32 bits and wrap modulo 232 when
>> So, band(H + a) is achieving that.
> So why there is no 'and' here:
> local t2 = s0 + maj
> And not here:
> local t1 = h + s1 + ch + k[i] + w[i]
There are two possibilities. Either that was a mistake in the code
(those other cases *should* be using it), or it is not logically
necessary to do it for these temporary values in order to get the same
final result, which is all that really matters.