// So we can implement the SAMY hash, which is currently an XOR of SHA-256 with WHRLPOOL // // Originally, it was SHA512 and WHRLPOOL, which both have a 512-bit output-size. // I was then going to cut the result in half and XOR together again. But then I // though, for now, instead of doing all that extra work, I'll just change the // two "HashAlgorithms" from SHA512 and WHRLPOOL to SHA256 and WHIRLPOOL. // // This was very much easier, as I only had to change the little "512" to say // "256" instead, and basically the job was done. Of course, this means that OT // is generating a 256-bit hash in THIS object, and a 512-bit WHIRLPOOL hash in // the other object. i.e. There is still one 512-bit hash that you are forced to // calculate, even if you throw away half of it after the calculation is done. // // Since the main object has a 256-bit hash, the XOR() function below was already // coded to XOR the minimum length based on the smallest of the two objects. // Therefore, it will XOR 256 bits of the WHRLPOOL output into the 256 bits of // the main output (SHA256) and stop there: we now have a 256 bit ID. // // The purpose here is to reduce the ID size so that it will work on Windows with // the filenames. The current 512bit output is 64 bytes, or 128 characters when // exported to a hex string (in all the OT contracts for example, over and over // again.) // // The new size will be 256bit, which is 32 bytes of binary. In hex string that // would be 64 characters. But we're also converting from Hex to Base62, which // means we'll get it down to around 43 characters. // // This means our IDs are going to go from this: // // // To this: // // // You might ask: is 256 bits big enough of a hash size to be safe from collisions? // Practically speaking, I believe so. The IDs are used for accounts, servers, asset types, // and users. How many different asset types do you expect there will be, where changing the // contract to anything still intelligible would result in a still-valid signature? To find // a collision in a contract, where the signature would still work, would you expect the necessary // changed plaintext to be something that would still make sense in the contract? Would such // a random piece of data turn out to form proper XML? // // 256bits is enough to store the number of atoms in the Universe. If we ever need a bigger // hashsize, just go change the HashAlgorithm1 back to "SHA512" instead of "SHA256", and you'll // instantly have a doubled hash output size :-) // bool OTIdentifier::XOR(const OTIdentifier & theInput) { // Go with the smallest of the two const int64_t lSize = (GetSize() > theInput.GetSize() ? theInput.GetSize() : GetSize()); for (int32_t i = 0; i < lSize; i++) { // When converting to BigInteger internally, this will be a bit more efficient. ((char*)GetPointer())[i] ^= ((char*)theInput.GetPointer())[i]; // todo cast } return true; }