v3.00 beta 63 SHA1 error

[illyria]

Seems the SHA1 module is broken.

Hashes that are almost identical except the first 2 chars both result in the same password recovered.

e.g.
02342XXXXXXXXe5f0077XXXXXXf81811fb8193:Hello!
03342XXXXXXXXe5f0077XXXXXXf81811fb8193:Hello!
04342XXXXXXXXe5f0077XXXXXXf81811fb8193:Hello!
05342XXXXXXXXe5f0077XXXXXXf81811fb8193:Hello!
...
69342XXXXXXXXe5f0077XXXXXXf81811fb8193:Hello!


Noticed in beta-59 (v3.00-beta-142-g9d2c24f) confirmed in beta-63 (v3.00-beta-148-g063abab), but may have existed before that.

[atom]

It's a feature, not a bug. We only test the last 128 bit for correctness. Or said an other way, you will never find two password sharing the same last 128 bit therefore it's correct to do so.