Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 18 Jan 2012 14:02:38 +0400
From: Solar Designer <>
Subject: Re: Bit slice implementation of DES based hashes

On Wed, Jan 18, 2012 at 05:21:50AM +0530, Piyush Mittal wrote:
> From my side, there is problem in k pointer only because while fetching
> values from k pointer I am getting error as shown below:
> Breakpoint 1, DES_bs_crypt_Oracle (binary_plain_salt_mix=0x7fffffffc640)
>     at DES_bs_b.c:1267
> 1267        rounds = 8;
> (gdb) p *k[0]@...
> Cannot access memory at address 0x0
> (gdb)
> You can also confirm it by taking Traditional Des and calling from there
> DES_bs_crypt_LM() instead of DES_bs_crypt_25().

When DES_BS_EXPAND is set to 1, and normally it is, DES_bs_crypt_LM()
and DES_bs_crypt_25() differ in where they expect the key pointers to
be.  DES_bs_crypt_LM() expects them in DES_bs_all.KS.p, whereas
DES_bs_crypt_25() expects them in DES_bs_all.KSp (notice the lack of a
dot before "p").  Additionally, in 1.7.8 one had to explicitly call
DES_bs_expand_keys() before DES_bs_crypt_25() - but you don't need that
since you're basing your revised function on DES_bs_crypt_LM() instead
(and DES_bs_expand_keys() is gone in 1.7.9 anyway).

Thus, what I think you need to do is revise DES_bs_init().  Replace its
"int LM" argument with e.g. "int flags", then replace the three uses of
the "LM" variable with checks of the flags as follows:

1. In this piece:

		if (LM)
			k = DES_bs_all.KS.p;
			k = DES_bs_all.KSp;

replace "LM" with "flags" (that is, if any flag is non-zero, use KS.p).

2. On this line:

				if (LM) bit = DES_LM_KP[bit];

replace "LM" with "flags & 1".

3. In this place:

		if (LM) {
			for (c = 0; c < 0x100; c++)
			if (c >= 'a' && c <= 'z')

replace "LM" with "flags".

That way, you do not need to modify any existing calls to DES_bs_init(),
but your new call will pass "2" for the flags, thereby achieving
behavior that neither LM == 0 nor LM == 1 did before.  Specifically,
after a call like this you'll be able to use a revision of
DES_bs_crypt_LM() like I think you're trying to, but it won't have any
LM key setup specifics (except for the implementation detail on which
array the key bit pointers are in).

I feel that I am doing your homework by providing instructions this
specific, though. ;-)

> > Maybe you did not actually add that function in your 1.7.9-jumbo-5 tree
> What does it mean? Are you saying about including header, that I did
> correctly same as of 1.7.8 ?

Not "header", but you did something wrong this time, which you had done
correctly for 1.7.8.  I cannot guess your exact error.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ