Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 31 Jan 2012 23:10:38 +0100
From: Claudio Broglia <xeon@...root.eu>
To: john-dev@...ts.openwall.com
Subject: Re: Adding a new format

Il 29/01/2012 18:00, magnum ha scritto:
> On 01/29/2012 04:34 PM, Claudio Broglia wrote:
>> Hello,
>> I want to add a new hash format to John. I'm having some difficulties
>> trying to understand how all the binary(), crypt_all(), get_hash() and
>> similar functons wrap up together, and I can't seem to find
>> documentation around.
>> If there is, could you point me to some guide?
> There are some comments in formats.h. This together with a simple format
> like rawSHA256_fmt.c should get you started.
>
> magnum
>
Thanks for the hints, anyway I was already looking into it.
Until now, I've roughly figured out how they work together, but
something it's still missing in the picture :)

Here are a call dump from a single hash:
-- loading phase --
nds_valid(): ciphertext=...
nds_binary(): ciphertext=...
binary_hash_4()
nds_salt(): ciphertext=...
Loaded 1 password hash (...)

-- testing phase --
nds_valid(): ciphertext=* 
nds_valid(): ciphertext=...
nds_binary(): ciphertext=...
nds_salt(): ciphertext=...
nds_set_salt()
nds_set_key()
nds_crypt_all(): count=1
get_hash_0()
binary_hash_0()
get_hash_1()
binary_hash_1()
get_hash_2()
binary_hash_2()
get_hash_3()
binary_hash_3()
get_hash_4()
binary_hash_4()
get_hash_5()
binary_hash_5()
get_hash_6()
binary_hash_6()
nds_cmp_all(): count=1
nds_cmp_one(): index=0
nds_cmp_exact()

-- cracking phase --
...
nds_set_key(): key=mace55 index=0
nds_crypt_all(): count=1
nds_cmp_all(): count=1
...


My questions are:
- what are needed for the binary_hash() and get_hash() functions? From
the testing phase, I supposed they were needed to speedup comparison,
but they aren't used during the cracking phase.
- what is the meaning of the call, in the auto test phase, to
nds_valid() with ciphertext parameter set to "*"?
- would you suggest to crypt many keys at every pass, to gain speed, or
to stick with MAX_KEYS_PER_CRYPT set to 1?
- the hash format I'm adding uses only uppercase passwords. In which way
would you suggest to handle this? For example, converting to uppercase
the keys given in input to nds_set_key()? I'm sure there's a better way
to do it...

Many thanks for every suggestion

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ