Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 09 Feb 2012 10:32:07 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Drupal 7

On 02/09/2012 09:10 AM, Solar Designer wrote:
> On Thu, Feb 09, 2012 at 11:47:44AM +0400, Solar Designer wrote:
>> On Thu, Feb 09, 2012 at 03:15:46AM +0100, magnum wrote:
>>> On 01/16/2012 12:12 AM, Solar Designer wrote:
>>>> Here's one more: Drupal 7 uses a revision of phpass with MD5 replaced
>>>> with SHA-512 and hashes cut at 258 bits (yes, 258 - that's a multiple of 6).
>>>> These hash encodings use the $S$ prefix.  Perhaps we should support them.
>>>
>>> I just committed this format. Painfully slow but supports OMP.

> Just why is it slower than SHA-crypt-512, though?  (With the
> current sets of test vectors.)  Somehow I thought that the latter with
> the default of rounds=5000 actually invoked the SHA-512 compression
> function about 17,000 times.  So I expected these two to provide very
> similar performance.

SHA-crypt calls SHA512_Update() 17766 times for 5000 rounds, but
sha512_block_dat_order() is only called 5021 times, and that's the slow
stuff.

> Here's a very minor optimization:
> 
> Patch attached.

Thanks, and then we can adjust the crypt_key array like this:

View attachment "john-drupal7-opt-2.diff" of type "text/x-patch" (606 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ