Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 27 May 2012 20:27:16 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: memory usage within JtR and possible ways to significantly reduce it.

Try this version.  I have undone the changes to raw-md5thick, and raw-sha1
(the tag being adding).  Now these formats also work properly.

Jim.

>-----Original Message-----
>From: magnum [mailto:john.magnum@...hmail.com]
>Sent: Sunday, May 27, 2012 5:49 PM
>To: john-dev@...ts.openwall.com
>Subject: Re: [john-dev] memory usage within JtR and possible ways to
>significantly reduce it.
>
>I see some slight problems. Maybe they can be fixed.
>
>I added a trivial get_source() to nt2, worked fine. Then I added one to
>raw-md5 (thick) and that failed. Turns out I had to change the test
>vectors to always include the tag (some did, some did not). But this
>means we are not testing the format's ability to read untagged hashes.
>
>Then I added one to raw-SHA1 (thick) and got a similar problem: One of
>the test vectors was in upper case. I had to lower case it, but that
>means we are not testing the format's ability to read upper case hashes.
>
>I committed them but will not do more for now.
>
>Hm.. maybe something like this change of the self-test would fix both
>problems? Or would it create others?
>
>      binary = format->methods.binary(ciphertext);
>      salt = format->methods.salt(ciphertext);
>      if (format->methods.get_source != fmt_default_get_source) {
>+             char *binary2 = alloca(params.binary_size);
>              sourced = format->methods.get_source(binary, salt, Buf);
>+             memcpy(binary2, binary, format->params.binary_size)
>+             binary = format->methods.binary(sourced);
>+             if (memcmp(binary, binary2, format->params.binary_size))
>-             if (strcmp(sourced, prepared))
>                      return "get_source";
>      }
>
>The alloca and memcpy is needed because otherwise binary and binary2
>would point to the same static buffer in binary()
>
>magnum
>
>
>On 05/27/2012 11:01 PM, jfoug wrote:
>> Here is the simple change to get the get_source function working
>> properly in self test.  In the self-test code, I was able to pass the
>> salt. I believe the logic will be that if salt pointer is non null,
>> then that data will be used.  Otherwise if the salt pointer is null,
>> then the data from the last
>> (current) call from set_salt will be the data to use when rebuilding a
>> salted hash.
>>
>> I have not done a salted hash just yet, Once I do a couple salted
>> hashes (I will likely start by doing most of the dynamic's), then I
>> will for sure that these methods work the way I think they will.
>>
>> Jim.
>>
>>
>> From: jfoug [mailto:jfoug@....net]
>>>
>>>> From: magnum [mailto:john.magnum@...hmail.com] We need to add self
>>>> tests for this,
>>>
>>> Agreed.  That has not been put in place,  but must be done.


[ CONTENT OF TYPE application/octet-stream SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ