Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 22 Jun 2012 14:03:54 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Re: EPiServer format fails on 32-bit builds.

On Fri, Jun 22, 2012 at 1:59 PM, Frank Dittrich
<frank_dittrich@...mail.com> wrote:
> On 06/22/2012 10:03 AM, Dhiru Kholia wrote:
>> data = base64.decodestring("fGJ2wn/5WlzqQoDeCA2kXA==")
>> print len(data) # 16
>
> Then I don't understand why unsigned char esalt[16] wasn't large enough
> for the test vector.

I haven't checked the source of base64_decode function but it needed
one byte more than 16 to function correctly.

> If the salt size really is variable, depending on the base64 encoded
> salt, then this is certainly wrong as well:
>
> SHA1_Update(&ctx, cur_salt->esalt, 16);
>
> May be the format isn't even properly named, because it is not specific
> to EPiServer, but any application using the Microsoft .NET framework?

Okay. What should we name it then? Any examples for applications using
the same hashing scheme would be good.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.