Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 15 Mar 2013 9:26:08 -0400
From:  <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: Re: formats that duplicate dynamics

---- magnum <john.magnum@...hmail.com> wrote: 
> I always thought it's backwards when permanent formats (including "thick" and preloaded dynamics) use $dynamic tags. Raw MD5 and SHA1 is most notable.  Jim, would it be possible to add some generic tag-handling to dynamic, so eg. a thin format or a user defined or preloaded one could specify its format_tag? Ideally it would enable a format to recognize both "$dynamic_nn$" and "$postgre$" in input files as well as pot files but always output the latter. This is for bleeding though, not Jumbo-8.

I can look into this in bleeding, later.  Right now, I have no time.  It would be nice to know exactly what was expected in behavior.  It will likely mean that the 'thin' formats may grow thicker.

The current behavior, is the thin format simply is a front end, that converts the hash into a dynamic format.  I may simply be able to add some additional code, so that the back end gets hooked, and reverses this transform.   It would only need to be done when writing to the .pot, and or .log files (I think).  I guess I would also need to see how the -show played into this.

I would rather NOT put generic tag handling into dynamic. It already is WAY too difficult in parsing, in many functions. Dealing with arbitrary salts, with many different parts within the salts, handling the $HEX$, and handling input hashes of a multitude of types (base 16, lower, upper and or mixed case), base 64 (in several 'flavors'), etc and hashes that are a multitude of lengths. Adding handling of 'other' type of hashes at any point past prepare() would simply multiply the complexity.  If we are to do this, then it will need to be in the thin format, where it is manageable, even though it makes writing a thin format a little harder to do.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ