Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 10 Apr 2013 8:30:27 -0400
From:  <jfoug@....net>
To: john-dev@...ts.openwall.com
Cc: Jeremi Gosney <epixoip@...dshell.nl>
Subject: Re: [patch] sse/xop implementation of raw-sha256

Jeremi,

You might want to look at the cmp_all function.  I think things are not what they seem, and the code is always returning true, then using the current cmp_one logic.  The tmp value is always 0000 for non matches and fffff for matches.  Then what is returned is a short int where all 0 words are converted to a f and all ffff words converted to a 0.  So if all 4 hashes were cracked at once, then cmp_all would return 0.  Otherwise cmp_all is always returning some non-zero value.

However, digging deeper into JtR's actual running, I found out something I did not know before.  cmp_all is ONLY called for salted types.  I thought cmp_all was always called.  The cmp_all does get called, always, within the self test code, but the expectation there, is that cmp_all should return true, which this version does.

Magnum, I wonder if self-test code should mirror this logic (not calling cmp_all for non-salted), or if possibly all non-salted formats should have their cmp_all functions removed, and replaced with fmt_default_cmp_all  ?

Jim.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ