Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 26 May 2013 20:15:13 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Re: Add support for cracking encrypted PKCS #8 private keys

On 25 May, 2013, at 20:46 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> On Sat, Sep 1, 2012 at 8:29 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>> I have added support for cracking encrypted PKCS #8 private keys to
>> JtR (patch against magnum-jumbo attached). Please review.
>> 
>> In the past, ssh format had OMP issues due to underlying OpenSSL
>> functions not being thread-safe. This problem might surface again
>> after applying this patch due to usage of new OpenSSL function
>> "PEM_read_bio_PrivateKey".
> 
> I got interested in this patch again after reading
> http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html
> 
> I am about to clean-up this patch and commit it to bleeding-jumbo.
> 
> Thoughts?

Is this added to existing ssh format, or a new format? Could you perhaps implement your own PEM_read_bio_PrivateKey()?

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ