Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 09 Nov 2013 22:35:50 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: gpg requires more test vectors

On 2013-11-09 01:50, Lukas Odzioba wrote:
> dhiru, magnum, all:
> Let's talk about this:
> https://github.com/magnumripper/JohnTheRipper/issues/331
>
> I've spent another evening on that, now I would apreciate any help.
> GnuPG version 1.4.10 which I tested supports 10 symmetric crypto
> algorithms and 7 hash functions used in s2k.
> So we need at least 70 test vectors to cover all of them + some
> variants of spec_simple, spec_salted.

That's tedious but probably a good idea.

> Our current code does not handle the following algorithms:
> 3DES, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256, SHA384, SHA224
> That's something to add, or at least mention in release notes.

I really hope its valid() rejects these - if not, I'll throw the format 
into broken until fixed.

> I am including merged 70 test vectors, john loads only 25 of them as
> expected, and cracks 0 of them.

It only loads 25 due to valid doing the Right Thing[tm]? That's good 
then. But as you said it should be documented and eventually fixed.

magnum


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ