Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 28 May 2012 00:49:13 +0200
From: magnum <>
Subject: Re: memory usage within JtR and possible ways to significantly
 reduce it.

I see some slight problems. Maybe they can be fixed.

I added a trivial get_source() to nt2, worked fine. Then I added one to
raw-md5 (thick) and that failed. Turns out I had to change the test
vectors to always include the tag (some did, some did not). But this
means we are not testing the format's ability to read untagged hashes.

Then I added one to raw-SHA1 (thick) and got a similar problem: One of
the test vectors was in upper case. I had to lower case it, but that
means we are not testing the format's ability to read upper case hashes.

I committed them but will not do more for now.

Hm.. maybe something like this change of the self-test would fix both
problems? Or would it create others?

      binary = format->methods.binary(ciphertext);
      salt = format->methods.salt(ciphertext);
      if (format->methods.get_source != fmt_default_get_source) {
+             char *binary2 = alloca(params.binary_size);
              sourced = format->methods.get_source(binary, salt, Buf);
+             memcpy(binary2, binary, format->params.binary_size)
+             binary = format->methods.binary(sourced);
+             if (memcmp(binary, binary2, format->params.binary_size))
-             if (strcmp(sourced, prepared))
                      return "get_source";

The alloca and memcpy is needed because otherwise binary and binary2
would point to the same static buffer in binary()


On 05/27/2012 11:01 PM, jfoug wrote:
> Here is the simple change to get the get_source function working properly in
> self test.  In the self-test code, I was able to pass the salt. I believe
> the logic will be that if salt pointer is non null, then that data will be
> used.  Otherwise if the salt pointer is null, then the data from the last
> (current) call from set_salt will be the data to use when rebuilding a
> salted hash.
> I have not done a salted hash just yet, Once I do a couple salted hashes (I
> will likely start by doing most of the dynamic's), then I will for sure that
> these methods work the way I think they will.
> Jim.
> From: jfoug []
>>> From: magnum []
>>> We need to add self tests for this,
>> Agreed.  That has not been put in place,  but must be done.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.