Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 06 Jun 2012 23:32:11 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: ./john --test --format=crypt --subformat=BF (usage
 problem)

On 06/06/2012 11:24 PM, Frank Dittrich wrote:
> Hi magnum,
>
> while testing my john.bash_completion changes, I noticed that in
> c3_fmt.c the list of supported subformats written to stderr in case of a
> wrong subformat doesn't match what is really tested in init().
>
> $ ./john --test --format=crypt --subformat=BF
> Subformat unknown to John. Currently supported: DES, MD5, BF, SHA-256,
> SHA-512
>
> The subformats actually allowed are
> des
> md5
> bf or bcrypt or blowfish
> sha256 or sha-256
> sha512 or sha-512
>
> Maybe the error message should use lower case subformat names as well,
> or init should use strcasecmp, to allow upper case subformat names, or both.
>
> I would make listing and checking subformat names similar to format
> names. Than means, now that the list of formats in the usage output is
> written in lower case, I would use lower case subformats in the stderr
> output. I'd also allow using upper case subformat names, since
> --format=DES also works.
> I wouldn't list all the different ways to specify a particular
> subformat, just listing bf instead of bf, bcrypt and blowfish is OK.
> Sould we also use raw-sha256 and raw-sha512 as subformat names instead,
> to match the format names?
>
> What do you think?

All these are valid concerns and I probably meant to use strcasecmp(). 
I'll have a look some time. Or would you like to submit a patch?

By the way, on my current Ubuntu 12 using BF, I get this:

$ ../run/john -test --format=crypt --subformat=bf
Benchmarking: generic crypt(3) BF x32 [?/64]... (2xOMP) Generic crypt(3) 
module: hash encoding string length 60, type id $2
appears to be unsupported on this system; will not load such hashes.
FAILED (valid)

This may look like a problem but is just the result of my system's 
crypt() not supporting BF. Not sure how to work around that but I don't 
think it's very important. I implemented these just to check the 
difference between crypt() and optimised JtR formats.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.