Date: Fri, 12 Jul 2013 12:32:36 +0200 From: marcus.desto <marcus.desto@...pl> To: john-dev@...ts.openwall.com Subject: Re: BUG in pbkdf2_hmac_sha1_unsplit_kernel.cl Dnia 12 lipca 2013 11:22 magnum <john.magnum@...hmail.com> napisał(a): > On 12 Jul, 2013, at 8:01 , marcus.desto <marcus.desto@...pl> wrote: > > I suggest, you should introduce testing to your project, like unit testing, whitebox and blackbox testing. > > We have built-in self-tests as well as the more extensive "Test Suite" (https://github.com/magnumripper/jtrTestSuite). But in this case no tests were using that long salts. Actually most (all?) formats using this shared code (eg. zip, dmg, strip, odf) has a fixed salt length of eg. 8 or 16 so I'm not sure this bug ever surfaced in our current formats. > > magnum > Ok, but you should consider all input lengths, at least to proof the limits auf input length. Hmm, I also have found some test code in the *_fmt.c files, but maybe you should not plant test code in productive code. Marcus
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.