[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 15 Sep 2013 13:45:12 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: HMAC valid (was: 7z valid())
On 15 sep 2013, at 06:13, Solar Designer <solar@...nwall.com> wrote:
> A related issue is that many hmac* formats recognize 7z format's strings
> as valid for them as well. You might want to look into this and see if
> anything (reasonable) can be done about it now.
Can you give a specific example? All hmac formats' valid() does this:
* ciphertext must contain at least one '#'.
* left-side of the [rightmost] '#' is salt and has a max. allowed length.
* right-side of '#' is hash and must have correct length, eg. 40 hex chars for hmac-MD5.
* hash must be [0-9a-fA-F].
A 7z ciphertext does not contain '#' so I can't see how it would pass.
static int valid(char *ciphertext, struct fmt_main *self)
{
int pos, i;
char *p;
p = strrchr(ciphertext, '#'); // allow # in salt
if (!p || p > &ciphertext[strlen(ciphertext)-1]) return 0;
i = (int)(p - ciphertext);
if(i > SALT_SIZE) return 0;
pos = i+1;
if (strlen(ciphertext+pos) != BINARY_SIZE*2) return 0;
for (i = pos; i < BINARY_SIZE*2+pos; i++)
{
if (!( (('0' <= ciphertext[i])&&(ciphertext[i] <= '9')) ||
(('a' <= ciphertext[i])&&(ciphertext[i] <= 'f'))
|| (('A' <= ciphertext[i])&&(ciphertext[i] <= 'F'))))
return 0;
}
return 1;
}
magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
