Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 6 Sep 2015 12:48:08 -0500
From: JimF <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: Re: FormSpring valid()



On 9/6/2015 12:28 PM, Solar Designer wrote:
> magnum -
>
> On Tue, Sep 01, 2015 at 03:47:23PM +0800, Kai Zhao wrote:
>> On Tue, Sep 1, 2015 at 3:21 PM, magnum <john.magnum@...hmail.com> wrote:
>>> I do not know but I think there should be an issue for finding out (or it
>>> will be forgotten).
>>>
>>> The existing untagged test vector only has a salt length of two, I wonder if
>>> that is the difference? Maybe real Formspring hashes have that limitation?
>> I opened an issue for this:
>>
>> https://github.com/magnumripper/JohnTheRipper/issues/1725
> Your comment:
>
> "I see now formspring defines SALT_SIZE as 2. Doesn't look like a bug to
> me, your test vector simply didn't fit the format."
>
> does not address the issue of the format accepting strings with longer
> salts.  Maybe the bug is that this format's valid() (which builds upon
> the dynamic stuff and thus isn't easy for me to follow) sometimes
> accepts invalid strings as well (just not all the time, which is why Kai
> felt that something was wrong)?  And some of the currently listed test
> vectors are in fact invalid.  I think you should re-open the issue.
>
> Kai - how did you obtain the test vectors that you added to
> formspring_fmt_plug.c in 101bed96efba9509f5f60447a342a00024bba17e?
> Specifically, where did their salts come from?  Why are they of 8 hex
> digits whereas the existing test vectors used two-char salts?
>
> Alexander
If we want formspring by itself, to not work for any salt > 2, then it 
is still pretty easy to do.

We would simply call the dynamic->valid() function.  If that fails 
return failure. The if that
is ok, (all done within formspring_valid() function), we simply make 
sure that the salt
is exactly 2 bytes.  If not we fail.  That way, the format would work 
with raw hashes, or
with dynamic_61 hashes, AS LONG as the salts are 2 bytes. Right now, 
even though
there is a #define of SALT_SIZE=2  it is not used at all.  Well, 
actually it IS used, but
used incorrectly, to determine when to call dynamic valid without doing 
a convert.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.