Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 18 Nov 2019 21:05:24 +0100
From: magnum <>
Subject: Re: PKCS#12 RFC7292 appendix B implementation ?

On 2019-11-18 19:58, wrote:
> Hi,
> Do you think possible to forecast that KDF in futur work?

The KDF alone should be quick'n'easy to whip up in OpenCL. Are you 
mostly interested in just that or a complete format?

A complete format would need some research and possibly some reverse 
engineering for determining how to tell when we got a match or not (and 
then we'd want that part too on GPU side). We probably need a primx2john 
tool and definitely a couple of test vectors.


> Le 18 novembre 2019 10:07:31 a écrit :
>> Hash function can be sha1 or sha256.
>> Password are unicode ending with \0\0 utf-16-be coded like here:
>> password = (unicode(self._password) + u'\0').encode('utf-16-be')
>> Regards
>> Le 18 novembre 2019 00:04:52 magnum <> a écrit :
>>> On 2019-11-17 14:23, Guillaume wrote:
>>>> Does PKCS#12, RFC7292 appendix B "Deriving Keys and IVs from Passwords
>>>> and Salt"
>>>> KDF will be implemented? (possibly as a OpenCL kernel?)
>>> I'm not aware of it being present in our tree. Should be easy to
>>> implement though.
>>>> It's used in PRIM'X ZED encrypted container.
>>> OK, but using what hash function H? Also, are they encoding the password
>>> like the RFC example - using UCS2, big-endian and including a trailing
>>> 0x0000, or are they doing it per the recommendation right before that
>>> example - using ASCII or UTF-8? And if the latter, are they including a
>>> trailing 0x00 or not?
>>> magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.