| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 06 Apr 2014 07:21:09 -0700 From: Jeremi Gosney <epixoip@...dshell.nl> To: discussions@...sword-hashing.net Subject: Re: [PHC] pufferfish On 4/6/2014 7:09 AM, Jeremi Gosney wrote: > On 4/6/2014 7:03 AM, Bill Cox wrote: >> Pufferfish has a minor bug in api.c. I'm not 100% I got the fix >> right, but I am 100% sure this is a bug. On line 135, memmove is >> calling strlen(hash) to determine how much data to copy. It seems >> like it should use strlen instead, assuming Pufferfish supports >> variable out length. Here's the diff after I made this change: >> >> diff --git a/Pufferfish/src/common/api.c b/Pufferfish/src/common/api.c >> index 288937d..58daf4b 100644 >> --- a/Pufferfish/src/common/api.c >> +++ b/Pufferfish/src/common/api.c >> @@ -132,7 +132,7 @@ int PHS (void *out, size_t outlen, const void *in, >> size_t inlen, const void *sal >> return 1; >> } >> >> - memmove (out, hash, strlen (hash)); >> + memmove (out, hash, outlen); >> free (settings); >> free (hash); >> >> Bill > > No, this is incorrect. The `hash' variable in this context is not the > raw hash value, it is the encoded hash plus the hash identifier and > encoded salt string. If you want the raw hash value to e.g. run dieharder tests, then the easiest way is to have PHS() call pfkdf() instead of pufferfish(). Or, call pufferfish() with raw = true instead of raw = false, and change the data type to unsigned char* instead of char*, then apply your s/strlen/outlen/ patch.
Powered by blists - more mailing lists