lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 06 Apr 2014 07:21:09 -0700
From: Jeremi Gosney <>
Subject: Re: [PHC] pufferfish

On 4/6/2014 7:09 AM, Jeremi Gosney wrote:
> On 4/6/2014 7:03 AM, Bill Cox wrote:
>> Pufferfish has a minor bug in api.c.  I'm not 100% I got the fix
>> right, but I am 100% sure this is a bug.  On line 135, memmove is
>> calling strlen(hash) to determine how much data to copy.  It seems
>> like it should use strlen instead, assuming Pufferfish supports
>> variable out length.  Here's the diff after I made this change:
>> diff --git a/Pufferfish/src/common/api.c b/Pufferfish/src/common/api.c
>> index 288937d..58daf4b 100644
>> --- a/Pufferfish/src/common/api.c
>> +++ b/Pufferfish/src/common/api.c
>> @@ -132,7 +132,7 @@ int PHS (void *out, size_t outlen, const void *in,
>> size_t inlen, const void *sal
>>                  return 1;
>>          }
>> -        memmove (out, hash, strlen (hash));
>> +        memmove (out, hash, outlen);
>>          free (settings);
>>          free (hash);
>> Bill
> No, this is incorrect. The `hash' variable in this context is not the
> raw hash value, it is the encoded hash plus the hash identifier and
> encoded salt string.

If you want the raw hash value to e.g. run dieharder tests, then the
easiest way is to have PHS() call pfkdf() instead of pufferfish().  Or,
call pufferfish() with raw = true instead of raw = false, and change the
data type to unsigned char* instead of char*, then apply your
s/strlen/outlen/ patch.

Powered by blists - more mailing lists