lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 6 Apr 2014 10:38:21 -0400
From: Bill Cox <waywardgeek@...il.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] pufferfish

On Sun, Apr 6, 2014 at 10:21 AM, Jeremi Gosney <epixoip@...dshell.nl> wrote:
> On 4/6/2014 7:09 AM, Jeremi Gosney wrote:
>> On 4/6/2014 7:03 AM, Bill Cox wrote:
>>> Pufferfish has a minor bug in api.c.  I'm not 100% I got the fix
>>> right, but I am 100% sure this is a bug.  On line 135, memmove is
>>> calling strlen(hash) to determine how much data to copy.  It seems
>>> like it should use strlen instead, assuming Pufferfish supports
>>> variable out length.  Here's the diff after I made this change:
>>>
>>> diff --git a/Pufferfish/src/common/api.c b/Pufferfish/src/common/api.c
>>> index 288937d..58daf4b 100644
>>> --- a/Pufferfish/src/common/api.c
>>> +++ b/Pufferfish/src/common/api.c
>>> @@ -132,7 +132,7 @@ int PHS (void *out, size_t outlen, const void *in,
>>> size_t inlen, const void *sal
>>>                  return 1;
>>>          }
>>>
>>> -        memmove (out, hash, strlen (hash));
>>> +        memmove (out, hash, outlen);
>>>          free (settings);
>>>          free (hash);
>>>
>>> Bill
>>
>> No, this is incorrect. The `hash' variable in this context is not the
>> raw hash value, it is the encoded hash plus the hash identifier and
>> encoded salt string.
>
>
> If you want the raw hash value to e.g. run dieharder tests, then the
> easiest way is to have PHS() call pfkdf() instead of pufferfish().  Or,
> call pufferfish() with raw = true instead of raw = false, and change the
> data type to unsigned char* instead of char*, then apply your
> s/strlen/outlen/ patch.

Got it.  I do want the raw version.  I'll do this later today.  This
is the last one... all of the other 23 are running!

Bill

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ