lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <53416B1B.9050607@bindshell.nl>
Date: Sun, 06 Apr 2014 07:56:27 -0700
From: Jeremi Gosney <epixoip@...dshell.nl>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] pufferfish

On 4/6/2014 7:48 AM, Jeremi Gosney wrote:
> This should work for what you want to do. But note that in this context
> outlen is now specified in bits, not bytes.
>
> --- a/src/common/api.c
> +++ b/src/common/api.c
> @@ -123,18 +123,10 @@ int PHS (void *out, size_t outlen, const void *in,
> size_t inlen, const void *sal
>  {
>          /* required PHS api */
>
> -        char *hash;
> -        char *settings = pf_gensalt (salt, saltlen, t_cost, m_cost);
> +        unsigned char *bytes = pfkdf (outlen, in, t_cost, m_cost);
>
> -        if (! (hash = (char *) pufferfish (in, inlen, settings, outlen,
> false)))
> -        {
> -                free (settings);
> -                return 1;
> -        }
> -
> -        memmove (out, hash, strlen (hash));
> -        free (settings);
> -        free (hash);
> +        memmove (out, bytes, outlen);
> +        free (bytes);
>
>          return 0;
>  }


Oops, sorry.  That should be:

memmove (out, bytes, outlen/8);

Not

memmove (out, bytes, outlen);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ