Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 9 Nov 2013 01:50:13 +0100
From: Lukas Odzioba <lukas.odzioba@...il.com>
To: john-dev@...ts.openwall.com
Subject: gpg requires more test vectors

dhiru, magnum, all:
Let's talk about this:
https://github.com/magnumripper/JohnTheRipper/issues/331

I've spent another evening on that, now I would apreciate any help.
GnuPG version 1.4.10 which I tested supports 10 symmetric crypto
algorithms and 7 hash functions used in s2k.
So we need at least 70 test vectors to cover all of them + some
variants of spec_simple, spec_salted.

Our current code does not handle the following algorithms:
3DES, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256, SHA384, SHA224
That's something to add, or at least mention in release notes.

I have a problem with generating keys in batch mode, somehow such
generated key is not crackable so I am doing something wrong or we
have some bug. I tried to import such key to my keyring and then
export it with --export-secret-keys but the result remains the same.

I used the following script to generate keys:
#!/bin/bash
OUT=foo
# $1 - hashtype $2 - symmetric crypt type
function foogen(){
echo "%echo Generating a basic OpenPGP key" >$OUT
echo "Key-Type: RSA" >>$OUT
echo "Key-Length: 1024" >>$OUT
echo "Subkey-Type: RSA" >>$OUT
echo "Subkey-Length: 1024" >>$OUT
echo "Name-Real: JtR" >>$OUT
echo "Name-Comment: pass is $1-$2-openwall" >>$OUT
echo "Name-Email: $1-$2@....bar">> $OUT
echo "Expire-Date: 0">>$OUT
echo "Passphrase: $1-$2-openwall" >>$OUT
echo "%pubring $1-$2.pub" >>$OUT
echo "%secring $1-$2.sec" >>$OUT
echo "%commit" >>$OUT
echo "%echo done" >>$OUT
}
## add %no-protection for gpg2.1+

#for crypt in 3DES CAST5 BLOWFISH AES AES192 AES256 TWOFISH
CAMELLIA128 CAMELLIA192 CAMELLIA256;
#do
#  for hash in MD5 SHA1 RIPEMD160 SHA256 SHA384 SHA512 SHA224;
#  do
# echo "Generating $crypt-$hash..."
# foogen $hash $crypt
# gpg --batch --gen-key --armor --s2k-digest-algo $hash
--s2k-cipher-algo $crypt $OUT
#  done
#done
foogen MD5 AES256
gpg --batch --gen-key --armor --s2k-digest-algo MD5 --s2k-cipher-algo
AES256 $OUT

You can uncomment for's if you want to generate all the keys but this
might take a while.
I am including merged 70 test vectors, john loads only 25 of them as
expected, and cracks 0 of them.
Since gpg2john supports gecos field and password is embedded in
comment john should crack all loaded hashes.
I have no problems with keys generated by "gpg --gen-key" interactive
mode, but it would be crazy to do that manually.

I would apreciate any help in narrowing down the problem.

Thanks,
Lukas

Download attachment "ALL" of type "application/octet-stream" (18889 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.