Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20120118100238.GA27395@openwall.com>
Date: Wed, 18 Jan 2012 14:02:38 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Bit slice implementation of DES based hashes

On Wed, Jan 18, 2012 at 05:21:50AM +0530, Piyush Mittal wrote:
> From my side, there is problem in k pointer only because while fetching
> values from k pointer I am getting error as shown below:
> 
> Breakpoint 1, DES_bs_crypt_Oracle (binary_plain_salt_mix=0x7fffffffc640)
>     at DES_bs_b.c:1267
> 1267        rounds = 8;
> (gdb) p *k[0]@767
> Cannot access memory at address 0x0
> (gdb)
> 
> 
> You can also confirm it by taking Traditional Des and calling from there
> DES_bs_crypt_LM() instead of DES_bs_crypt_25().

When DES_BS_EXPAND is set to 1, and normally it is, DES_bs_crypt_LM()
and DES_bs_crypt_25() differ in where they expect the key pointers to
be.  DES_bs_crypt_LM() expects them in DES_bs_all.KS.p, whereas
DES_bs_crypt_25() expects them in DES_bs_all.KSp (notice the lack of a
dot before "p").  Additionally, in 1.7.8 one had to explicitly call
DES_bs_expand_keys() before DES_bs_crypt_25() - but you don't need that
since you're basing your revised function on DES_bs_crypt_LM() instead
(and DES_bs_expand_keys() is gone in 1.7.9 anyway).

Thus, what I think you need to do is revise DES_bs_init().  Replace its
"int LM" argument with e.g. "int flags", then replace the three uses of
the "LM" variable with checks of the flags as follows:

1. In this piece:

		if (LM)
			k = DES_bs_all.KS.p;
		else
			k = DES_bs_all.KSp;

replace "LM" with "flags" (that is, if any flag is non-zero, use KS.p).

2. On this line:

				if (LM) bit = DES_LM_KP[bit];

replace "LM" with "flags & 1".

3. In this place:

		if (LM) {
			for (c = 0; c < 0x100; c++)
			if (c >= 'a' && c <= 'z')

replace "LM" with "flags".

That way, you do not need to modify any existing calls to DES_bs_init(),
but your new call will pass "2" for the flags, thereby achieving
behavior that neither LM == 0 nor LM == 1 did before.  Specifically,
after a call like this you'll be able to use a revision of
DES_bs_crypt_LM() like I think you're trying to, but it won't have any
LM key setup specifics (except for the implementation detail on which
array the key bit pointers are in).

I feel that I am doing your homework by providing instructions this
specific, though. ;-)

> > Maybe you did not actually add that function in your 1.7.9-jumbo-5 tree
> 
> What does it mean? Are you saying about including header, that I did
> correctly same as of 1.7.8 ?

Not "header", but you did something wrong this time, which you had done
correctly for 1.7.8.  I cannot guess your exact error.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.