john-dev - Re: Re: [patch] optional new raw sha1 implemetation

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <20120616234600.GI31349@cmpxchg8b.com>
Date: Sun, 17 Jun 2012 01:46:00 +0200
From: Tavis Ormandy <taviso@...xchg8b.com>
To: john-dev@...ts.openwall.com
Subject: Re: Re: [patch] optional new raw sha1 implemetation

On Sun, Jun 17, 2012 at 01:42:07AM +0200, magnum wrote:
> >>On a third thought, are we not actually guaranteed there will be a
> >>zero byte? They are zeroed in set_key().
> >>
> >>magnum
> >
> >I dont think so, for example, consider testing two 15 byte keys, I would
> >store them in contiguous aligned buffers like this:
> >
> >41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 80
> >41 41 41 41 41 41 41 41 41 41 41 41 41 41 42 80
> >00 00 00 ...
> >
> >get_key(0) with strrchr would return AAAAAAAAA\x80AAAAAAAAAAAB, no?
> 
> OK, so let's just put a zero in ((unsigned char*)key)[15] before the
> strrchr. That ought to work fine, right?
> 
> magnum

Hmm, you mean make key[] in sha1_fmt_get_key 5 instead of 4? Hmm, I think
that sounds okay.

Tavis.

-- 
-------------------------------------
taviso@...xchg8b.com | pgp encrypted mail preferred
-------------------------------------------------------

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.