Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <BLU0-SMTP435F560A36962716A61D824FDFC0@phx.gbl>
Date: Fri, 22 Jun 2012 11:01:28 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Re: EPiServer format fails on 32-bit builds.

On 06/22/2012 10:33 AM, Dhiru Kholia wrote:
> On Fri, Jun 22, 2012 at 1:59 PM, Frank Dittrich
> <frank_dittrich@...mail.com> wrote:
>> On 06/22/2012 10:03 AM, Dhiru Kholia wrote:
>>> data = base64.decodestring("fGJ2wn/5WlzqQoDeCA2kXA==")
>>> print len(data) # 16
>>
>> Then I don't understand why unsigned char esalt[16] wasn't large enough
>> for the test vector.
> 
> I haven't checked the source of base64_decode function but it needed
> one byte more than 16 to function correctly.

Yes, the base64_decode function needs a buffer size of
(input_buffer_size / 4 * 3), so 18 is correct in this case.
Meanwhile I found a source stating that the salt size is always 16 bytes

So, the following is most likely correct:

>> SHA1_Update(&ctx, cur_salt->esalt, 16);


>> May be the format isn't even properly named, because it is not specific
>> to EPiServer, but any application using the Microsoft .NET framework?
> 
> Okay. What should we name it then? Any examples for applications using
> the same hashing scheme would be good.

No idea.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.