Fixed length check for raw PBKDF2 modules

OpenCL/inc_types.cl

@@ -1326,25 +1326,25 @@ typedef struct tc
 
 typedef struct pbkdf2_md5
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_md5_t;
 
 typedef struct pbkdf2_sha1
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_sha1_t;
 
 typedef struct pbkdf2_sha256
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_sha256_t;
 
 typedef struct pbkdf2_sha512
 {
-  u32 salt_buf[32];
+  u32 salt_buf[64];
 
 } pbkdf2_sha512_t;
 

src/modules/module_07100.c

@@ -42,6 +42,12 @@ u32         module_salt_type      (MAYBE_UNUSED const hashconfig_t *hashconfig,
 const char *module_st_hash        (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH;         }
 const char *module_st_pass        (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS;         }
 
+typedef struct pbkdf2_sha512
+{
+  u32 salt_buf[64];
+
+} pbkdf2_sha512_t;
+
 typedef struct pbkdf2_sha512_tmp
 {
   u64  ipad[8];
@@ -52,12 +58,6 @@ typedef struct pbkdf2_sha512_tmp
 
 } pbkdf2_sha512_tmp_t;
 
-typedef struct pbkdf2_sha512
-{
-  u32 salt_buf[32];
-
-} pbkdf2_sha512_t;
-
 static const char *SIGNATURE_SHA512MACOS = "$ml$";
 
 u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra)

src/modules/module_07200.c

@@ -44,7 +44,7 @@ const char *module_st_pass        (MAYBE_UNUSED const hashconfig_t *hashconfig,
 
 typedef struct pbkdf2_sha512
 {
-  u32 salt_buf[32];
+  u32 salt_buf[64];
 
 } pbkdf2_sha512_t;
 

src/modules/module_09200.c

@@ -43,7 +43,7 @@ const char *module_st_pass        (MAYBE_UNUSED const hashconfig_t *hashconfig,
 
 typedef struct pbkdf2_sha256
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_sha256_t;
 

src/modules/module_10000.c

@@ -43,7 +43,7 @@ const char *module_st_pass        (MAYBE_UNUSED const hashconfig_t *hashconfig,
 
 typedef struct pbkdf2_sha256
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_sha256_t;
 
@@ -142,10 +142,11 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
 
   memcpy (salt_buf_ptr, salt_pos, salt_len);
 
-  salt->salt_len  = salt_len;
+  salt->salt_len = salt_len;
 
-  salt_buf_ptr[salt_len + 3] = 0x01;
-  salt_buf_ptr[salt_len + 4] = 0x80;
+  //leftover from prehistoric times?
+  //salt_buf_ptr[salt_len + 3] = 0x01;
+  //salt_buf_ptr[salt_len + 4] = 0x80;
 
   // add some stuff to normal salt to make sorted happy
 

src/modules/module_10900.c

@@ -45,7 +45,7 @@ const char *module_st_pass        (MAYBE_UNUSED const hashconfig_t *hashconfig,
 
 typedef struct pbkdf2_sha256
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_sha256_t;
 
@@ -111,8 +111,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
                    | TOKEN_ATTR_VERIFY_DIGIT;
 
   token.sep[2]     = ':';
-  token.len_min[2] = SALT_MIN;
-  token.len_max[2] = SALT_MAX;
+  token.len_min[2] = (SALT_MIN * 8) / 6;
+  token.len_max[2] = (SALT_MAX * 8) / 6;
   token.attr[2]    = TOKEN_ATTR_VERIFY_LENGTH
                    | TOKEN_ATTR_VERIFY_BASE64A;
 

src/modules/module_11900.c

@@ -45,7 +45,7 @@ const char *module_st_pass        (MAYBE_UNUSED const hashconfig_t *hashconfig,
 
 typedef struct pbkdf2_md5
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_md5_t;
 
@@ -111,8 +111,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
                    | TOKEN_ATTR_VERIFY_DIGIT;
 
   token.sep[2]     = ':';
-  token.len_min[2] = SALT_MIN;
-  token.len_max[2] = SALT_MAX;
+  token.len_min[2] = (SALT_MIN * 8) / 6;
+  token.len_max[2] = (SALT_MAX * 8) / 6;
   token.attr[2]    = TOKEN_ATTR_VERIFY_LENGTH
                    | TOKEN_ATTR_VERIFY_BASE64A;
 

src/modules/module_12000.c

@@ -55,7 +55,7 @@ typedef struct pbkdf2_sha1_tmp
 
 typedef struct pbkdf2_sha1
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_sha1_t;
 
@@ -111,8 +111,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
                    | TOKEN_ATTR_VERIFY_DIGIT;
 
   token.sep[2]     = ':';
-  token.len_min[2] = SALT_MIN;
-  token.len_max[2] = SALT_MAX;
+  token.len_min[2] = (SALT_MIN * 8) / 6;
+  token.len_max[2] = (SALT_MAX * 8) / 6;
   token.attr[2]    = TOKEN_ATTR_VERIFY_LENGTH
                    | TOKEN_ATTR_VERIFY_BASE64A;
 

src/modules/module_12001.c

@@ -54,7 +54,7 @@ typedef struct pbkdf2_sha1_tmp
 
 typedef struct pbkdf2_sha1
 {
-  u32 salt_buf[16];
+  u32 salt_buf[64];
 
 } pbkdf2_sha1_t;
 

src/modules/module_12100.c

@@ -46,7 +46,7 @@ const char *module_st_pass        (MAYBE_UNUSED const hashconfig_t *hashconfig,
 
 typedef struct pbkdf2_sha512
 {
-  u32 salt_buf[32];
+  u32 salt_buf[64];
 
 } pbkdf2_sha512_t;
 
@@ -112,8 +112,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
                    | TOKEN_ATTR_VERIFY_DIGIT;
 
   token.sep[2]     = ':';
-  token.len_min[2] = SALT_MIN;
-  token.len_max[2] = SALT_MAX;
+  token.len_min[2] = (SALT_MIN * 8) / 6;
+  token.len_max[2] = (SALT_MAX * 8) / 6;
   token.attr[2]    = TOKEN_ATTR_VERIFY_LENGTH
                    | TOKEN_ATTR_VERIFY_BASE64A;
 

tools/test_modules/m12000.pm

@@ -11,7 +11,7 @@ use warnings;
 use MIME::Base64 qw (encode_base64 decode_base64);
 use Crypt::PBKDF2;
 
-sub module_constraints { [[0, 255], [0, 64], [0, 55], [0, 64], [-1, -1]] }
+sub module_constraints { [[0, 255], [0, 255], [-1, -1], [-1, -1], [-1, -1]] }
 
 sub module_generate_hash
 {