From e571b890e9175f6fbc0c52c86f534ed1f4f69d6c Mon Sep 17 00:00:00 2001 From: jsteube Date: Wed, 13 Feb 2019 10:03:07 +0100 Subject: [PATCH] Fixed length check for raw PBKDF2 modules --- OpenCL/inc_types.cl | 8 ++++---- src/modules/module_07100.c | 12 ++++++------ src/modules/module_07200.c | 2 +- src/modules/module_09200.c | 2 +- src/modules/module_10000.c | 9 +++++---- src/modules/module_10900.c | 6 +++--- src/modules/module_11900.c | 6 +++--- src/modules/module_12000.c | 6 +++--- src/modules/module_12001.c | 2 +- src/modules/module_12100.c | 6 +++--- tools/test_modules/m12000.pm | 2 +- 11 files changed, 31 insertions(+), 30 deletions(-) diff --git a/OpenCL/inc_types.cl b/OpenCL/inc_types.cl index 0ef79b8a7..ec1a8c8c4 100644 --- a/OpenCL/inc_types.cl +++ b/OpenCL/inc_types.cl @@ -1326,25 +1326,25 @@ typedef struct tc typedef struct pbkdf2_md5 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_md5_t; typedef struct pbkdf2_sha1 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_sha1_t; typedef struct pbkdf2_sha256 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_sha256_t; typedef struct pbkdf2_sha512 { - u32 salt_buf[32]; + u32 salt_buf[64]; } pbkdf2_sha512_t; diff --git a/src/modules/module_07100.c b/src/modules/module_07100.c index 8f8063692..0f488752f 100644 --- a/src/modules/module_07100.c +++ b/src/modules/module_07100.c @@ -42,6 +42,12 @@ u32 module_salt_type (MAYBE_UNUSED const hashconfig_t *hashconfig, const char *module_st_hash (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_HASH; } const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) { return ST_PASS; } +typedef struct pbkdf2_sha512 +{ + u32 salt_buf[64]; + +} pbkdf2_sha512_t; + typedef struct pbkdf2_sha512_tmp { u64 ipad[8]; @@ -52,12 +58,6 @@ typedef struct pbkdf2_sha512_tmp } pbkdf2_sha512_tmp_t; -typedef struct pbkdf2_sha512 -{ - u32 salt_buf[32]; - -} pbkdf2_sha512_t; - static const char *SIGNATURE_SHA512MACOS = "$ml$"; u64 module_tmp_size (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSED const user_options_t *user_options, MAYBE_UNUSED const user_options_extra_t *user_options_extra) diff --git a/src/modules/module_07200.c b/src/modules/module_07200.c index 3390a140f..22330f56a 100644 --- a/src/modules/module_07200.c +++ b/src/modules/module_07200.c @@ -44,7 +44,7 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, typedef struct pbkdf2_sha512 { - u32 salt_buf[32]; + u32 salt_buf[64]; } pbkdf2_sha512_t; diff --git a/src/modules/module_09200.c b/src/modules/module_09200.c index ce3e35b07..0cb17fd4a 100644 --- a/src/modules/module_09200.c +++ b/src/modules/module_09200.c @@ -43,7 +43,7 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, typedef struct pbkdf2_sha256 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_sha256_t; diff --git a/src/modules/module_10000.c b/src/modules/module_10000.c index 9262ddd61..6a8516c35 100644 --- a/src/modules/module_10000.c +++ b/src/modules/module_10000.c @@ -43,7 +43,7 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, typedef struct pbkdf2_sha256 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_sha256_t; @@ -142,10 +142,11 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE memcpy (salt_buf_ptr, salt_pos, salt_len); - salt->salt_len = salt_len; + salt->salt_len = salt_len; - salt_buf_ptr[salt_len + 3] = 0x01; - salt_buf_ptr[salt_len + 4] = 0x80; + //leftover from prehistoric times? + //salt_buf_ptr[salt_len + 3] = 0x01; + //salt_buf_ptr[salt_len + 4] = 0x80; // add some stuff to normal salt to make sorted happy diff --git a/src/modules/module_10900.c b/src/modules/module_10900.c index 2f8494633..e0bc4172e 100644 --- a/src/modules/module_10900.c +++ b/src/modules/module_10900.c @@ -45,7 +45,7 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, typedef struct pbkdf2_sha256 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_sha256_t; @@ -111,8 +111,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE | TOKEN_ATTR_VERIFY_DIGIT; token.sep[2] = ':'; - token.len_min[2] = SALT_MIN; - token.len_max[2] = SALT_MAX; + token.len_min[2] = (SALT_MIN * 8) / 6; + token.len_max[2] = (SALT_MAX * 8) / 6; token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_BASE64A; diff --git a/src/modules/module_11900.c b/src/modules/module_11900.c index 3685fcb55..ef633b9e1 100644 --- a/src/modules/module_11900.c +++ b/src/modules/module_11900.c @@ -45,7 +45,7 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, typedef struct pbkdf2_md5 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_md5_t; @@ -111,8 +111,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE | TOKEN_ATTR_VERIFY_DIGIT; token.sep[2] = ':'; - token.len_min[2] = SALT_MIN; - token.len_max[2] = SALT_MAX; + token.len_min[2] = (SALT_MIN * 8) / 6; + token.len_max[2] = (SALT_MAX * 8) / 6; token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_BASE64A; diff --git a/src/modules/module_12000.c b/src/modules/module_12000.c index 004d473e9..586966d8a 100644 --- a/src/modules/module_12000.c +++ b/src/modules/module_12000.c @@ -55,7 +55,7 @@ typedef struct pbkdf2_sha1_tmp typedef struct pbkdf2_sha1 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_sha1_t; @@ -111,8 +111,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE | TOKEN_ATTR_VERIFY_DIGIT; token.sep[2] = ':'; - token.len_min[2] = SALT_MIN; - token.len_max[2] = SALT_MAX; + token.len_min[2] = (SALT_MIN * 8) / 6; + token.len_max[2] = (SALT_MAX * 8) / 6; token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_BASE64A; diff --git a/src/modules/module_12001.c b/src/modules/module_12001.c index d283c3100..e1ede0d4b 100644 --- a/src/modules/module_12001.c +++ b/src/modules/module_12001.c @@ -54,7 +54,7 @@ typedef struct pbkdf2_sha1_tmp typedef struct pbkdf2_sha1 { - u32 salt_buf[16]; + u32 salt_buf[64]; } pbkdf2_sha1_t; diff --git a/src/modules/module_12100.c b/src/modules/module_12100.c index 1dd8c0144..f3bcb2ceb 100644 --- a/src/modules/module_12100.c +++ b/src/modules/module_12100.c @@ -46,7 +46,7 @@ const char *module_st_pass (MAYBE_UNUSED const hashconfig_t *hashconfig, typedef struct pbkdf2_sha512 { - u32 salt_buf[32]; + u32 salt_buf[64]; } pbkdf2_sha512_t; @@ -112,8 +112,8 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE | TOKEN_ATTR_VERIFY_DIGIT; token.sep[2] = ':'; - token.len_min[2] = SALT_MIN; - token.len_max[2] = SALT_MAX; + token.len_min[2] = (SALT_MIN * 8) / 6; + token.len_max[2] = (SALT_MAX * 8) / 6; token.attr[2] = TOKEN_ATTR_VERIFY_LENGTH | TOKEN_ATTR_VERIFY_BASE64A; diff --git a/tools/test_modules/m12000.pm b/tools/test_modules/m12000.pm index 5815a321e..85047a557 100644 --- a/tools/test_modules/m12000.pm +++ b/tools/test_modules/m12000.pm @@ -11,7 +11,7 @@ use warnings; use MIME::Base64 qw (encode_base64 decode_base64); use Crypt::PBKDF2; -sub module_constraints { [[0, 255], [0, 64], [0, 55], [0, 64], [-1, -1]] } +sub module_constraints { [[0, 255], [0, 255], [-1, -1], [-1, -1], [-1, -1]] } sub module_generate_hash {