[prev in list] [next in list] [prev in thread] [next in thread]
List: john-users
Subject: Re: [john-users] using john to decrypt DES hashes
From: Solar Designer <solar () openwall ! com>
Date: 2022-10-28 13:30:04
Message-ID: 20221028133003.GA16587 () openwall ! com
[Download RAW message or body]
On Fri, Oct 28, 2022 at 02:31:41PM +0200, Matthias Apitz wrote:
> I have implemented this now in all our C-written application
> servers. The clear PIN is hashed by:
>
> hash = MakeCryptYescrypt(MakeCryptDes(PIN), NULL);
> and the hash is stored in the database row for the user
>
> The check if the PIN is correct entered is made by
>
> if (strcmp(hash, MakeCryptYescrypt(MakeCryptMakeCryptDes(PIN), hash)) == 0) {
> /* PIN is good */
> }
>
> This is all fine now.
>
> The last problem to solve is, that also some Java-written application is
> doing the same encryption and checks and I can find any Java
> implementation of yescrypt. Before writing a NIF to a C-function, I
> wanted to ask the experts. If there is a better mailing list in
> openwall.com, please point me to this as well.
We definitely need to take this off the john-users list. There is a
list for yescrypt:
https://www.openwall.com/lists/yescrypt/
It's mostly unused so far, but that shouldn't stop you from joining it
and starting to post there.
Alexander
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic