openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
https://www.openwall.com/john/
Other
10.4k stars 2.11k forks source link

Extended support for gpg keys #5254

Open snooppr opened 1 year ago

snooppr commented 1 year ago

In Debian 10, by default in GnuPG, the CLI utility: gpg generates a key pair (RSA/DSA) and nothing more. gpg_debian10

I checked the $ john/run/gpg2john gpg_key.asc #The hash is retrieved correctly and is subject to password recovery.

But updated versions of GnuPG now generate a key pair (ECC:Curve25519) by default.

spoiler: gpg_cli v2.3.6 ![gpg_cli](https://user-images.githubusercontent.com/61022210/224985979-7b75226e-79d7-420e-a092-d01fec397f52.png)

And the routine for extracting the hash is not able to extract the hash of this encryption (maybe john himself does not support this encryption format). The user will always get an error: $ john/run/gpg2john gpg_ecc_john.asc

File gpg_ecc_john.asc Unknown public key(pub 19) Bad parameter: encrypted_Secret_Key(len=-1, sha1=0), len can not be negative.

Although I have Kleopatra/KDE gpg/pgp key management software installed on my Debian 10, when generating keys, it has long been possible to choose a cryptographic algorithm (not RSA/DSA), but cv25519:

spoiler: kleopatra-cv25519/ ![kleopatra_kde](https://user-images.githubusercontent.com/61022210/224987994-93112ee8-6151-4d9c-ae76-96d9bc367bd7.png)

I generated such key in gpg CLI on Termux under name "gpg_ecc_john.asc" password "johnjohn666" And tested it on Debian 10 it imported successfully and encrypts data. You can practice on it (note — I’m not sure that in the Russian Federation it’s so easy for citizens to engage in cryptography and removed the link to the key.):

spoiler: kleopatra import gpg_ecc_john.asc/ ![gpg_ecc](https://user-images.githubusercontent.com/61022210/224989435-f809673a-3608-4e32-93d8-df6fbff2a236.png)

JtR does not fully work with GPG keys, it might be worth considering a request to support this encryption algorithm (in the future / already it will become preferable, judging by its purpose when generating keys by default).

This is a continuation from here: https://github.com/openwall/john/issues/5252#issuecomment-1467751212

pwrbob commented 1 year ago

Here is a program that can be used to extract hashes from encrypted secret key files in the OpenPGP format, and also works with EC keys: https://github.com/pwrbob/pgp2hc. It's compatible with john hash types when using the --format=john flag.