Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 23 Jul 2013 17:25:14 +0100 (BST)
From: hakre <hanskrentel@...oo.de>
To: "crypt-dev@...ts.openwall.com" <crypt-dev@...ts.openwall.com>
Subject: NUL bytes in Unix crypt SALT string using SHA-256 and SHA-512

Hi list,

I've got a clarification question regarding the (up-to 16 characters used) SALT string for Unix crypt using SHA-256 and SHA-512.

Is it acceptable by the definition of the algorithm to provide 16 NUL bytes? In the meaning that those 16 chars are used as SALT?

Can you share reason why/why not? What is your mental model of this "simple string" for the SALT?

I'm just puzzled while creating some edge-case checks/tests in my own software development and would like to get some kind of feedback I can lean on a bit. 

I assume yours here might be able to share.

So thanks for letting me know if

-- hakre

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ