Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 23 Jul 2013 19:55:39 +0000
From: "pinto.elia@...il.com" <pinto.elia@...il.com>
To: "crypt-dev@...ts.openwall.com" <crypt-dev@...ts.openwall.com>
Subject: R: NUL bytes in Unix crypt SALT string using SHA-256
 and SHA-512

Perhaps a glibc mailing list should be a better place to ask. Drepper, iirc, was the author of the crypto sha hash.

Best and sorry for the top posting
----Messaggio originale----
Da: hakre
Inviato:  23/07/2013, 18:25 
A: crypt-dev@...ts.openwall.com
Oggetto: [crypt-dev] NUL bytes in Unix crypt SALT string using SHA-256 and SHA-512


Hi list,

I've got a clarification question regarding the (up-to 16 characters used) SALT string for Unix crypt using SHA-256 and SHA-512.

Is it acceptable by the definition of the algorithm to provide 16 NUL bytes? In the meaning that those 16 chars are used as SALT?

Can you share reason why/why not? What is your mental model of this "simple string" for the SALT?

I'm just puzzled while creating some edge-case checks/tests in my own software development and would like to get some kind of feedback I can lean on a bit. 

I assume yours here might be able to share.

So thanks for letting me know if

-- hakre

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ