Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 29 Jul 2015 04:59:56 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: auditing our use of FMT_* flags

On Tue, Jul 28, 2015 at 12:13:30AM +0200, magnum wrote:
> BTW I don't know much about Domino but it might also be the case that 
> the real application simply rejects 8-bit input (even though the 
> algorithm would handle it) for mitigating codepage mismatch problems. In 
> such a case it might be relevant to not set FMT_CASE.
> 
> WPA-PSK is similar. Many implementations (and, I think, the spec) only 
> allow ASCII characters 0x20-0x7E, ie. printable ASCII. It would be 
> relevant to drop FMT_CASE for that format but I suspect some 
> implementations do allow eg. UTF-8 so I have deferred it. Anyway, the 
> actual algorithm (PBKDF2-HMAC-SHA1) allow and use 8-bit just fine.

I assume you meant FMT_8_BIT rather than FMT_CASE in both paragraphs.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ