Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 16 Mar 2013 22:15:50 +0530
From: Dhiru Kholia <>
Subject: Re: Cisco - Password type 4 - SHA256

On Sat, Mar 16, 2013 at 9:58 PM, Frank Dittrich
<> wrote:
> On 03/16/2013 02:54 PM, Dhiru Kholia wrote:
> Your implementation uses PLAINTEXT_LENGTH 125.
> Is the max. length supported by Cisco documented somewhere, or can you
> test it?

It is 25. I have fixed my code.

> Also, can you make sure the algorithm really distinguishes upper and
> lower case characters?

Good point. I will test this today.

> What about trying some non-ascii characters?
> You specified FMT_8_BIT, so you should verify that those characters are
> not "truncated" to 7 bits (or even converted to UTF-8).

Sorry. I don't understand this stuff at all.

> The valid() implementation could need additional checks.

Right. I was racing to finish this format ;). I will fix this soon.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.