Date: Wed, 29 Aug 2012 10:30:12 -0400 From: Rich Felker <dalias@...ifal.cx> To: musl@...ts.openwall.com Subject: Re: Help-wanted tasks for musl On Wed, Aug 29, 2012 at 01:35:06AM +0200, Szabolcs Nagy wrote: > * Szabolcs Nagy <nsz@...t70.net> [2012-08-28 22:09:42 +0200]: > > * Rich Felker <dalias@...ifal.cx> [2012-08-19 22:12:23 -0400]: > > > On Mon, Aug 20, 2012 at 03:58:54AM +0200, Szabolcs Nagy wrote: > > > > sha and md5 crypt does not decode the salt > > > > it is directly passed to a hash function > > > > > > Ah, that makes it uglier then, because presumably some of these > > > malformed things you mentioned are "valid" salt. > > > > > > > i modified my sha crypt implementation so it is very strict > > about the rounds= part of the salt and checks for key length > > > > removed the unrolling, modified key limit and added salt check: see the attached for my proposed changes. rich View attachment "crypt_sha256.c" of type "text/plain" (8585 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.