md5 salt
Peter Pentchev
roam at ringlet.net
Mon Sep 15 23:36:40 PDT 2003
On Mon, Sep 15, 2003 at 06:10:04PM -0400, Charles Sprickman wrote:
> Hi,
>
> I was looking at the crypt(3) manpage, and I'm having a hard time figuring
> out what the allowed characters are for the salt in md5 and blowfish
> encryption. For DES, it clearly states that only numbers, letters and
> digits may be used.
>
> Does anyone know the rules for md5/blowfish salt characters?
Well, a quick websearch on 'Modular Crypt Format', the name of the
password format containing encryption algorithm magic, optional number
of rounds, salt, and password hash, did not really turn up any
standards or papers; maybe others would be more knowledgeable in
this area. However, I did find a 07/99 post from Kris Kennaway at
http://www.geocrawler.com/archives/3/169/1999/7/0/2467424/ in which
he mentions that the salt is base64-encoded.
The crypt.c and crypt-md5.c files in src/lib/libcrypt/ do not really
pose any restrictions on the salt, short of the obvious one of its
not containing a '$' character :)
I guess going with the base64 characters would be a good bet.
G'luck,
Peter
--
Peter Pentchev roam at ringlet.net roam at sbnd.net roam at FreeBSD.org
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
If I were you, who would be reading this sentence?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030916/8d321f63/attachment.bin
More information about the freebsd-security
mailing list