Re: crypt and null termination

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:

> Look at this from the BSD/OS crypt() manual page:
>
> The crypt function performs password encryption. It is derived from the
> NBS Data Encryption Standard. Additional code has been added to deter
> key search attempts. The first argument to crypt is a NUL-terminated
> string (normally a password typed by a user). The second is a character
> array, 9 bytes in length, consisting of an underscore (``_'') followed by
> 4 bytes of iteration count and 4 bytes of salt. Both the iteration count
> and the salt are encoded with 6 bits per character, least significant
> bits first. The values 0 to 63 are encoded by the characters ``./0-9A-
> Za-z'', respectively.
>
> ...
>
> For compatibility with historical versions of crypt(3), the setting may
> consist of 2 bytes of salt, encoded as above, in which case an iteration
> count of 25 is used, fewer perturbations of DES are available, at most 8
> characters of key are used, and the returned value is a NUL-terminated
> string 13 bytes in length.
>
> It seems to say that the salt passed to crypt should be null-terminated, but
> we call crypt from libpq as:
>
> crypt_pwd = crypt(password, conn->salt);
>
> and conn.salt is char[2]. Isn't this a problem?

I don't think it is. Note that it refers to the salt as a "character
array", not a string. Also, since '_' isn't in the allowed encoding
set, it can tell the difference between a 9-byte salt and a 2-byte
salt without a terminating NUL.

-Doug
--
Free Dmitry Sklyarov!
http://www.freesklyarov.org/

We will return to our regularly scheduled signature shortly.