Antw: Re: SHA-2 and other hashes

["Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>]

>>> "Norman Gray" <gray@nxg.name> schrieb am 03.06.2019 um 16:13 in Nachricht
<BFD15D85-2DCE-4E3A-8CF6-04190CD520C4@nxg.name>:

> Ulrich, hello.
> 
> On 3 Jun 2019, at 13:50, Ulrich Windl wrote:
> 
>> ie, pretty much what I expected ‑‑ but in glibc's crypt(3), the 
>> $5$ and
>>> $6$ hashes are the result of an unspecified number of rounds of such
>>> hashing (the $1$/MD5 glibc hash does appear to be compatible with
>>> OpenLDAP {SMD5}, though).  (Quite possibly everyone else in the world
>>> already knew this, but I didn't!)
>>
>>
>> Hi!
>>
>> First the number of rounds is NOT unspecified: It
>> s explicitly specified, it's optional, and (I think) it defaults to 
>> one.
> 
> Good point -- the number of rounds is indeed exposed.
> 
> If I'm correctly reading crypt/sha256-crypt.c in 
> <https://ftp.gnu.org/gnu/glibc/>, then the default number of rounds is 
> 5000 and, as you say, the number of rounds can be indicated in a 
> param=value clause in the passwd string (as gestured towards in 
> <https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md>).
> 
> But I may have been unclear: by 'unspecified' I meant 'not described in 
> a formal specification' (as far as I can see), so that I would not be 
> comfortable trying to reimplement the glibc password-hashing process 
> based on documentation alone.

Correct; I read the manual, not the source, nad there the default number of
rounds was not mentioned.

> 
> Best wishes,
> 
> Norman
> 
> 
> -- 
> Norman Gray  :  https://nxg.me.uk