lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150917121545.GA20574@bolet.org> Date: Thu, 17 Sep 2015 14:15:45 +0200 From: Thomas Pornin <pornin@...et.org> To: discussions@...sword-hashing.net Subject: Re: [PHC] Specification of a modular crypt format On Thu, Sep 17, 2015 at 10:09:31AM +0200, Krisztián Pintér wrote: > another note: a middle ground option would be to standardize the > string in the strict way, but not require parsers to fail if they are > able to make sense of it, but does not conform to the rules. i.e. if a > software produces 001, it is incorrect. but a parser might or might > not parse 001, both are ok. if it parses, it must parse to 1 > obviously. I like that proposal. > i'm not aware of any usual structure for handing a list of strings to > a function that is not ordered. In an object-oriented implementation, the generic parser would be given not a lost of parameters, but an associative map of parameter names to instances that parse the specific parameter values. Languages that offer associative maps with an easy-to-use syntax (in particular scripting languages) tend to rely on hashtables, which do not guarantee any kind of ordering (e.g. Perl associative arrays). For a C implementation, where dynamic allocation is uncomfortable and the standard library lacks anything that looks like an associative map, such an object-oriented implementation would use an array of struct with two fields (parameter name, and pointer to parameter-parsing function), and that would naturally have a fixed order. --Thomas Pornin
Powered by blists - more mailing lists