I'd look at the rfc before asking this.
You seem to be looking for application issue (overrun or parse issues) which has nothing to do with the crypto. IIRC the password is padded up to 112 characters - Idr much more than that.
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography