cheers Ted, On Tue, 07 Feb 2017 14:50:49 -0500 "Ted Unangst" <t...@tedunangst.com> wrote:
> bytevolc...@safe-mail.net wrote: > > 1. Does the 72-character limit also apply to bcrypt_pbkdf() > > [presumably this will mean softraid(4) crypto won't accept > > passwords >72 chars anymore]? > > No. There is no limit. (The inputs can also contain 0 bytes.) > > > 2. What is the recommended buffer size to be passed to > > bcrypt_pbkdf()? > > This is a strange question. It generates a key which you'd normally > use to encrypt some data. So however much key material you need. > > > 3. In the BUGS section in the bcrypt(3) man page it mentions that > > crypt() returns a pointer to static data. Is it safe/smart to > > assume this constraint also applies to bcrypt() calls? > > Yes. On OpenBSD, the preferred interface is actually crypt_newhash, > which doesn't have this restriction. Looking at the man page, I notice there is also no mention of password length limit or recommended/minimum buffer size. Is this implementation something like bcrypt_pkdf() in disguise?