directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: Password as String or char[]?
Date Tue, 11 Oct 2016 14:14:42 GMT
Le 11/10/16 à 15:55, Shawn McKinney a écrit :
>> On Oct 11, 2016, at 2:20 AM, Emmanuel Lécharny <elecharny@gmail.com> wrote:
>>
>> Forgot to mention that storing the password s provided (ie, 'secret',
>> for instance) is not a good idea. It does not fit the requirement that a
>> password may contain *any* char from 0x00 to 0xFF. We should end up with
>> a String that is a representation of the password in hex form :
>> 736563726574 for 'secret'.
> Struggling with the takeaway…
>
> ‘Yes’ we change the datatype to a String but its value must undergo a transformation
from string(ascii) -> String(hex)?

Yes, to cover all the chars a password may content. But you may also
make it so that the password only contains valid chars (ie, some that
can be stored in a String without being invalid), avoiding this hex
representation.



Mime
View raw message