2.4.4.1 Password Hash Data Structure

  • Article

The password data structure specifies a password hash and additional random byte data to obfuscate the hash.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

Reserved

GrbitKey

GrbithashNull

KeyNoNulls

PasswordHashNoNulls

Terminator

Reserved (1 byte): MUST be 0xFF. MUST be ignored.

GrbitKey (4 bits): Each bit specifies a corresponding null byte of Key as specified by Encode Nulls (section 2.4.4.2).

GrbitHashNull (20 bits): Each bit specifies a corresponding null byte of PasswordHash as specified by Encode Nulls (section 2.4.4.2).

KeyNoNulls (4 bytes): Specifies the Key for the Password Hash Algorithm (section 2.4.4.4) with null bytes removed as specified by Encode Nulls (section 2.4.4.2). Key is any value.

Key is encoded into KeyNoNulls as specified by the following pseudocode: 

 CALL Encode Nulls (section 2.4.4.2) with Key RETURNING GrbitKey and KeyNoNulls

Decoding is specified by the following pseudocode: 

 CALL Decode Nulls (section 2.4.4.3) with KeyNoNulls and GrbitKey RETURNING Key

PasswordHashNoNulls (20 bytes): Specifies the PasswordHash result of the Password Hash Algorithm (section 2.4.4.4) with null bytes removed as specified by Encode Nulls (section 2.4.4.2).

PasswordHash is the 160-bit cryptographic digest of a password combined with Key as specified by Password Hash Algorithm (section 2.4.4.4).

Encoding is specified by the following pseudocode: 

 CALL Encode Nulls (section 2.4.4.2) with PasswordHash RETURNING GrbitHashNull and PasswordHashNoNulls

Decoding is specified by the following pseudocode: 

 CALL Decode Nulls (section 2.4.4.3) with PasswordHashNoNulls and GrbitHashNull RETURNING PasswordHash

Terminator (1 byte): MUST be 0x00.