samedi 30 janvier 2016

How to get random salt from OpenSSL as std::string

I would like to generate a random string with OpenSSL and use this as a salt in a hashing function afterwards (will be Argon2). Currently I'm generating the random data this way:

if(length < CryptConfig::sMinSaltLen){        
    return 1;
}
if (!sInitialized){
    RAND_poll();
    sInitialized = true;
}

unsigned char * buf = new unsigned char[length];
if (!sInitialized || !RAND_bytes(buf, length)) {      
    return 1;
}

salt = std::string (reinterpret_cast<char*>(buf));
delete buf;

return 0;

But a std::cout of salt doesn't seem to be a proper string (contains control symbols and other stuff). This is most likely only my fault.

Am I using the wrong functions of OpenSSL to generate the random data?

Or is my conversion from buf to string faulty?

Aucun commentaire:

Enregistrer un commentaire