This algorithm description fails to specify the encoding of the input password. Presumably it is Unicode, but in what encoding UTF-16BE UTF-16LE UTF-16 with a BOM (Byte Ordering Mark) The described algorithms make use of byte-level manipulations which depend on the machine architecture (big endian versus little endian). So it is necessary that all byte ordering assumptions be made explicit.
The specified algorithm can be executed without kowledge of byte ordering. The phrase "Get the single-byte values by iterating through the Unicode characters of the truncated password.
For each character, if the low byte is not equal to 0, take it. Otherwise, take the high byte" specifies how to construct a byte array from a character string in a way independent of the byte order. The phrase might be clarified as "For each character, if the low byte of the Unicode code point of that character is not equal to 0, take it and drop the high byte (regardless of its value). Otherwise, take the high byte". It is unspecified how to deal with code points beyond U+FFFF and with combining characters. (The overall quality of the algorithm, however, is an entirely different matter.) In the recommendation, with PIs, do you mean XML Processing Instructions If yes, how should these be used here
For each character, if the low byte is not equal to 0, take it. Otherwise, take the high byte" specifies how to construct a byte array from a character string in a way independent of the byte order. The phrase might be clarified as "For each character, if the low byte of the Unicode code point of that character is not equal to 0, take it and drop the high byte (regardless of its value). Otherwise, take the high byte". It is unspecified how to deal with code points beyond U+FFFF and with combining characters. (The overall quality of the algorithm, however, is an entirely different matter.) In the recommendation, with PIs, do you mean XML Processing Instructions If yes, how should these be used here
line 13
Part 4, Section 2.15.1.28
te
Proposed Disposition of DIS 29500 Comment DE-0088 (Modified: 2008-01-03) Agreed; the following changes will be made to make this assumption explicit in each algorithm: Part 4, ยง2.15.1.28, page 1,158, line 15: First, the UTF-16 encoded password shall be hashed using the following algorithm . The following steps assume that all words are unsigned, the word size is two bytes, and that bit-level SHL/SHR operations shift in the direction of the highest-order and lowest-order bit, respectively. [Example: 0x61 SHR 1 is 0xC2, as 01100001 shifted one position in the direction of its highest-order bit is 11000010. end example] : Similar Comments: BR-0006 , CL-0091 , CO-0098 , CZ-0053 , GB-0220 , GH-0009 , GR-0027 , IN-0075 , IR-0013 , MY-0021 , PT-0039 , US-0052 , UY-0017 , VE-0018
