MD5和SHA512尺寸和安全性

据我所知,如果你谈论md5它可以存储32 characters.我知道,如果超过限制,32 characters它仍然会凑它完美的罚款,但它实际上可能是相同hash的md5( 'a' ),虽然,不可能.

是不是可能是非常危险和不安全然后使用(MD5)salt中md5,甚至没有检查的input的长度password+ salt？

例1:

$pass = md5( 'this is a password' );
$salt = md5( 'this is a salt' );

// Will exceed 32 range and might therefore equal md5( 'a' ) -
// if so this will pass an authorization such as login
md5( $pass . $salt );

例2:

// 32 character password
$pass = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
$salt = 'salt';

// Will also exceed 32 range due to no length check and might equal md5( 'a' )
md5( $pass . $salt );

你不应该这样做:

$pass = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
$salt = 'salt';

if ( strlen( $pass ) + strlen( $salt ) > 32 ) 
  exit;

else
  md5( $pass . $salt );

另外,限制在sha512哪里？512 characters？