On Thu, 13 Feb 2003 20:57:05 -0800 (PST), [EMAIL PROTECTED] (Patricia
Hinman) wrote:
>OOPS mistake corrected
>> I did stumble across a method call to a cryption()
>-------wrong crypt() is the method ------
>
>I have just discovered it is a unix function. It
>doesn't decrypt. One must always crypt user input then
>check for equality.
>if (crypt ($guess, $pass) eq $pass) {
> # guess is correct
> }
>
>I guess that means I can't use it on my Win98 box. I
>was really hoping for a platform independant method.
I can't really say I understand the exact nature of your problem.
You may be running into a problem with crypt and crypt-md5.
Most linux systems will auto detect the crypt used by the $1,
which indicates a md5 hash.
Here is some examples to try and demonstrate crypt.
#!/usr/bin/perl
use Crypt::PasswdMD5;
#The secret to getting crypt to work correctly is in providing
#a salt starting with '$1$' and having 8 characters
#(instead of the normal 2 used for DES-crypt).
#There are similar conventions for using other crypt variants
#(e.g. '$2$' for SHA-crypt).
my $passwd = 'whoopdeedoo';
my $salt = '$1$qwertyuz';
print "md5crypt salt= $salt \n";
print "-------------------------------------\n";
my $crypted = unix_md5_crypt $passwd, $salt;
print "$crypted\n";
my $crypted = crypt $passwd, $salt; #crypt works as well
print "$crypted\n";
print crypt ($passwd, $salt), "\n";
######################################################################
print "#################################################\n";
print "des crypt salt= xy \n";
my $passwd = 'whoopdedoo';
my $salt = 'xy';
print "-------------------------------------\n";
my $crypted = crypt $passwd, $salt;
print "$crypted\n";
print crypt ($passwd, $salt), "\n";
#Note that the MD5-based crypt() is not the same as
#obtaining the hash of your password with Digest::MD5 or similar.
#The algorythm used internally by the MD5-based crypt() uses a
#number of transformations in which the MD5 algorythm is used,
#but is very different.
#Crypt::PasswdMD5 implements this algorythm in Perl,
#allowing you to reproduce the result of said crypt() functions
#in non-*nix systems or systems without a compatible crypt()
#implementation.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
