On Wed, 13 Feb 2002, Cameron Simpson wrote: > On 21:06 12 Feb 2002, ramzez <[EMAIL PROTECTED]> wrote: > | I want to make an app in C... and I need to encript passwords for users of > | my app and I want to use the same method of linux (the users aren't the same > | of linux)... How do I do that ?? > > You want the crypt(3) function - see "man 3 crypt". But only use it > for compatibilty reasons - computationally it's too weak for security - > you can brute force the hashes it creates these days.
Even that may not be compatible. For instance, my Red Hat 7.0 system used MD5, not crypt. If you need something simple but not unbreakable though, crypt is a good option. Now I will give you the hard-to-find piece of information that will make this easy for you. When you call crypt, it wants the string to encrypt and a "salt". The salt is sort of like a seed for a random number generator. It gets plugged into the hash algorithm. So let's say you encrypt the user's password, which is "hakrdude", and you randomy pick a salt of "Pi" (you always want to use a random salt of two alphanumeric characters). Later on, the user types in their password, and you need to see if it matches. But how do you know what seed was used? The seed is the first two characters of the encrypted password. Another example, from a .htpasswd file, which DOES use crypt: carol:HxgqnOVteUhrg The password for carol is "pwcarol". So when the user types in that password, you grab the "Hx" from the encrypted password, call crypt with a string of "pwcarol" and a salt of "Hx", and you get back "HxgqnOVteUhrg"! Then you know they typed in the right password. The key to getting your head around this is that this is a one-way hash algorithm, which means that you can NEVER algorithmicly derive the original password from the encrypted one. You can only verify whether a given password matches when crypted with the same salt. --- DDDD David Kramer http://thekramers.net DK KD "In a time of drastic change it is the learners who inherit DKK D the future. The learned usually find themselves equipped to DK KD live in a world that no longer exists." DDDD - Eric Hoffer (1902-1983) _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
