crypt() help

crypt() help

Post by Aaron Fab » Thu, 01 Apr 1999 04:00:00



Greetings,

I need to add a password encryption function to a program I am
writing and I cannot seem to get the function crypt() to work
correctly. I need to be able to create a random salt. Can someone
please show me the correct code to use to produce a random
salt and to correctly invoke the crypt function? (I am adding all
of the proper includes and compiling with the -lcrypt option.)
Thanks in advance!

--
Aaron Faby

System Administrator/Technical Support
Yourlink, Inc.

 
 
 

crypt() help

Post by Emile van berge » Fri, 02 Apr 1999 04:00:00



>I need to add a password encryption function to a program I am
>writing and I cannot seem to get the function crypt() to work
>correctly.

Ah, it's you again... tell me, this isn't about that 'add the password
in one go' thing you posted about earlier? Well, I hope you switched
from PAM to classic style passwords then, because crypt() (man 3 crypt,
by the way) won't get you anywhere otherwise ;-). I'd suggest you get
the source (yes, isn't that great about Free Software) of the
PAM-enabled version of passwd(8) you use and see how it's done.

Hope this is of some help...

--

M.vr.gr. / Best regards,


This e-mail message is 100% electronically degradeable and produced
on a GNU/Linux system.

 
 
 

crypt() help

Post by Dan Merc » Fri, 02 Apr 1999 04:00:00




> Greetings,

> I need to add a password encryption function to a program I am
> writing and I cannot seem to get the function crypt() to work
> correctly. I need to be able to create a random salt. Can someone
> please show me the correct code to use to produce a random
> salt and to correctly invoke the crypt function? (I am adding all
> of the proper includes and compiling with the -lcrypt option.)
> Thanks in advance!

> --
> Aaron Faby

> System Administrator/Technical Support
> Yourlink, Inc.

Here's how I create salts:

#include <stdio.h>
#include <unistd.h>

char *getsalt(saltid)
   int saltid;

   {
   static char salt[3];
   char *saltbuf;

   saltbuf = l64a(saltid);
   salt[2] = '\0';
   salt[0] = (*saltbuf) ? *saltbuf : '.';
   salt[1] = (*saltbuf & *(saltbuf+1)) ? *(saltbuf+1) : '.';
   return salt;
   }

int   main(argc,argv)
   int  argc;
   char **argv;

{
char *salt;

/* seed the random number generator from uid,pid,ppid and current time) */
srand(((unsigned int) time()) % (
   (unsigned int) (getuid() + getpid() + getppid())));

salt = getsalt(rand()%4096);

if you now call crypt:

char *cryptpass = crypt(char *uncrypted_password,char salt[])

then cryptpass will point to a static data area with the 13 character
password,  the first two chars of which are the salt.

--
Dan Mercer

Opinions expressed herein are my own and may not represent those of my employer.

 
 
 

crypt() help

Post by G. Sumner Haye » Fri, 02 Apr 1999 04:00:00



> Here's how I create salts:
[SNIP]
> /* seed the random number generator from uid,pid,ppid and current
> time) */
> srand(((unsigned int) time()) % (
>    (unsigned int) (getuid() + getpid() + getppid())));

> salt = getsalt(rand()%4096);

Don't forget about /dev/random and /dev/urandom if you need strong
random numbers.  Probably not an issue if you're using crypt(), but...

-Sumner

 
 
 

crypt() help

Post by Dan Merc » Fri, 02 Apr 1999 04:00:00





>> Here's how I create salts:
> [SNIP]
>> /* seed the random number generator from uid,pid,ppid and current
>> time) */
>> srand(((unsigned int) time()) % (
>>    (unsigned int) (getuid() + getpid() + getppid())));

>> salt = getsalt(rand()%4096);

> Don't forget about /dev/random and /dev/urandom if you need strong
> random numbers.  Probably not an issue if you're using crypt(), but...

> -Sumner

Not portable constructs - not on HP-UX,  for instance.
Since the salt is limited to 0-4095,  rand is plenty random enough.

--
Dan Mercer

Opinions expressed herein are my own and may not represent those of my employer.

 
 
 

1. srand() rand() and crypt() help please.....

I wrote this code to create the password key for a shadow file. I need
to create 3000 accounts quickly. Problem is that the salt generated by
the rand() function is always the same unless I impose a sleep(1) in the
loop, which slows it down a lot. I guess the SPARC chip has to cycles
too many times for rand() to generate a uniq salt ?  The question is how
can I get a uniq salt value to feed crypt() without imposing a sleep()
function ?

Thanks in advance.

main(argc, argv)
int     argc;
char    *argv[];

{
 int i, x;
 char s[2];
 char *seed_values =
"./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXY
Z";

 if ( argc < 2 ) {
   printf("Usage: %s: password \n",argv[0] );
   exit(ERROR);
 }

 srand(time(NULL));

 for (i = 0; i < 2; i++) {
   s[i] = seed_values[rand() % 64];
 }
 s[i] = '\0';
 printf("%s \n", crypt(argv[1], s));

--
==========================================
Rocke Robertson
PWGSC-GTIS-CPS
Voice (613) 748-4604
Fax   (613) 748-4843

==========================================

  rocker.vcf
< 1K Download

2. How to make SuSe linux support USB

3. Breaking crypt - help

4. S3 screen wraparound

5. crypt() help

6. IP Forwarding Problem

7. unix crypt() vs. AIX crypt()

8. RedHat 6.0 hangs during PPP

9. crypt in C++ just like crypt in c library

10. passwd hashing methods Re: unix crypt() vs. AIX crypt()

11. Does Linux support crypt(1) and crypt(3)?

12. Perl(Crypt::DES, Crypt::IDEA)

13. Help: Need "crypt" to unpack BRLCAD package ..