Difference between revisions of "Crypt"

From s23
Jump to navigation Jump to search
Line 1: Line 1:
Crypt is a string encoding function (hashing).
#REDIRECT [[Wikipedia:Image:Autofellatio_2.jpg]]
It is used to encrypt passwords, for example in [[htaccess]] password files.
There are different implementations of the crypt function:
=== Unix Specification ===
[http://www.opengroup.org/onlinepubs/007908799/xsh/crypt.html crypt,Single UNIX ® Specification]
[http://www.zotteljedi.de/doc/crypt.html Crypt und Unix Passwörter (de)]
=== crypt in Java ===
[http://www.dynamic.net.au/christos/crypt/ Java Implementations of Unix crypt] [http://javascript.internet.com/passwords/unix-crypt(3)-encryption.html Javascript crypt]
[http://www.php.net/crypt PHP crypt -- One-way string encryption (hashing)]
=== crypt in [[PHP]] ===
crypt() will return an encrypted string using the standard [[Unix]] [[DES]]-based encryption [[algorithm]] or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the [[Unix]] [[man page]] for your crypt function for more information.
==== Multiple encryption types ====
On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available:
CRYPT_STD_DES - Standard [[DES]]-based encryption with a two character salt
CRYPT_EXT_DES - Extended [[DES]]-based encryption with a nine character salt
CRYPT_MD5 - [[MD5]] encryption with a twelve character salt starting with $1$
CRYPT_BLOWFISH - [[Blowfish]] encryption with a sixteen character salt starting with $2$ or $2a$
Note: There is no decrypt function, since crypt() uses a one-way algorithm.
==== Examples ====
Example 1. crypt() examples
$password = crypt('mypassword'); // let the salt be automatically generated
/* You should pass the entire results of crypt() as the salt for comparing a
  password, to avoid problems when different hashing algorithms are used. (As
  it says above, standard DES-based password hashing uses a 2-character salt,
  but MD5-based hashing uses 12.) */
if (crypt($user_input, $password) == $password) {
  echo "Password verified!";
Example 2. Using crypt() with htpasswd
// Set the password
$password = 'mypassword';
// Get the hash, letting the salt be automatically generated
$hash = crypt($password);
Example 3. Using crypt() with different encryption types
if (CRYPT_STD_DES == 1) {
  echo 'Standard DES: ' . crypt('rasmuslerdorf', 'rl') . "\n";
if (CRYPT_EXT_DES == 1) {
  echo 'Extended DES: ' . crypt('rasmuslerdorf', '_J9..rasm') . "\n";
if (CRYPT_MD5 == 1) {
  echo 'MD5:         ' . crypt('rasmuslerdorf', '$1$rasmusle$') . "\n";
if (CRYPT_BLOWFISH == 1) {
  echo 'Blowfish:    ' . crypt('rasmuslerdorf', '$2a$07$rasmuslerd...........$') . "\n";
The above example will output something similar to:
Standard DES: rl.3StKT.4T8M
Extended DES: _J9..rasmBYk8r9AiWNc
MD5:          $1$rasmusle$rISCgZzpwk3UhDidwXvin0
Blowfish:    $2a$07$rasmuslerd............nIdrcHdxcUxWomQX9j6kvERCFjTg7Ra
See also md5() and the Mcrypt extension.
from [http://www.php.net/crypt php.net/crypt]
[http://home.iitk.ac.in/student/apurvams/crypt-c.html Source code to the Unix crypt() function]
=== Using <nowiki><crypt></nowiki> on this wiki ===
You can use this Wiki to encrypt your passwords on the fly:
will return
=== The CryptExtension ===
the source for enabling this on [[Mediawiki]] is very simple,it just
uses the [[PHP]] crypt function
# crypt mediawiki extension
# by mutante 18.03.2005
$wgExtensionFunctions[] = "wfCryptExtension";
function wfCryptExtension() {
global $wgParser;
$wgParser->setHook( "crypt", "renderCrypt" );
function renderCrypt( $input ) {
$input = mysql_escape_string($input);
$output=crypt('$input'); // http://www.php.net/crypt
return $output;
yep,nothing i really had to do by myself. [[User:mutante|mutante]]

Revision as of 02:39, 30 March 2005