Difference between revisions of "Crypt"

From s23
Jump to navigation Jump to search
imported>mutante
imported>mutante
m
 
(6 intermediate revisions by 3 users not shown)
Line 7: Line 7:
  
 
[http://www.opengroup.org/onlinepubs/007908799/xsh/crypt.html crypt,Single UNIX ® Specification]
 
[http://www.opengroup.org/onlinepubs/007908799/xsh/crypt.html crypt,Single UNIX ® Specification]
 +
[http://www.zotteljedi.de/doc/crypt.html Crypt und Unix Passwörter (de)]
  
 
=== crypt in Java ===
 
=== crypt in Java ===
Line 14: Line 15:
 
[http://www.php.net/crypt PHP crypt -- One-way string encryption (hashing)]
 
[http://www.php.net/crypt PHP crypt -- One-way string encryption (hashing)]
  
=== crypt in PHP ===
+
=== crypt in [[PHP]] ===
  
In [[PHP]]:
+
crypt() will return an encrypted string using the standard [[Unix]] [[DES]]-based encryption [[algorithm]] or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the [[Unix]] [[man page]] for your crypt function for more information.
  
crypt() will return an encrypted string using the standard [[Unix]] [[DES]]-based encryption [[algorithm]] or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the [[Unix]] [[man page]] for your crypt function for more information.
+
==== Multiple encryption types ====
  
 
On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available:
 
On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available:
  
  
CRYPT_STD_DES - Standard DES-based encryption with a two character salt
+
CRYPT_STD_DES - Standard [[DES]]-based encryption with a two character salt
 +
 
 +
CRYPT_EXT_DES - Extended [[DES]]-based encryption with a nine character salt
  
CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt
+
CRYPT_MD5 - [[MD5]] encryption with a twelve character salt starting with $1$
  
CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$
+
CRYPT_BLOWFISH - [[Blowfish]] encryption with a sixteen character salt starting with $2$ or $2a$  
  
CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$
+
Note: There is no decrypt function, since crypt() uses a one-way algorithm.
  
Note: There is no decrypt function, since crypt() uses a one-way algorithm.
+
==== Examples ====
  
 
<pre>
 
<pre>
 
Example 1. crypt() examples
 
Example 1. crypt() examples
 +
 
<?php
 
<?php
 
$password = crypt('mypassword'); // let the salt be automatically generated
 
$password = crypt('mypassword'); // let the salt be automatically generated
Line 48: Line 52:
  
 
Example 2. Using crypt() with htpasswd
 
Example 2. Using crypt() with htpasswd
 +
 
<?php
 
<?php
 
// Set the password
 
// Set the password
Line 92: Line 97:
  
 
----
 
----
 +
 
=== Using <nowiki><crypt></nowiki> on this wiki ===
 
=== Using <nowiki><crypt></nowiki> on this wiki ===
  
Line 131: Line 137:
  
 
yep,nothing i really had to do by myself. [[User:mutante|mutante]]
 
yep,nothing i really had to do by myself. [[User:mutante|mutante]]
 +
 +
 +
[[Category:Software]]
 +
[[Category:Programming]]
 +
[[Category:Security]]
 +
[[Category:Wiki]]
 +
[[Category:Crypto]]

Latest revision as of 14:52, 29 December 2005

Crypt is a string encoding function (hashing). It is used to encrypt passwords, for example in htaccess password files.

There are different implementations of the crypt function:

Unix Specification[edit]

crypt,Single UNIX ® Specification Crypt und Unix Passwörter (de)

crypt in Java[edit]

Java Implementations of Unix crypt Javascript crypt

PHP crypt -- One-way string encryption (hashing)

crypt in PHP[edit]

crypt() will return an encrypted string using the standard Unix DES-based encryption algorithm or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the Unix man page for your crypt function for more information.

Multiple encryption types[edit]

On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available:


CRYPT_STD_DES - Standard DES-based encryption with a two character salt

CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt

CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$

CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$

Note: There is no decrypt function, since crypt() uses a one-way algorithm.

Examples[edit]

Example 1. crypt() examples

<?php
$password = crypt('mypassword'); // let the salt be automatically generated

/* You should pass the entire results of crypt() as the salt for comparing a
   password, to avoid problems when different hashing algorithms are used. (As
   it says above, standard DES-based password hashing uses a 2-character salt,
   but MD5-based hashing uses 12.) */
if (crypt($user_input, $password) == $password) {
   echo "Password verified!";
}
?>

Example 2. Using crypt() with htpasswd

<?php
// Set the password
$password = 'mypassword';

// Get the hash, letting the salt be automatically generated
$hash = crypt($password);
?>

Example 3. Using crypt() with different encryption types
<?php
if (CRYPT_STD_DES == 1) {
   echo 'Standard DES: ' . crypt('rasmuslerdorf', 'rl') . "\n";
}

if (CRYPT_EXT_DES == 1) {
   echo 'Extended DES: ' . crypt('rasmuslerdorf', '_J9..rasm') . "\n";
}

if (CRYPT_MD5 == 1) {
   echo 'MD5:          ' . crypt('rasmuslerdorf', '$1$rasmusle$') . "\n";
}

if (CRYPT_BLOWFISH == 1) {
   echo 'Blowfish:    ' . crypt('rasmuslerdorf', '$2a$07$rasmuslerd...........$') . "\n";
}
?>

The above example will output something similar to:

Standard DES: rl.3StKT.4T8M
Extended DES: _J9..rasmBYk8r9AiWNc
MD5:          $1$rasmusle$rISCgZzpwk3UhDidwXvin0
Blowfish:     $2a$07$rasmuslerd............nIdrcHdxcUxWomQX9j6kvERCFjTg7Ra

See also md5() and the Mcrypt extension. 

from php.net/crypt


Source code to the Unix crypt() function


Using <crypt> on this wiki[edit]

You can use this Wiki to encrypt your passwords on the fly:

<crypt>fnord</crypt>

will return

<crypt>fnord</crypt>

The CryptExtension[edit]

the source for enabling this on Mediawiki is very simple,it just uses the PHP crypt function

<?php
# crypt mediawiki extension
# by mutante 18.03.2005

$wgExtensionFunctions[] = "wfCryptExtension";

function wfCryptExtension() {
global $wgParser;
$wgParser->setHook( "crypt", "renderCrypt" );
}

function renderCrypt( $input ) {

$input = mysql_escape_string($input);

$output=crypt('$input'); // http://www.php.net/crypt

return $output;
}
?>

yep,nothing i really had to do by myself. mutante