imported>mutante No edit summary |
imported>mutante mNo edit summary |
||
(6 intermediate revisions by 3 users not shown) | |||
Line 7: | Line 7: | ||
[http://www.opengroup.org/onlinepubs/007908799/xsh/crypt.html crypt,Single UNIX ® Specification] |
[http://www.opengroup.org/onlinepubs/007908799/xsh/crypt.html crypt,Single UNIX ® Specification] |
||
[http://www.zotteljedi.de/doc/crypt.html Crypt und Unix Passwörter (de)] |
|||
=== crypt in Java === |
=== crypt in Java === |
||
Line 14: | Line 15: | ||
[http://www.php.net/crypt PHP crypt -- One-way string encryption (hashing)] |
[http://www.php.net/crypt PHP crypt -- One-way string encryption (hashing)] |
||
=== crypt in PHP === |
=== crypt in [[PHP]] === |
||
In [[PHP]]: |
|||
crypt() will return an encrypted string using the standard [[Unix]] [[DES]]-based encryption [[algorithm]] or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the [[Unix]] [[man page]] for your crypt function for more information. |
crypt() will return an encrypted string using the standard [[Unix]] [[DES]]-based encryption [[algorithm]] or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the [[Unix]] [[man page]] for your crypt function for more information. |
||
==== Multiple encryption types ==== |
|||
On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available: |
On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available: |
||
CRYPT_STD_DES - Standard DES-based encryption with a two character salt |
CRYPT_STD_DES - Standard [[DES]]-based encryption with a two character salt |
||
CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt |
CRYPT_EXT_DES - Extended [[DES]]-based encryption with a nine character salt |
||
CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$ |
CRYPT_MD5 - [[MD5]] encryption with a twelve character salt starting with $1$ |
||
CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$ |
CRYPT_BLOWFISH - [[Blowfish]] encryption with a sixteen character salt starting with $2$ or $2a$ |
||
Note: There is no decrypt function, since crypt() uses a one-way algorithm. |
Note: There is no decrypt function, since crypt() uses a one-way algorithm. |
||
==== Examples ==== |
|||
<pre> |
<pre> |
||
Example 1. crypt() examples |
Example 1. crypt() examples |
||
<?php |
<?php |
||
$password = crypt('mypassword'); // let the salt be automatically generated |
$password = crypt('mypassword'); // let the salt be automatically generated |
||
Line 48: | Line 52: | ||
Example 2. Using crypt() with htpasswd |
Example 2. Using crypt() with htpasswd |
||
<?php |
<?php |
||
// Set the password |
// Set the password |
||
Line 92: | Line 97: | ||
---- |
---- |
||
=== Using <nowiki><crypt></nowiki> on this wiki === |
=== Using <nowiki><crypt></nowiki> on this wiki === |
||
Line 131: | Line 137: | ||
yep,nothing i really had to do by myself. [[User:mutante|mutante]] |
yep,nothing i really had to do by myself. [[User:mutante|mutante]] |
||
[[Category:Software]] |
|||
[[Category:Programming]] |
|||
[[Category:Security]] |
|||
[[Category:Wiki]] |
|||
[[Category:Crypto]] |
Latest revision as of 14:52, 29 December 2005
Crypt is a string encoding function (hashing). It is used to encrypt passwords, for example in htaccess password files.
There are different implementations of the crypt function:
Unix Specification[edit]
crypt,Single UNIX ® Specification Crypt und Unix Passwörter (de)
crypt in Java[edit]
Java Implementations of Unix crypt Javascript crypt
PHP crypt -- One-way string encryption (hashing)
crypt in PHP[edit]
crypt() will return an encrypted string using the standard Unix DES-based encryption algorithm or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the Unix man page for your crypt function for more information.
Multiple encryption types[edit]
On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available:
CRYPT_STD_DES - Standard DES-based encryption with a two character salt
CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt
CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$
CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$
Note: There is no decrypt function, since crypt() uses a one-way algorithm.
Examples[edit]
Example 1. crypt() examples <?php $password = crypt('mypassword'); // let the salt be automatically generated /* You should pass the entire results of crypt() as the salt for comparing a password, to avoid problems when different hashing algorithms are used. (As it says above, standard DES-based password hashing uses a 2-character salt, but MD5-based hashing uses 12.) */ if (crypt($user_input, $password) == $password) { echo "Password verified!"; } ?> Example 2. Using crypt() with htpasswd <?php // Set the password $password = 'mypassword'; // Get the hash, letting the salt be automatically generated $hash = crypt($password); ?> Example 3. Using crypt() with different encryption types <?php if (CRYPT_STD_DES == 1) { echo 'Standard DES: ' . crypt('rasmuslerdorf', 'rl') . "\n"; } if (CRYPT_EXT_DES == 1) { echo 'Extended DES: ' . crypt('rasmuslerdorf', '_J9..rasm') . "\n"; } if (CRYPT_MD5 == 1) { echo 'MD5: ' . crypt('rasmuslerdorf', '$1$rasmusle$') . "\n"; } if (CRYPT_BLOWFISH == 1) { echo 'Blowfish: ' . crypt('rasmuslerdorf', '$2a$07$rasmuslerd...........$') . "\n"; } ?> The above example will output something similar to: Standard DES: rl.3StKT.4T8M Extended DES: _J9..rasmBYk8r9AiWNc MD5: $1$rasmusle$rISCgZzpwk3UhDidwXvin0 Blowfish: $2a$07$rasmuslerd............nIdrcHdxcUxWomQX9j6kvERCFjTg7Ra See also md5() and the Mcrypt extension.
from php.net/crypt
Source code to the Unix crypt() function
Using <crypt> on this wiki[edit]
You can use this Wiki to encrypt your passwords on the fly:
<crypt>fnord</crypt>
will return
<crypt>fnord</crypt>
The CryptExtension[edit]
the source for enabling this on Mediawiki is very simple,it just uses the PHP crypt function
<?php # crypt mediawiki extension # by mutante 18.03.2005 $wgExtensionFunctions[] = "wfCryptExtension"; function wfCryptExtension() { global $wgParser; $wgParser->setHook( "crypt", "renderCrypt" ); } function renderCrypt( $input ) { $input = mysql_escape_string($input); $output=crypt('$input'); // http://www.php.net/crypt return $output; } ?>
yep,nothing i really had to do by myself. mutante