imported>mutante m (→crypt in PHP) |
imported>mutante mNo edit summary |
||
(5 intermediate revisions by 3 users not shown) | |||
Line 7: | Line 7: | ||
[http://www.opengroup.org/onlinepubs/007908799/xsh/crypt.html crypt,Single UNIX ® Specification] |
[http://www.opengroup.org/onlinepubs/007908799/xsh/crypt.html crypt,Single UNIX ® Specification] |
||
[http://www.zotteljedi.de/doc/crypt.html Crypt und Unix Passwörter (de)] |
|||
=== crypt in Java === |
=== crypt in Java === |
||
Line 23: | Line 24: | ||
CRYPT_STD_DES - Standard DES-based encryption with a two character salt |
CRYPT_STD_DES - Standard [[DES]]-based encryption with a two character salt |
||
CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt |
CRYPT_EXT_DES - Extended [[DES]]-based encryption with a nine character salt |
||
CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$ |
CRYPT_MD5 - [[MD5]] encryption with a twelve character salt starting with $1$ |
||
CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$ |
CRYPT_BLOWFISH - [[Blowfish]] encryption with a sixteen character salt starting with $2$ or $2a$ |
||
Note: There is no decrypt function, since crypt() uses a one-way algorithm. |
Note: There is no decrypt function, since crypt() uses a one-way algorithm. |
||
==== Examples ==== |
==== Examples ==== |
||
Line 136: | Line 137: | ||
yep,nothing i really had to do by myself. [[User:mutante|mutante]] |
yep,nothing i really had to do by myself. [[User:mutante|mutante]] |
||
[[Category:Software]] |
|||
[[Category:Programming]] |
|||
[[Category:Security]] |
|||
[[Category:Wiki]] |
|||
[[Category:Crypto]] |
Latest revision as of 14:52, 29 December 2005
Crypt is a string encoding function (hashing). It is used to encrypt passwords, for example in htaccess password files.
There are different implementations of the crypt function:
Unix Specification[edit]
crypt,Single UNIX ® Specification Crypt und Unix Passwörter (de)
crypt in Java[edit]
Java Implementations of Unix crypt Javascript crypt
PHP crypt -- One-way string encryption (hashing)
crypt in PHP[edit]
crypt() will return an encrypted string using the standard Unix DES-based encryption algorithm or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the Unix man page for your crypt function for more information.
Multiple encryption types[edit]
On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available:
CRYPT_STD_DES - Standard DES-based encryption with a two character salt
CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt
CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$
CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$
Note: There is no decrypt function, since crypt() uses a one-way algorithm.
Examples[edit]
Example 1. crypt() examples <?php $password = crypt('mypassword'); // let the salt be automatically generated /* You should pass the entire results of crypt() as the salt for comparing a password, to avoid problems when different hashing algorithms are used. (As it says above, standard DES-based password hashing uses a 2-character salt, but MD5-based hashing uses 12.) */ if (crypt($user_input, $password) == $password) { echo "Password verified!"; } ?> Example 2. Using crypt() with htpasswd <?php // Set the password $password = 'mypassword'; // Get the hash, letting the salt be automatically generated $hash = crypt($password); ?> Example 3. Using crypt() with different encryption types <?php if (CRYPT_STD_DES == 1) { echo 'Standard DES: ' . crypt('rasmuslerdorf', 'rl') . "\n"; } if (CRYPT_EXT_DES == 1) { echo 'Extended DES: ' . crypt('rasmuslerdorf', '_J9..rasm') . "\n"; } if (CRYPT_MD5 == 1) { echo 'MD5: ' . crypt('rasmuslerdorf', '$1$rasmusle$') . "\n"; } if (CRYPT_BLOWFISH == 1) { echo 'Blowfish: ' . crypt('rasmuslerdorf', '$2a$07$rasmuslerd...........$') . "\n"; } ?> The above example will output something similar to: Standard DES: rl.3StKT.4T8M Extended DES: _J9..rasmBYk8r9AiWNc MD5: $1$rasmusle$rISCgZzpwk3UhDidwXvin0 Blowfish: $2a$07$rasmuslerd............nIdrcHdxcUxWomQX9j6kvERCFjTg7Ra See also md5() and the Mcrypt extension.
from php.net/crypt
Source code to the Unix crypt() function
Using <crypt> on this wiki[edit]
You can use this Wiki to encrypt your passwords on the fly:
<crypt>fnord</crypt>
will return
<crypt>fnord</crypt>
The CryptExtension[edit]
the source for enabling this on Mediawiki is very simple,it just uses the PHP crypt function
<?php # crypt mediawiki extension # by mutante 18.03.2005 $wgExtensionFunctions[] = "wfCryptExtension"; function wfCryptExtension() { global $wgParser; $wgParser->setHook( "crypt", "renderCrypt" ); } function renderCrypt( $input ) { $input = mysql_escape_string($input); $output=crypt('$input'); // http://www.php.net/crypt return $output; } ?>
yep,nothing i really had to do by myself. mutante