 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Fri, Aug 22, 2003 at 04:54:29PM -0400, David Kramer wrote:
> I pass them on the command line so I can play with it until I see it work.
>
>
> #define _XOPEN_SOURCE
> #include <unistd.h>
>
> int main(int argc, char* argv[])
> {
> char* encrypted;
>
> encrypted=crypt(argv[1],argv[2]);
>
> if(encrypted)
> {
> printf("crypt(%s,%s)='%s'\n",argv[1],argv[2],encrypted);
> }
> else
> {
> printf("crypt failed.\n");
> }
>
> }
Code is pretty straightforward. Though your coding style... well,
reminds me of a great quote from Linus:
First off, I'd suggest printing out a copy of the GNU coding
standards, and NOT read it. Burn them, it's a great symbolic
gesture.
<grin>
[See /usr/src/linux*/Documentation/CodingStyle]
> Note: This is a MODIFIED version of my encrypted password, but I
> used the real thing:
Reasonable enough.
> [david at uni crypt]$ sudo grep david /etc/shadow
> david:$1$FOOWOmC8$FOOldOczYfmtvz5PsXyY5/:12023:0:99999:7:::
>
> [david at uni crypt]$ ./cryptprint '$1$FOOWOmC8$' 'FOOldOczYfmtvz5PsXyY5/'
> crypt($1$FOOWOmC8$,FOOldOczYfmtvz5PsXyY5/)='bmSTpBK8h2lrE'
>
> [david at uni crypt]$ ./cryptprint '$1$FOOWOmC8$' 'myrealpassword'
> crypt($1$xTxWOmC8$,myrealpassword)='FOO/XEaUQQYMU'
>
> What comes out doesn't seem to match anything.
I see two problems.
1. You are passing the salt and the key in the wrong order.
2. At least in the first case, you seem to want it to spit out the
unencrypted password. That's not possible. It's a one-way hash
function.
NAME
crypt - password and data encryption
SYNOPSIS
#define _XOPEN_SOURCE
#include <unistd.h>
char *crypt(const char *key, const char *salt);
DESCRIPTION
crypt is the password encryption function. It is based on
the Data Encryption Standard algorithm with variations
intended (among other things) to discourage use of hardware
implementations of a key search.
key is a user's typed password.
So, if you instead try this:
$ ./cryptprint 'myrealpassword' '$1$FOOWOmC8$'
...you should get something that matches the encrypted password in
your passwd file entry. Hopefully. ;-)
If you don't, I'll note that the feature you're relying on is a GNU
extension. You might try not #define-ing _XOPEN_SOURCE, and see if
that makes a difference. You might even #define _GNU_SOURCE instead.
I doubt either will matter much though. I'm too lazy to look in the
include files to see if that does anything useful...
I think I had one other comment, but if I did, it seems to have run
away. Sigh.
--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.
Replying to it will result in undeliverable mail.
Sorry for the inconvenience. Thank the spammers.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20030822/e642234f/attachment.sig>
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
