From grail at goldweb.com.au Tue Jun 5 20:09:13 2012 From: grail at goldweb.com.au (Alex Satrapa) Date: Wed, 6 Jun 2012 13:09:13 +1000 Subject: [Canberra-pm] crypt behaviour Message-ID: <21A29AAD-B94E-48B5-8DEC-9CB44CCCA13C@goldweb.com.au> According to http://www.perlmonks.com/?node_id=62392 there is a means to get crypt to use MD5 by providing an 8-byte salt preceded by $1$. This doesn't work on Mac OS X or, as indicated on that page, under Active Perl for Windows. Does anyone know where this MD5 magic behavior of crypt is documented? Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332 From adam.clarke at strategicdata.com.au Tue Jun 5 20:19:43 2012 From: adam.clarke at strategicdata.com.au (Adam Clarke) Date: Wed, 6 Jun 2012 13:19:43 +1000 Subject: [Canberra-pm] crypt behaviour In-Reply-To: <21A29AAD-B94E-48B5-8DEC-9CB44CCCA13C@goldweb.com.au> References: <21A29AAD-B94E-48B5-8DEC-9CB44CCCA13C@goldweb.com.au> Message-ID: <62796424-7A81-4F8E-A0FD-5CC95AFFEB69@strategicdata.com.au> From crypt(3) manpage on an old (Etch) Debian box ... GNU EXTENSION The glibc2 version of this function has the following additional fea? tures. If salt is a character string starting with the three charac? ters "$1$" followed by at most eight characters, and optionally termi? nated by "$", then instead of using the DES machine, the glibc crypt function uses an MD5-based algorithm, and outputs up to 34 bytes, namely "$1$$", where "" stands for the up to 8 charac? ters following "$1$" in the salt, followed by 22 bytes chosen from the set [a?zA?Z0?9./]. The entire key is significant here (instead of only the first 8 bytes). On 06/06/2012, at 1:09 PM, Alex Satrapa wrote: > According to http://www.perlmonks.com/?node_id=62392 there is a means to get crypt to use MD5 by providing an 8-byte salt preceded by $1$. > > This doesn't work on Mac OS X or, as indicated on that page, under Active Perl for Windows. > > Does anyone know where this MD5 magic behavior of crypt is documented? > > Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332 > _______________________________________________ > Canberra-pm mailing list > Canberra-pm at pm.org > http://mail.pm.org/mailman/listinfo/canberra-pm From grail at goldweb.com.au Tue Jun 5 20:38:28 2012 From: grail at goldweb.com.au (Alex Satrapa) Date: Wed, 6 Jun 2012 13:38:28 +1000 Subject: [Canberra-pm] crypt behaviour In-Reply-To: <62796424-7A81-4F8E-A0FD-5CC95AFFEB69@strategicdata.com.au> References: <21A29AAD-B94E-48B5-8DEC-9CB44CCCA13C@goldweb.com.au> <62796424-7A81-4F8E-A0FD-5CC95AFFEB69@strategicdata.com.au> Message-ID: <486D9BE3-5753-4BF5-9015-668A5B0FF0E6@goldweb.com.au> Ah, I found the Perl module of interest: Crypt::PasswdMD5 So rather than $crypted = crypt('password', 'salt'); Use Crypt::PasswdMD5; $crypted = unix_md5_crypt('password', 'salt'); But then you no longer have the protection of using a crypt feature that many people dont know about (say, the people migrating your software to Mac OS X or Windows) :) Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332 On 06/06/2012, at 13:19, Adam Clarke wrote: > From crypt(3) manpage on an old (Etch) Debian box ... > > GNU EXTENSION > The glibc2 version of this function has the following additional fea? > tures. If salt is a character string starting with the three charac? > ters "$1$" followed by at most eight characters, and optionally termi? > nated by "$", then instead of using the DES machine, the glibc crypt > function uses an MD5-based algorithm, and outputs up to 34 bytes, > namely "$1$$", where "" stands for the up to 8 charac? > ters following "$1$" in the salt, followed by 22 bytes chosen from the > set [a?zA?Z0?9./]. The entire key is significant here (instead of only > the first 8 bytes). > > On 06/06/2012, at 1:09 PM, Alex Satrapa wrote: > >> According to http://www.perlmonks.com/?node_id=62392 there is a means to get crypt to use MD5 by providing an 8-byte salt preceded by $1$. >> >> This doesn't work on Mac OS X or, as indicated on that page, under Active Perl for Windows. >> >> Does anyone know where this MD5 magic behavior of crypt is documented? >> >> Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332 >> _______________________________________________ >> Canberra-pm mailing list >> Canberra-pm at pm.org >> http://mail.pm.org/mailman/listinfo/canberra-pm > > _______________________________________________ > Canberra-pm mailing list > Canberra-pm at pm.org > http://mail.pm.org/mailman/listinfo/canberra-pm