Crypt
From S23Wiki
Crypt is a string encoding function (hashing). It is used to encrypt passwords, for example in htaccess password files.
There are different implementations of the crypt function:
Contents |
[edit] Unix Specification
crypt,Single UNIX ® Specification Crypt und Unix Passwörter (de)
[edit] crypt in Java
Java Implementations of Unix crypt Javascript crypt
PHP crypt -- One-way string encryption (hashing)
[edit] crypt in PHP
crypt() will return an encrypted string using the standard Unix DES-based encryption algorithm or alternative algorithms that may be available on the system. Arguments are a string to be encrypted and an optional salt string to base the encryption on. See the Unix man page for your crypt function for more information.
[edit] Multiple encryption types
On systems where the crypt() function supports multiple encryption types, the following constants are set to 0 or 1 depending on whether the given type is available:
CRYPT_STD_DES - Standard DES-based encryption with a two character salt
CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt
CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$
CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$
Note: There is no decrypt function, since crypt() uses a one-way algorithm.
[edit] Examples
Example 1. crypt() examples
<?php
$password = crypt('mypassword'); // let the salt be automatically generated
/* You should pass the entire results of crypt() as the salt for comparing a
password, to avoid problems when different hashing algorithms are used. (As
it says above, standard DES-based password hashing uses a 2-character salt,
but MD5-based hashing uses 12.) */
if (crypt($user_input, $password) == $password) {
echo "Password verified!";
}
?>
Example 2. Using crypt() with htpasswd
<?php
// Set the password
$password = 'mypassword';
// Get the hash, letting the salt be automatically generated
$hash = crypt($password);
?>
Example 3. Using crypt() with different encryption types
<?php
if (CRYPT_STD_DES == 1) {
echo 'Standard DES: ' . crypt('rasmuslerdorf', 'rl') . "\n";
}
if (CRYPT_EXT_DES == 1) {
echo 'Extended DES: ' . crypt('rasmuslerdorf', '_J9..rasm') . "\n";
}
if (CRYPT_MD5 == 1) {
echo 'MD5: ' . crypt('rasmuslerdorf', '$1$rasmusle$') . "\n";
}
if (CRYPT_BLOWFISH == 1) {
echo 'Blowfish: ' . crypt('rasmuslerdorf', '$2a$07$rasmuslerd...........$') . "\n";
}
?>
The above example will output something similar to:
Standard DES: rl.3StKT.4T8M
Extended DES: _J9..rasmBYk8r9AiWNc
MD5: $1$rasmusle$rISCgZzpwk3UhDidwXvin0
Blowfish: $2a$07$rasmuslerd............nIdrcHdxcUxWomQX9j6kvERCFjTg7Ra
See also md5() and the Mcrypt extension.
from php.net/crypt
Source code to the Unix crypt() function
[edit] Using <crypt> on this wiki
You can use this Wiki to encrypt your passwords on the fly:
<crypt>fnord</crypt>
will return
<crypt>fnord</crypt>
[edit] The CryptExtension
the source for enabling this on Mediawiki is very simple,it just uses the PHP crypt function
<?php
# crypt mediawiki extension
# by mutante 18.03.2005
$wgExtensionFunctions[] = "wfCryptExtension";
function wfCryptExtension() {
global $wgParser;
$wgParser->setHook( "crypt", "renderCrypt" );
}
function renderCrypt( $input ) {
$input = mysql_escape_string($input);
$output=crypt('$input'); // http://www.php.net/crypt
return $output;
}
?>
yep,nothing i really had to do by myself. Mutante
Categories: Software | Programming | Security | Wiki | Crypto
