Long story short. I want to use Mac OS/X and PHP. I have a db with
passwords stored under Linux using the crypt("foo", "$1$".$salt."$);
scheme. This means that crypt should execute a CRYPT_MD5 password hash.
I know that Mac OS/X only supports the two DES'. So is there a way I can
use mcrypt, or mhash or ANY library to reproduce php's CRYPT_MD5 crypt()
call?
I don't really have a choice to use another password hash scheme, as the
data is being given to me. I have tried almost everything to produce the
same output to no avail:
Under Linux, php has a crypt() function which takes the md5 format (and
blowfish). This will produce a hash of:
<<CRYPT MAGIC><< 8 CHAR USER SALT>$ <<HASHED PW>>
$1$ FpsaEXUM $ rXsH1UzUs6w3vfik/wHGr.
PHP supports DES under Mac OS/X (no blowfish, or MD5 crypt). Sites I've
been to, have informed the developer to use a different algorithm and
that it would solve their problem. I, alas, cannot use a different
system. The passwords are stored in someone else's DB and I am forced to
use the Linux PHP/Crypt/MD5 version.
I have tried the md5(), mcrypt (as much as i can understand it, I am not
an encryption expert), mhash (MHASH_MD5) functions to no avail.
To explain what I am doing...
With PHP's crypt() on Linux:
1) look up the password for the user logging in (in a DB or file)
2) grab the salt for that password (it's created at random when the
password is created): chars between '$1$' and '$' (8 characters)
3) take the user supplied password, run it through PHP's crypt with the
same salt: crypt("foobar","$1$"."FpsaEXUM"."$")
3a) Result: $1$FpsaEXUM$rXsH1UzUs6w3vfik/wHGr.
With mhash:
base64_encode(mhash(MHASH_MD5, $mypassword, "$1$".$salt."$"));
Result: 6ZspEb5d0AMqo/RkSod8dw==
With mhash:
base64_encode(mhash_keygen_s2k(MHASH_MD5, $mypassword, "$1$".$salt."$",
16));
Result: blAOWSV9/hmRk/Z06IFQKA==
I've tried permutations of those without the "$1$"..."$" and still
nothing. Even if the hash matched, and I would just add the "$1$"..."$"
that would work. I've tried md5(), no luck.
Needless to say, the crypt() functions on the mac don't work. I
obviously recompiled php to support mcrypt and mhash (and gd, unrelated
issue), hoping that would solve the issue... no dice.
any help, i am desparate here... heck even an explanation as to why it's
not possible even with external libraries, would be good.
-E
0  2009  This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Matt McKay |
last post by:
I've written a php page which allows users to type in a text string and a
key, then choose from a dropdown menu of encryption/decryption cyphers, and
a method (encrypt, decrypt).
The whole thing...
|
by: dave |
last post by:
Hello,
Does anyone have experience with mhash? I've got a situation where i
have to "create an mhash module and load it in to php" which is apparently
not what i thought it was, recompiling php...
|
by: dave |
last post by:
Hello,
I'm really hoping someone can help here, i am very frustrated on this
issue. If this were my linux box i'd commit myself for insanity, this setup
is so frustrating!
Ok, done rambling,...
|
by: BKDotCom |
last post by:
I'm writing an app that will use blowfish encryption..
PHP's mcrypt will be used if available.
if not, I'll use PHPmyadmin's blowfish.php library.
The problem is I can't figure out what...
|
by: believein |
last post by:
Hi all,
I installed PHP thru the XAMPP package on my windows machine.
The problem, I couldn't solve, is that the mcryppt funcs don't work.
It return the following message:
Call to undefined...
|
by: laredotornado |
last post by:
Hello, My hosting company does not support the PHP mcrypt functions.
Instead, they recomend using the command line, /usr/local/bin/mcrypt
utility via PHP's exec method. Sadly, they do not provide...
|
by: sylvian stone |
last post by:
Hi,
I'm getting some strange errors that I cannot pin down:
Warning: mcrypt_generic_init(): Iv size incorrect; supplied length: 7,
needed: 8 in......
This is strange because the data is...
|
by: Paul Furman |
last post by:
I'm trying to set up a web page for credit card transactions and baffled
trying to find a download for mhash functions for my windows apache
development server. The real server supports mhash but I...
|
by: =?UTF-8?Q?Ahmad_=E3=8B=A1_Baitalmal?= |
last post by:
Hi,
I'm having a hard time getting python-mcrypt extension to build.
I installed libmcrypt with --prefix=/usr and I checked that the
library exists
-rwxr-xr-x 1 root wheel 352K Sep 19...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |
