3

I'm using the crypt() function for the first time in c. I'm just running some initial tests, so none of this is actually going to be used, the constant salt value in particular. :)

I run the following code:

crypt(password, "$1$k7de83ka7");

From my understanding of the crypt docs, this provided salt value should specify that crypt() run in MD5 mode, which will produce a hash of the format "$1$". The $1$ specifies the value was hashed with MD5. That's how I understand it should work.

However, when I test the above code, the value returned is "$1ciFuWRySk3A", so it seems to be missing one of the '$' chars. Am I doing something wrong to cause this problem?

Rook
  • 5,734
  • 3
  • 34
  • 43
dsw88
  • 4,400
  • 8
  • 37
  • 50
  • The hash returned should be in format `$1$salt$encrypted`. Just one `$` seems wrong. Which implementation of `crypt` are you using? – Michał Trybus Nov 15 '12 at 18:38
  • What is your OS (linux/BSD/embedded; version) and what is the library which was used to implement `crypt` (is it ucglibc/newlib/glibc; version)? – osgx Nov 15 '12 at 18:38

1 Answers1

1
crypt(password, "$1$k7de83ka7");

I don't think you're calling crypt correctly, from the man page:

If salt is a character string starting with the characters "$id$" followed by a string terminated by "$": $id$salt$encrypted

Then id identifies the encryption method.

And you shouldn't expect it to return a string containing $ (not necessarily)

On success, a pointer to the encrypted password is returned. On error, NULL is returned.

iabdalkader
  • 17,009
  • 4
  • 47
  • 74