-1

I want my program to extract the first two characters of the given hash hash. These first two characters represent a nonce/salt that the password was encrypted with (DES-based, crypt() function). The first two characters of hash are stored in the array nonceAsArray[], which is being passed down to the function concatenateCharacters(), whose job is to turn these characters into a nonce of type string and save it in the variable nonce so that it can be used later on in order to encrypt a password.

The function seems to concatenate the two characters perfectly fine. However, when nonce is given to the crypt() function as an argument, it returns null but only, if I calculate both, generatedHash1 and generatedHash2:

Output:

generatedHash1: 14dJperBYV6zU

generatedHash2: (null)

However, when I exclude the calculation of the first hash string generatedHash1 = crypt("myPassword", "14");, my program outputs the following:

generatedHash2: dJperBYV6zU

The crypt() function now seems to have accepted the value that is being stored in nonce. Another odd thing is that crypt() returns a hash without the nonce being represented in the first two characters of generatedHash2. The encrypted password however should be 13 characters long in total.

Fired up the debugger and checked the values that are being stored in nonce. I stumbled upon this:

nonce: 0x7fffffffdd40 "14"

and

*nonce: 49 '1'

I assume that the first part that starts with 0x7f... is the memmory address and next to it the value that stored at this address.

Can anyone help me understand as to why the crypt() function doesn't seem to accept the value in nonce? I would greatly appreciate if anyone could give me a hint where to look or an explenation as to why it fails.

(...)
#include <cs50.h>
#include <string.h>
(...)

// extract the first two characters of 'hash' (== nonce/salt)
string hash = "14dJperBYV6zU";
char nonceAsArray[2];

for (int i = 0; i < 2; i++)
{
    nonceAsArray[i] = hash[i];
}

string nonce = concatenateCharacters(nonceAsArray, 2);

printf("first hash: %s\n", crypt("myPassword", "14"));
printf("second hash: %s\n", crypt("myPassword", nonce));

// connects characters to strings
string concatenateCharacters(char characters[], int arraySize)
{
    char terminator[1] = {'\0'};
    // create array that can store the password and to which the terminator can be appended (hence +1)
    char bigEnoughArray[arraySize + 1];

    for (int i = 0; i < arraySize; i++)
    {
        bigEnoughArray[i] = characters[i];
    }

    return strcat(bigEnoughArray, terminator);
}
Community
  • 1
  • 1
he1zn0erg
  • 1
  • 1
  • 2
    `return strcat(bigEnoughArray, terminator);` is completely wrong because 1. returning pointer to a non-static local array, which will expire on exiting from the block it is declared. 2. `strcat` expects already null-terminated string. It is NOT for newly adding terminating null-character. – MikeCAT May 18 '18 at 14:34
  • 3
    The type `string` isn't in the standard C. Please consider posting a [Minimal, Complete, and Verifiable example](http://stackoverflow.com/help/mcve). – MikeCAT May 18 '18 at 14:35
  • https://stackoverflow.com/questions/4570366/how-to-access-a-local-variable-from-a-different-function-using-pointers – Antti Haapala -- Слава Україні May 18 '18 at 14:48
  • 1
    What the heck is `string`? Is it an obfuscated `char*`? And if, why? – alk May 19 '18 at 14:57

1 Answers1

0

I "guess" it helps to replace this

string hash = "14dJperBYV6zU";
char nonceAsArray[2];

for (int i = 0; i < 2; i++)
{
    nonceAsArray[i] = hash[i];
}

string nonce = concatenateCharacters(nonceAsArray, 2);

by

#define NONCE_MAX (2);

string hash = "14dJperBYV6zU";
char nonceAsArray[NONCE_MAX + 1] = ""; /* zeros out all nonceAsArray */
strncpy(nonceAsArray, hash, NONCE_MAX);
string nonce = nonceAsArray;
alk
  • 69,737
  • 10
  • 105
  • 255