[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem in verifying MD5 decrypted passwd with plain text one

On Fri, 29 Jun 2001, Brian S. Craigie wrote:

> Hi
> When you say "already decrypted" do you mean "already base64 decoded"?  As
> far as I know you can't decrypt an MD5 password, so I guess you must mean
> Base64 decoded.
> You have to encrypt the new plain-text password using the same salt [and
> base64 method if necessary] as the old one was, and then compare the two
> encrypted results.
> I don't know about MD5, but in a standard Unix password, the salt is stored
> as the first two characters of the encrypted password.

[ Perhaps this should go into an FAQ? ]

The BSD style MD5 hashed password is much like the DES style, except that
your salt is 8 characters in length and the encrypted string must begin with

A basic algo to do this is:
salt = "$1$fjdkslei";
cryptpw = crypt(plaintext, salt);

Of course, salt you will want to use a random character generation routine
or better still, machine generated random data (ala /dev/urandom).

In PHP, this would result in a code segement such as:
$fd = open("/dev/urandom", "r");
$salt = bin2hex(fread($fd, 8));

$cryptpw = "{crypt}".crypt($plaintext, "$1$".$salt);

Then a call to ldap_modify with the entry DN and cryptpw, and binding as
that entries DN with that entries original password (allowing of course for
the proper ACLs).

The base64 encoding done by the client is *NOT* encryption...  base64
encoding is 2 way, therefore you can decode the string back to its plain
text form.  Encryption (using DES or MD5 crypt) does NOT allow reversal from
the encrypted form, you MUST encrypt the secret key using the salt of the
stored crypt and comparing the 2 encrypted strings (or as in LDAP, binding
using the original password, then modifiying the entry as that user).

To compare simply get the encrypted password from your database, copy the
salt into a string, and encrypt the plaintext key given with this copied
salt.  Then, strcmp the 2 encrypted strings...

Of course, it's much easier to just attempt a bind as that user, and let the
LDAP server figure it out (ack or nak returned, with nak give them a
password failure).

James Bourne
> Best Regards,
> Brian
> kavita wrote:
> > hi everybody,
> >        am adding entries of users in a ldap and providing a web-based
> > link for change their password.
> > i have a detailed entry of users in a ldap like
> > username,password,mailquota,uid,gid etc.
> > user's password is stored in MD5 base64 encrypted format.
> > as all change password script requires old(current) password for
> > verification of valid user and then new password and confirm (re-type )
> > password.
> > when i retrieve user's old(current) password it is already decrypted.
> > now i want to match this decrypted password with plain text password
> > which is entered by use(current pass).
> >
> > how shall i do it?
> >
> > Thanx in Advance.
> > --
> > Kavita Modi

James Bourne, Supervisor Data Centre Operations
Mount Royal College, Calgary, AB, CA