[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Encrypting passwords

To: Miha Krajnc <miha.krajnc.mb@gmail.com>
Subject: Re: Encrypting passwords
From: DT Piotr Wadas <pwadas@dtpw.pl>
Date: Sun, 9 May 2010 23:26:25 +0200 (CEST)
Cc: openldap-technical@openldap.org
In-reply-to: <AANLkTilncRDE6Bz6XNWJyn14E5DmBjiw5KQXGc5FFTY_@mail.gmail.com>
References: <AANLkTinMoqNuNQ2-cQVm8bvmDR3uDxXKHQanho80Osht@mail.gmail.com> <AANLkTilncRDE6Bz6XNWJyn14E5DmBjiw5KQXGc5FFTY_@mail.gmail.com>

> > Greetings,
> > some time ago i saw a command (i'm guessing from the ldap-utils package)
> > that would encrypt text into one of the encryptions supported by openldap
> > (md5, crypt etc...) anyone know what that command is?

I bet it's not the same you've seen, anyway I wrote one quick&dirty for 
me, it creates prompt or read plaintext from stdin, here you go..
One can probably find some other utility to do this..

---------------------
#include <stdio.h>
#include <crypt.h>
#include <stdlib.h>
#include <string.h>
#include <fcntl.h>
#include <string.h>
#include <sys/time.h>
#include <time.h>
#include <sys/types.h>
#include <unistd.h>


#define _XOPEN_SOURCE
#define MD5_CRYPT_ENAB yes

/* gcc -Wall -lcrypt encpwd.c -o encpwd */

static void to64(char *s, unsigned long v, int n)
{
    static unsigned char itoa64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
    while (--n >= 0) {
       *s++ = itoa64[v&0x3f];
        v >>= 6;
    }
}


extern char *crypt (__const char *__key, __const char *__salt);

char *crypt_make_salt (void)
{
        struct timeval tv;
        static char result[40];

        result[0] = '\0';
        strcpy (result, "$1$"); /* magic for the new MD5 crypt() */

        gettimeofday (&tv, (struct timezone *) 0);
        strcat (result, l64a (tv.tv_usec));
        strcat (result, l64a (tv.tv_sec + getpid () + clock ()));

        if (strlen (result) > 3 + 8) result[11] = '\0';

        return result;
}

char *pw_encrypt (const char *clear, const char *salt)
{
        static char cipher[128];
        char *cp = crypt (clear, salt);
        strcpy (cipher, cp);
        return cipher;
}

static char *htenc(const char *clearpasswd) {
        char *res;
        char salt[9];
        (void) srand((int) time((time_t *) NULL));
        to64(&salt[0], rand(), 8);
        salt[8] = '\0';
        res = crypt(clearpasswd, salt);
    return res;
}


int main (argc,argv)
int argc; char *argv[];
{
        const char* msg = "Enter password:";
        char *clear = NULL;

        if ( argc > 1 )  clear = argv[1];
        else
                if ( !(clear = getpass(msg)) || strlen(clear) == 0 )  
                {
                        fprintf (stderr, ("You entered no password \n")); 
                        return 1;
                }

        if (clear)
        {
                fprintf (stdout, "Clear text: %s\n",clear);
                char *unixenc = pw_encrypt(clear,crypt_make_salt());
                fprintf (stdout, "Unix encoded: %s ( {CRYPT}%s )\n",unixenc,unixenc);
                fprintf (stdout, "Apache encoded: %s\n",htenc(clear));
        }
        return 0;
}

---------------------------------

-- 
http://dtpw.pl/buell [ 25th anniversary of Buell - American Motorcycles ]
Linux aleft 2.6.27.29-0.1_lustre.1.8.1.1-default #1 SMP
drbd version: 8.3.7 (api:88/proto:86-91)
pacemaker 1.0.6-cebe2b6ff49b36b29a3bd7ada1c4701c7470febe

References:
- Encrypting passwords
  - From: Miha Krajnc <miha.krajnc.mb@gmail.com>
- Re: Encrypting passwords
  - From: Miha Krajnc <miha.krajnc.mb@gmail.com>

Prev by Date: Re: Encrypting passwords
Next by Date: RE: OpenLDAP: contextCSN check across mirrors
Index(es):
- Chronological
- Thread