Using MD5 in Linux to implement user authentication solutions _linux

Using the MD5 function in OpenSSL, the function returns 16 bytes of unsigned char-type data, each byte in a range of 0~255,

It is formatted as 16 and is a 32-bit MD5 encoding. Note: One byte is 8 bits, which can represent 2-bit hexadecimal.

Use the login client's username to get the salt value and the encrypted password from the Redis database, and then encrypt the login client's password with the

Compare the passwords in the Redis database. The same validation passes, or the validation fails.

The password in the Redis database is stored in the format Password:salt

The user authentication algorithm is as follows:

int User_authenticate (char *username, char *password)

{

Char *SALT_PW, *salt, *PW;

Char buf[40];

Char tmp[3]={' ", md5_str[33]={'"};

unsigned char md[16];

int i;

GET_SALT_PW calls the Redis database for Password:salt

SALT_PW = GET_SALT_PW (db, username);

PW = Strtok (SALT_PW, ":");

if (!PW) {

return 0;

}

Salt = strtok (NULL, ":");

if (!salt) {

return 0;

}

strcpy (buf, password);

strcat (buf, salt);

MD5 ((const unsigned char*) buf, strlen (BUF), MD);

Transform to MD5 string

for (i = 0; i < i++) {

sprintf (tmp, "%02x", Md[i]);

strcat (MD5_STR, TMP);

}

Compare encode password using MD5

if (strcmp (char*) md5_str, pw)) {

return 0;

}

return 1;

}

Note the use of the Strtok function, and the process of converting 16 bytes of unsigned char to 32-bit hexadecimal numbers.