Use the MD5 function in OpenSSL. This function returns 16 bytes of unsigned char data, with each byte ranging from 0 ~ 255
It is formatted as a 32-bit MD5 code in hexadecimal format. Note: one byte is 8 bits, which can represent two hexadecimal digits.
Use the username used to log on to the client to obtain the salt value and the encrypted password from the redis database, and then encrypt the password used to log on to the client with
Compare the passwords in the redis database. If they are the same, the verification succeeds. Otherwise, the verification fails.
The password storage format in the redis database is password: salt
User verificationAlgorithmAs follows:
Int user_authenticate (char * username, char * password)
{
Char * salt_pw, * salt, * PW;
Char Buf [40];
Char TMP [3] = {'\ 0'}, md5_str [33] = {' \ 0 '};
Unsigned char MD [16];
Int I;
// Get_salt_pw call redis database to obtain password: salt
Salt_pw = get_salt_pw (dB, username );
PW = strtok (salt_pw ,":");
If (! PW ){
Return 0;
}
Salt = strtok (null ,":");
If (! Salt ){
Return 0;
}
Strcpy (BUF, password );
Strcat (BUF, salt );
MD5 (const unsigned char *) BUF, strlen (BUF), MD );
// Transform to MD5 string
For (I = 0; I <16; I ++ ){
Sprintf (TMP, "% 02x", MD [I]);
Strcat (md5_str, TMP );
}
// Compare encode password using MD5
If (strcmp (char *) md5_str, PW )){
Return 0;
}
Return 1;
}
Note the use of the strtok function and the process of converting 16-byte unsigned char to 32-bit hexadecimal number.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
