Use of Linux crypt Functions

Source: Internet
Author: User
Tags crypt
The crypt function is used for encryption. Currently, the encryption methods on Linux are MD5, Des, and 3 DES.

MD5 and des are used more frequently on the RedHat platform. The original form of the crypt function is:

Char * crypt (const char * Key, const char * salt );

Key is the plaintext to be passed in, salt is the key we specify for encryption, and the returned value is the encrypted ciphertext.

The key is the key salt. Here, through our experiment, we found that:

(1) If the salt string starts with $1 $ and ends with $, this indicates that crypt is encrypted using MD5, the encrypted ciphertext format is $1 $... $ <ciphertext body>: the string between $1 $ and $ is the key text we specified. The key text cannot exceed 8 characters.

In some installation and configuration scripts of easycluster, we use this encryption method to retrieve the MAC address of the local machine and then encrypt it with a defined key, $1 $... $ remove this part, and only keep the ciphertext in the license file, so that others do not know what key we are using for encryption, even if we know that we are encrypting the MAC address, however, it is still safe because you do not know what the key is. (Of course, the attacker can view the compilation code that verifies the license. The same is true for hoho)

(2) If the salt string is not in the (1) format, the DES encryption method is used by default. When des is encrypted, salt can only take two characters. That is to say, salt cannot exceed 2 Characters at most, and the extra characters will be discarded. (The three des on SuSE are not clear about the conventions.) The first two characters in the ciphertext encrypted by des are keys. Followed by the real ciphertext.

When using the crypt function, define the constant at the beginning of the Code:

# DEFINE _ xopen_source

For details, refer to Man 3 crypt. The meaning of this constant is very clear in chapter 2 of apue. If this constant is not defined, it is okay in some Linux systems, but in some Linux systems, the crypt returns a null pointer error.

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.