Use of Linux crypt Functions

The crypt function is used for encryption. Currently, the encryption methods on Linux are MD5, Des, and 3 DES.

MD5 and des are used more frequently on the RedHat platform. The original form of the crypt function is:

Char * crypt (const char * Key, const char * salt );

Key is the plaintext to be passed in, salt is the key we specify for encryption, and the returned value is the encrypted ciphertext.

The key is the key salt. Here, through our experiment, we found that:

(1) If the salt string starts with $1 $ and ends with $, this indicates that crypt is encrypted using MD5, the encrypted ciphertext format is $1 $... $ <ciphertext body>: the string between $1 $ and $ is the key text we specified. The key text cannot exceed 8 characters.

In some installation and configuration scripts of easycluster, we use this encryption method to retrieve the MAC address of the local machine and then encrypt it with a defined key, $1 $... $ remove this part, and only keep the ciphertext in the license file, so that others do not know what key we are using for encryption, even if we know that we are encrypting the MAC address, however, it is still safe because you do not know what the key is. (Of course, the attacker can view the compilation code that verifies the license. The same is true for hoho)

(2) If the salt string is not in the (1) format, the DES encryption method is used by default. When des is encrypted, salt can only take two characters. That is to say, salt cannot exceed 2 Characters at most, and the extra characters will be discarded. (The three des on SuSE are not clear about the conventions.) The first two characters in the ciphertext encrypted by des are keys. Followed by the real ciphertext.

When using the crypt function, define the constant at the beginning of the Code:

# DEFINE _ xopen_source

For details, refer to Man 3 crypt. The meaning of this constant is very clear in chapter 2 of apue. If this constant is not defined, it is okay in some Linux systems, but in some Linux systems, the crypt returns a null pointer error.