Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Using a salt value
Top Forums Programming Using a salt value Post 302712313 by JohnGraham on Tuesday 9th of October 2012 04:43:24 AM
Old 10-09-2012
At least for passwords made with crypt() (see 'man 3 crypt'), the salt is the first two characters of the generated hash - this makes duplicates look different, while allowing easy computation when entering the password.

Here's a test program I wrote a while ago demonstrating basic use of crypt(), but still find useful - if you run it you'll notice the first two characters of the output are the two-byte salt (compile with '-lcrypt'):

Code:
#define _GNU_SOURCE

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <string.h>

#include <sys/time.h>
#include <unistd.h>

char *random_salt()
{
    // Failure is fine (assume garbage on stack will do at a push).
    struct timeval tv;
    if (gettimeofday(&tv, NULL) != 0) {
        fprintf(stderr, "Warning: Could not gettimeofday: %m.\n");
        fprintf(stderr, "Just using garbage on stack as randomness.\n");
    }
    srand(tv.tv_sec + tv.tv_usec);

    const char *salt_chars =
        "abcdefghijklmnopqrstuvwxyz"
        "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
        "0123456789" "./";

    static char salt[3] = "\0\0\0";

    salt[0] = salt_chars[rand() % strlen(salt_chars)];
    salt[1] = salt_chars[rand() % strlen(salt_chars)];

    return salt;
}

int main(int argc, char *argv[])
{
    if (argc != 2 && argc != 3) {
        fprintf(stderr, "Usage: crypt PASSPHRASE [SALT]\n");
        fprintf(stderr, "(If no SALT is given, a random one is chosen)\n");
        return 1;
    }

    if (argc == 3 && strlen(argv[2]) != 2) {
        fprintf(stderr, "Error: salt must be 2 bytes long\n");
        return 1;
    }

    char *salt = (argc == 3) ? argv[2] : random_salt();

    char *pass = crypt(argv[1], salt);
    if (pass) {
        printf("%s\n", pass);
        return 0;
    } else {
        fprintf(stderr, "Error: %m\n");
        return 1;
    }
}

 

5 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

What is "salt character" and what does it do?

Hi, lads. Good day. I have one question to ask. I read on the Internet, for the SUSE system, the password is encrypted into 13 characters, and the first 2 characters are called salt characters? Is there any special meaning for salt? Why we need these salt characters? And, I have a look at... (1 Reply)
Discussion started by: yjck71
1 Replies

2. UNIX for Dummies Questions & Answers

Increase salt size

Unix protect its password by using salt It that mean larger the salt size the more secure? if the salt size increase greatly, will the password still able to be cracked? thank you for helping (1 Reply)
Discussion started by: cryogen
1 Replies

3. Programming

4-Byte Salt (in hex) to Integer

If i have a salt that looks like this 'CFDB024F' (in hex) would the integer value be '3487236687' ? Is that correct? (1 Reply)
Discussion started by: cbreiny
1 Replies

4. OS X (Apple)

Question about openSSL and Salt

Hey all, i have an application i am developing and i would like to use the OpenSSL des3 encryption, the only problem i am having is when i need to input the second key verification. Heres what i have so far openssl des3 -salt -in /tmp -out pwenc.z | echo 1111 usually for password verification... (0 Replies)
Discussion started by: code_monkey
0 Replies

5. Cybersecurity

Wordpress and Joomla hash and salt

I would like to know where the hash and salt are in Wordpress and Joomla hashes? For example: In this wordpress hash P$BTBCNLQpY5CWWQ6XC4WJ6IPJQ877s3 where the salt is? In this Joomla hash $2y$10$io60pn4npWCRWwg4308pB.4rLmfz.vFwzxzYmX6W48Ff7wTi7ZEMO where the salt is? For example (source... (1 Reply)
Discussion started by: freeroute
1 Replies

LEARN ABOUT HPUX

crypt

crypt(3C)																 crypt(3C)

NAME

       crypt  - generate hashing encryption

SYNOPSIS

   Obsolescent Interfaces
DESCRIPTION

   crypt():
       is  the	password encryption function.  It is based on a one way hashing encryption algorithm with variations intended (among other things)
       to frustrate use of hardware implementations of a key search.

       key is a user's typed password.	salt is a two-character string chosen from the set this string is used to perturb the hashing algorithm in
       one of 4096 different ways, after which the password is used as the key to encrypt repeatedly a constant string.  The returned value points
       to the encrypted password.  The first two characters are the salt itself.

   Obsolescent Interfaces
       generate hashing encryption.

WARNINGS

       The return value for points to data whose content is overwritten by each call.

       and are obsolescent interfaces  supported only for compatibility with existing DCE applications. New multithreaded applications should use

SEE ALSO

       crypt(1), login(1), passwd(1), getpass(3C), passwd(4), thread_safety(5).

STANDARDS CONFORMANCE

																	 crypt(3C)
All times are GMT -4. The time now is 11:40 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy