[ale] crypt()

[Joe Steele]

It's true that crypt has no size limitation.  But there's a little 
more to it.

crypt() can use either a DES or MD5 algorithm.  If it's using DES, 
then only the first 8 characters of the key are significant.  The MD5 
algorithm does not have this limitation.  The algorithm used depends 
on the format of the salt.  To quote from the Docs:

     For the MD5-based algorithm, the SALT should consist of the string
     `$1$', followed by up to 8 characters, terminated by either
     another `$' or the end of the string.  The result of `crypt' will
     be the SALT, followed by a `$' if the salt didn't end with one,
     followed by 22 characters from the alphabet `./0-9A-Za-z', up to
     34 characters total.  Every character in the KEY is significant.

     For the DES-based algorithm, the SALT should consist of two
     characters from the alphabet `./0-9A-Za-z', and the result of
     `crypt' will be those two characters followed by 11 more from the
     same alphabet, 13 in total.  Only the first 8 characters in the
     KEY are significant.  If the `crypt' add-on is not installed,
     trying to use the DES-based algorithm will return an empty string
     and set `errno' to `EOPNOTSUPP'.

--Joe

-----Original Message-----
From:	Vaidhy Mayilrangam [SMTP:vaidhy at loonys.net]
Sent:	Monday, December 17, 2001 9:48 PM
To:	Chris Fowler
Cc:	ale at ale.org
Subject:	Re: [ale] crypt()

I do not think crypt has any limitations on the password size..

Vaidhy

On Mon, Dec 17, 2001 at 09:30:20PM -0500, Chris Fowler wrote:
> crypt() has a limitatation of 8 byte passwords.  Is there a better way?  I'm
> know there is.  I would like to use the standard.
> 
> Chris

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.