Date: Thu, 23 Aug 2018 06:28:02 -0400 From: "Derek (freebsd lists)" <482254ac@razorfever.net> To: freebsd-questions@freebsd.org Subject: Re: What hash to use Message-ID: <74a041fe-b00a-673e-c43f-b72aa04e5297@razorfever.net> In-Reply-To: <wu7r2ipwih6.fsf@banyan.cs.ait.ac.th> References: <wu7r2ipwih6.fsf@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2018-08-23 05:16 AM, Olivier wrote:
> I am using a tools that hashes the passwords in the form of
> $2b$10$OQBll77HJqnOR.zqK2jx8ukE6m68Azc7nrsgRdcT6bVfERRmzFV4.
>
> What magic tool can I use in freeBSD to do the same hashing?
>
Try this (cdemo.c):
#include <stdio.h>
#include <string.h>
#include <unistd.h>
int main(void)
{
struct crypt_data buf1;
char *hash;
/*
* Generate a crypt for storage, using salt as the
algorithm selection
* and parameters.
*/
hash = crypt_r("Initial example password.",
"$2b$10$22bytesofbase64charactersfromdevurandom", &buf1);
if (hash == NULL) {
printf("crypt_r (hash) failed.\n");
return (3);
}
printf("crypt_r (hash) result: %s\n", hash);
return (0);
}
Then:
cc -lcrypt -o cdemo cdemo.c
./cdemo
This is okay for a one-off.
You might wire stdin to read the salt, or for bonus points make
your own salt generator.
Additionally, it's likely not a good idea to read the password
from the command-line (argv+argc). A file descriptor (e.g.
stdin) of some kind would be better, as it will show up in shell
history and the process table.
Some languages, e.g. python, php, etc will have a library to do
this for you as well.
Derek
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?74a041fe-b00a-673e-c43f-b72aa04e5297>