date:20130601

Re: Missing o in -lcrypt in scr/Makefile

2013-06-01 Thread Jon Kleiser

Hi Alex,

 Hi Jon,

 $ ./pil lib/adm.l +
 : (de *Salt 16 . $6$@1$)
 - *Salt
 : (passwd somestring)
 - $6bsuufIMFxJE

 So it seems that the 'passwd' function is working in 32-bit PicoLisp on
 Mac, right?

 Hmm, yes and no ...

 It works, but obviously only with the (worthless) DES algorithm, because
 the generated hash is much too short.

 In glibc's crypt() more modern algorithms are supported:

The glibc2 version of  this  function  supports  additional  encryption
algorithms.

If  salt is a character string starting with the characters $id$ fol?
lowed by a string terminated by $:

   $id$salt$encrypted

then instead of using the DES machine,  id  identifies  the  encryption
method  used  and  this  then  determines  how the rest of the password
string is interpreted.  The following values of id are supported:

   ID  | Method
   ?
   1   | MD5
   2a  | Blowfish (not in mainline glibc; added in some
   | Linux distributions)
   5   | SHA-256 (since glibc 2.7)
   6   | SHA-512 (since glibc 2.7)

So   $5$salt$encrypted   is   an   SHA-256   encodedpasswordand
$6$salt$encrypted is an SHA-512 encoded one.

salt stands for the up to 16 characters following $id$ in the salt.
The encrypted part of the password string is the actual computed  pass?
word.  The size of this string is fixed:

MD5 | 22 characters
SHA-256 | 43 characters
SHA-512 | 86 characters

 So when passing a salt with the $6$@1$ pattern would generate a
 SHA-512 hash with a total of 106 characters (86 plus the salt).

 The DES algorithm has nowadays no practical use.

 The old crypt() function uses only the first two characters of the salt,
 that's why we see

 : (passwd somestring)
 - $6bsuufIMFxJE

 i.e. the first two characters $6 in the generated hash. crypt()
 obviously didn't understand the special encoding of the salt.

 Do you think that on the Mac some other version of crypt() is available?
 There must be some secure hash function too.

 ?? Alex

I'm not shure what kind of crypt() functions that's available on the Mac,
but if I use 'irb' (i.e. Ruby 1.8.7) with OSX 10.8.3, then I get this:

 somestring.crypt($6$@1$)
= $6bsuufIMFxJE

.. the same (worthless) DES algorithm. I'll try to find out more about
this, a little later.

/Jon

-- 
UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe

Assign a list as symbols property list

2013-06-01 Thread Thorsten Jolitz


Hi List, 

probably a rather newbie question:

When I already have property list like 

,--
| ((key1 . value1) (key2 . value2) ... (keyn . valuen))
`--
 
and want to assign the whole thing as a symbols property list - how do I
do that (without setting every single key/value pair with 'put')?

-- 
cheers,
Thorsten


-- 
UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe

Re: Missing o in -lcrypt in scr/Makefile

Assign a list as symbols property list

2 matches

Site Navigation

Mail list logo

Footer information