Newbie help - password hash
Aki Tuomi
cmouse at desteem.org
Mon Sep 14 13:46:20 CEST 2009
On Sun, Sep 13, 2009 at 11:52:42AM -0700, cc10 wrote:
>
> Hi,
>
> I am very new to libgcrypt. I am trying to write a simple system, where a
> user in order to login needs a password. I'd like to store this password
> hashed in md5 on the computer. This is what I did so far:
>
> char userPass[16]; // password of the user (string)
> scanf("%s", &userPass);
This is dangerous, and wrong.
scanf("%16s", userPass); is bit more correct.
>
> char userPassHash[16]; // hash of the password
> gcry_md_hash_buffer(1, userPassHash, userPass, strlen(userPass));
>
this is wrong, as well. You are supposed to say
gcry_md_hash_buffer(GCRY_MD_MD5, userPassHash, userPass, strlen(userPass));
> I was hoping that userPassHash would give me the hash of the password (which
> I then convert to hex for storage), but it is not the case. I am sure I am
> doing something stupid (my guess is that I cannot use the string as an input
> in the hash function, but I am not sure what type of input it needs to be).
> Can anyone help?
>
> Thank you,
> Charles
> --
----- End forwarded message -----
More information about the Gcrypt-devel
mailing list