Newbie help - password hash
Aki Tuomi
cmouse at desteem.org
Tue Sep 15 11:56:12 CEST 2009
On Mon, Sep 14, 2009 at 06:11:17AM -0700, cc10 wrote:
>
> >This is dangerous, and wrong.
>
> >scanf("%16s", userPass); is bit more correct.
>
> Thank you, will fix it.
>
> >gcry_md_hash_buffer(GCRY_MD_MD5, userPassHash, userPass, strlen(userPass));
>
> Tried it both ways (1, and GCRY_MD_MD5), still won't give me the right hash.
> It is weird as it seems the beginning is right, and then it's a bunch of
> f's.
>
Did you initialize the library correctly?
Here's how I would do this:
{
char pw[16];
char hash[16];
int i;
if (!gcry_check_version(GCRYPT_VERSION)) exit(1);
gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
fgets(pw, sizeof pw, stdin); // prevents buffer overflow
gcry_md_hash_buffer(GCRY_MD_MD5, hash, pw, strlen(pw));
for (i = 0; i < sizeof hash; i++)
printf("%02x", hash[i]);
printf("\n");
}
Aki Tuomi
More information about the Gcrypt-devel
mailing list