FAQTs - Knowledge Base - View Entry - about:PHP How to set salt in crypt( string str [, string salt]) so that the string can be encryped w

faqts : Computers : Programming

+ Search

ActiveState - Programming for the People, Thoughts.com Forums, Business Directory, Web Directory, ECommerce Web Design Hosting Services, Cheap Domain Names, Private Investigators & Background Checks, Fun Flash Games, National-Movers, Pool Table Movers, Moving Companies, Moving Quotes,

Entry

about:PHP How to set salt in crypt( string str [, string salt]) so that the string can be encryped w

Apr 27th, 2005 01:33
Keyar Srinivasan, chongyuan ji,

Some operating systems support more than one type of encryption. In 
fact, sometimes the standard DES-based encryption is replaced by an MD5-
based encryption algorithm. The encryption type is triggered by the 
salt argument. At install time, PHP determines the capabilities of the 
crypt function and will accept salts for other encryption types. If no 
salt is provided, PHP will auto-generate a standard two character salt 
by default, unless the default encryption type on the system is MD5, in 
which case a random MD5-compatible salt is generated. PHP sets a 
constant named CRYPT_SALT_LENGTH which tells you whether a regular two 
character salt applies to your system or the longer twelve character 
salt is applicable. 
If you are using the supplied salt, you should be aware that the salt 
is generated once. If you are calling this function repeatedly, this 
may impact both appearance and security. 
The standard DES-based encryption crypt() returns the salt as the first 
two characters of the output. It also only uses the first eight 
characters of str, so longer strings that start with the same eight 
characters will generate the same result (when the same salt is used). 
On systems where the crypt() function supports multiple encryption 
types, the following constants are set to 0 or 1 depending on whether 
the given type is available: 
CRYPT_STD_DES - Standard DES-based encryption with a two character salt 
CRYPT_EXT_DES - Extended DES-based encryption with a nine character 
salt 
CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1
$ 
CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt 
starting with $2$ or $2a$ 
<?php
if (CRYPT_STD_DES == 1) {
    echo 'Standard DES: ' . crypt('rasmuslerdorf', 'rl') . "\n";
}
if (CRYPT_EXT_DES == 1) {
    echo 'Extended DES: ' . crypt('rasmuslerdorf', '_J9..rasm') . "\n";
}
if (CRYPT_MD5 == 1) {
    echo 'MD5:          ' . crypt('rasmuslerdorf', '$1
$rasmusle$') . "\n";
}
if (CRYPT_BLOWFISH == 1) {
    echo 'Blowfish:     ' . crypt('rasmuslerdorf', '$2a$07
$rasmuslerd...........$') . "\n";
}
?>
------------------------------------------------
For Further details
This one is helpful...,
http://www.phpnoise.com/tutorials/3/1
------------------------------------------------
User authentication with crypt()
As an example of the use of the crypt() function, consider a scenario 
where you are interested in creating a PHP script that restricts a 
certain directory, allowing only those users supplying a correct user 
name and password to enter this directory.
http://www.onlamp.com/pub/a/php/2001/07/26/encrypt.html?page=2
Please check this here