How to create md5 hash as the crypt function generates with a md5 salt using the md5 function, not the crypt function?

3
votes

I prefer using crypt function in php for password encryption and other one way encryption requirements. Because I can use any supported encryption algorithm, by changing the salt and there are few other advantages. Normally, I don't use any salt and it takes a random MD5 salt. I save this encryption string as password hash on the database, and while authenticating the user, I use this as salt to the crypt function. It works fine in php. But when it's needed any other programing language to create a hash, while I am using crypt function in the php part of the function, we were into problem.

I would like to know whether is there any simple way to create a MD5 hash (using PHP md5() function or other), which need to be similar to what crypt function generates while using a MD5 salt. If I can understand how it works in php, without using crypt function, then there may be a good possibility to implement in other programing languages.

1
phpencryptionmd5saltcrypt

1 Answers

0
votes

Here's code in Java that implements the same function. This may help you to do the same in other languages.

For PHP, you may want to look into this code:

    echo 'MD5:          ' . crypt('mypassword', '$1$somesalt$') . "\n";
    echo 'MD5:          ' . mycrypt('mypassword', 'somesalt') . "\n";

    function to64($s, $n)
    {
        $i64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
        $r = '';
        while (--$n >= 0) {
            $ss = $s & 0x3f;
            $r .= $i64[$s & 0x3f];
            $s >>= 6;
         }
        return $r;
    }

    function mycrypt($v, $s) {
            $m = hash_init("md5");
            hash_update($m, $v);
            hash_update($m, '$1$');
            hash_update($m, $s);

            $m1 = hash_init("md5");
            hash_update($m1, $v);
            hash_update($m1, $s);
            hash_update($m1, $v);
            $final = hash_final($m1, true);
            for ($pl = strlen($v); $pl>0; $pl-=16) {
                    hash_update($m, substr($final, 0, $pl > 16? 16:$pl));
            }
            $final = "\0";
            for($i=strlen($v);$i!=0;$i>>=1) {
                    if (($i & 1) != 0) {
                            hash_update($m, $final);
                    } else {
                            hash_update($m, $v[0]);
                   }
            }
            $final = hash_final($m, true);
            for($i=0;$i<1000;$i++) {
                $m1 = hash_init("md5");

                if(($i&1)) {
                    hash_update($m1, $v);
                } else {
                    hash_update($m1, $final);
                }
                if(($i%3)) {
                    hash_update($m1, $s);
                }
                if(($i%7)) {
                    hash_update($m1, $v);
                }
                if(($i&1)) {
                    hash_update($m1, $final);
                } else {
                    hash_update($m1, $v);
                }
                $final = hash_final($m1, true);
            }
            $l = '$1$'.$s.'$';
            $l .= to64(ord($final[ 0])<<16 | (ord($final[ 6])<<8) | ord($final[12]), 4);
            $l .= to64(ord($final[ 1])<<16 | (ord($final[ 7])<<8) | ord($final[13]), 4);
            $l .= to64(ord($final[ 2])<<16 | (ord($final[ 8])<<8) | ord($final[14]), 4);
            $l .= to64(ord($final[ 3])<<16 | (ord($final[ 9])<<8) | ord($final[15]), 4);
            $l .= to64(ord($final[ 4])<<16 | (ord($final[10])<<8) | ord($final[ 5]), 4);
            $l .= to64(ord($final[11]), 2);

            return $l;
    }