Home  Contents

cipher.crypt

 Cipher Core4 Lua Commands
Platform Core4 Filesystem Core4 Lua
Core4 Manager Core4 Manager Downloads Getting started Installation Development
Application Notes Lua TCP/IP
Core4 Lua Commands Audio Cipher Cipher/Hash Cipher/MPI Cipher/PKI Cipher/SSL Ctype Date/Time Debug Filer Graphics JSON Kconfig Math Mtd16 OS Sql String Table Tr
Core4 Lua Event System Bis Event Finger Gpio Httpd Httpd/CGI Keyboard Magstripe Mtd16io Rawio Touch V4kf Websocket
Lua Commands Coroutine Debug File Global IO OS Package String Table
Credits Credits

SYNOPSIS

hash = cipher.crypt(password, salt)

DESCRIPTION

Calculate a password hash out of the plain text password which is salted with the value salt. While the hash can be easily calculated from a password, it is reasonably impossible to do the reverse.

This function is used for checking a password.

First the user has to select a password. The software will generate a random salt value and run both the newly entered password and the salt through cipher.crypt(). The resulting hash value is stored in the user database:

function generate_password_hash(pass) local salt = cipher.salt() local hash = cipher.crypt(pass, salt) return hash end

When the password must be verified, the application software needs to retrieve the stored hash value from its database check it against the password. This example will return true if the password is correct.

function check_password(pass, hash) return (cipher.crypt(pass, hash) == hash) end

NOTES

The function uses MD5 to calculate the hash. The algorithm is compatible to most unix implementations. It uses the implementation from OpenBSD.

The structure of a hash is like this:

$1$..salt..$..........hash........

The tag $1 marks the hash as MD5 encoded. Following after another $ character is the salt, and finally the hash data.

RETURN VALUE

A string containing the salt and the hashed password.

SEE ALSO

cipher.salt(), Salt (Cryptography)

Core4 SDK 2.114.0#7929 © Teratronik elektronische Systeme GmbH   2024-04-25