At 7:39 AM -0600 3/13/1999, Hank Eskin wrote:
>I've been using the CRYPT function, but it seems I can
>only encrypt strings of eight characters or less, since longer
>strings with the same first eight characters
>will return the same encrypted string even if they are
>different strings. Is there a way to encrypt longer
>strings? I've read the docs, and didn't see anything
>about this limitation.
I assume you mean ENCRYPT(), not CRYPT().
This is a function of the way the underlying crypt() system call works.
>C Library Functions crypt(3C)
>
>NAME
> crypt - string encoding function
>
>SYNOPSIS
> #include <unistd.h>
>
> char *crypt (const char *key, const char *salt);
>
>DESCRIPTION
> The crypt() function is a string encoding function, used
> primarily for password encryption. It is based on a one-way
> encryption algorithm with variations intended (among other
> things) to frustrate use of hardware implementations of a
> key search.
>
> The key argument points to a string to be encoded (for exam-
> ple, the user's password.) Only the first eight characters
> are used; the rest are ignored. The salt is a two-character
> string chosen from the set [a-zA-Z0-9./]. This string is
> used to perturb the hashing algorithm in one of 4096 dif-
> ferent ways...
At least, that's how it works on Solaris. It might behave differently
on other systems (for instance, the crypt() manpage on HP-UX 9.05
doesn't mention anything about an 8-char limitation. Since the behavior
of MySQL ENCRYPT() is tied to the behavior of the underlying system call,
it's difficult to document how it works for all systems.
--
Paul DuBois, paul@stripped
Northern League Chronicles: http://www.snake.net/nl/
Madison Black Wolf: http://www.primate.wisc.edu/people/dubois/blackwolf/
