List:General Discussion« Previous MessageNext Message »
From:Paul DuBois Date:March 13 1999 2:10pm
Subject:Re: Crypt Limitation?
View as plain text  
At 7:39 AM -0600 3/13/1999, Hank Eskin wrote:
>I've been using the CRYPT function, but it seems I can
>only encrypt strings of eight characters or less, since longer
>strings with the same first eight characters
>will return the same encrypted string even if they are
>different strings.  Is there a way to encrypt longer
>strings?  I've read the docs, and didn't see anything
>about this limitation.


I assume you mean ENCRYPT(), not CRYPT().

This is a function of the way the underlying crypt() system call works.

>C Library Functions                                     crypt(3C)
>
>NAME
>     crypt - string encoding function
>
>SYNOPSIS
>     #include <unistd.h>
>
>     char *crypt (const char *key, const char *salt);
>
>DESCRIPTION
>     The crypt() function is a  string  encoding  function,  used
>     primarily for password encryption.  It is based on a one-way
>     encryption algorithm with variations intended  (among  other
>     things)  to  frustrate  use of hardware implementations of a
>     key search.
>
>     The key argument points to a string to be encoded (for exam-
>     ple,  the user's password.)  Only the first eight characters
>     are used; the rest are ignored. The salt is a  two-character
>     string  chosen  from  the set [a-zA-Z0-9./].  This string is
>     used to perturb the hashing algorithm in one  of  4096  dif-
>     ferent ways...

At least, that's how it works on Solaris.  It might behave differently
on other systems (for instance, the crypt() manpage on HP-UX 9.05
doesn't mention anything about an 8-char limitation.  Since the behavior
of MySQL ENCRYPT() is tied to the behavior of the underlying system call,
it's difficult to document how it works for all systems.

--
Paul DuBois, paul@stripped
Northern League Chronicles: http://www.snake.net/nl/
Madison Black Wolf: http://www.primate.wisc.edu/people/dubois/blackwolf/
Thread
Crypt Limitation?Hank Eskin13 Mar
  • Re: Crypt Limitation?Paul DuBois13 Mar
    • Re: Crypt Limitation?Michael Widenius15 Mar
  • No Reply from your side!! Waiting for your reply!!!Murugavel6 Mar
  • Re: No Reply from your side!! Waiting for your reply!!!gerald_clark6 Mar