List:General Discussion« Previous MessageNext Message »
From:Paul DuBois Date:March 13 1999 2:10pm
Subject:Re: Crypt Limitation?
View as plain text  
At 7:39 AM -0600 3/13/1999, Hank Eskin wrote:
>I've been using the CRYPT function, but it seems I can
>only encrypt strings of eight characters or less, since longer
>strings with the same first eight characters
>will return the same encrypted string even if they are
>different strings.  Is there a way to encrypt longer
>strings?  I've read the docs, and didn't see anything
>about this limitation.

I assume you mean ENCRYPT(), not CRYPT().

This is a function of the way the underlying crypt() system call works.

>C Library Functions                                     crypt(3C)
>     crypt - string encoding function
>     #include <unistd.h>
>     char *crypt (const char *key, const char *salt);
>     The crypt() function is a  string  encoding  function,  used
>     primarily for password encryption.  It is based on a one-way
>     encryption algorithm with variations intended  (among  other
>     things)  to  frustrate  use of hardware implementations of a
>     key search.
>     The key argument points to a string to be encoded (for exam-
>     ple,  the user's password.)  Only the first eight characters
>     are used; the rest are ignored. The salt is a  two-character
>     string  chosen  from  the set [a-zA-Z0-9./].  This string is
>     used to perturb the hashing algorithm in one  of  4096  dif-
>     ferent ways...

At least, that's how it works on Solaris.  It might behave differently
on other systems (for instance, the crypt() manpage on HP-UX 9.05
doesn't mention anything about an 8-char limitation.  Since the behavior
of MySQL ENCRYPT() is tied to the behavior of the underlying system call,
it's difficult to document how it works for all systems.

Paul DuBois, paul@stripped
Northern League Chronicles:
Madison Black Wolf:
Crypt Limitation?Hank Eskin13 Mar
  • Re: Crypt Limitation?Paul DuBois13 Mar
    • Re: Crypt Limitation?Michael Widenius15 Mar
  • No Reply from your side!! Waiting for your reply!!!Murugavel6 Mar
  • Re: No Reply from your side!! Waiting for your reply!!!gerald_clark6 Mar