Cant get password hash via openssl in c same format as crypt, mkpasswd or openssl via cmdline
Question
I need to create a hashed password via the openssl lib in C. Unfortunately, I'm not able to get the expected result
This is the code I`m using:
unsigned char hash[SHA256_DIGEST_LENGTH];
SHA256_CTX sha256;
SHA256_Init(&sha256);
SHA256_Update(&sha256, "xxx", 3);
SHA256_Update(&sha256, "11111111", 8);
SHA256_Final(hash, &sha256);
for(int i = 0; i < SHA256_DIGEST_LENGTH; i++)
{
printf("%02x", hash[i]);
}
The output will be
57b2e9dd7f27e02ce026c1a40c7685b4658c2dff55e3a9de93186e545d1c4af1
but i expected
EDgBhRzUlXHcobBLtDfoWalyRFoSMnO1/q.s10aKSY7
since this is the output the crypt lib will produce as well as mkpasswd or openssl via shell.
See:
mkpasswd -m sha-256 --salt=11111111 xxx
$5$11111111$EDgBhRzUlXHcobBLtDfoWalyRFoSMnO1/q.s10aKSY7
or
openssl passwd -5 -salt 11111111 xxx
$5$11111111$EDgBhRzUlXHcobBLtDfoWalyRFoSMnO1/q.s10aKSY7
or
printf("%s\n", crypt("xxx", "$5$11111111"));
// also prints $5$11111111$EDgBhRzUlXHcobBLtDfoWalyRFoSMnO1/q.s10aKSY7
I need to get this working with the openssl lib. Am I completely wrong with creating the hash and salt, or is this just a dump formatting issue?
1 answers
solution1
1 ACCPTED 2018-10-08 10:16:24
The algorithm is not just a simple SHA256 hash.
As reference the OpenSSL implementation can be found on github (shacrypt(...)).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.