Joolz wrote:
[Marek Lewczuk schreef op 29-04-2004 09:31 +0100]
Joolz wrote:
Hi, I'm completely new to hashing, so please bear with me.
I want to store passwords in a pg db, MD5 seems like a good way to
enhance security (no more plaintext passwords over the line etc.) I
had a look at MD5, in PHP 4.3.4 there is a function md5() which seems
to work nicely:
echo md5('apple');
returns ae6d32585ecc4d33cb8cd68a047d8434 every time. Apart from the
PHP frontend, I also want to be able to use the same algorithm in
native pg. I found that postgresql-contrib-7.3.4 has a function
crypt() which I expected to work the same. However:
select crypt('apple', gen_salt('md5'));
gives values different from the PHP md5() function, and moreover,
they're different each time. Can anyone please tell me what I should
do to get the same result in native pg as in PHP?
Thanks!
I whould suggest to update PG to version 7.4, where there is built-in
MD5 function.
Thanks, I already found some fc1 rpm's (still in development). But can
anyone tell me if the 7.4 internal md5() function will do the same as
the PHP md5() function? Or do a quick select md5('apple') and let me
know if the result is 'ae6d32585ecc4d33cb8cd68a047d8434'?
I really wouldn't like to upgrade from my current stable situation,
only to find out that it didn't solve my original problem.
TIA!
OK, PHP
---------------------------------------------------
<?
echo md5('apple');
?>
---------------------------------------------------
produces
---------------------------------------------------
1f3870be274f6c49b3e31a0c6728957f
---------------------------------------------------
and postgres:
---------------------------------------------------
im_perf=# select version();
version
---------------------------------------------------------------------------------------------------------
PostgreSQL 7.4.2 on i686-pc-linux-gnu, compiled by GCC gcc (GCC) 3.3.2
20031022 (Red Hat Linux 3.3.2-1)
(1 row)
im_perf=# select md5('apple');
md5
----------------------------------
1f3870be274f6c49b3e31a0c6728957f
(1 row)
---------------------------------------------------
I have no idea why these two results dont agree with yours, but at least
they agree with each other. It is probasbly different library versions.
Nick
