Crypting with MD5

Similar Messages

• Migration Users with MD5 Passwords to Directory Server 6.1 on Solaris 10

  Hi,
  We are currently in a requirement of migrating some users to a application database to inside LDAP. Currently Application maintained the passwords in the MD5 hash form. Typical 32 digit Hex value - 41da76f0fc3ec62a6939e634bfb6a342
  Is there a way we can migrate these Users password to directory Server as-is so that they don't end up facing the prospect of resetting post migration.
  I have done some of the initial ground work but seems to be missing other critical info if at all it's possible.
  I believe it's possible to have CRYPT password policy (which directory server uses from underlying OS) as one of the plug-ins to configure in a way that underlying CRYPT utility starts to process/provide/support MD5 hashes. I got it to work, my using the below command on DSEE instance:
  dsconf set-plugin-prop -p 389 CRYPT argument:'$md5$'
  But for some reasons the MD5 hash (Sun MD5 library) provides does not match with the original hash value. It's 22 char long (as I have not specified any salt length) so I am assuming it's Base64 encoded. I have a perl script which converts the original 32-digit hex values to a base64 encoded representation (which I have also verified with other open source tools)
  Is there a way I can tweak CRYPT utility or something so that it understands typical standard MD5 hashes. (Confused between Sun MD5 and BSD (Linux) MD5 - none of them seems to match standard MD5 generated value).
  Any leads on this would be really helpful ?

  Just to reclarify or throw more information:
  a password - cleartext value - testuser1 has 32-digit HEX value as - 41da76f0fc3ec62a6939e634bfb6a342
  Same password when converted to Base64 pattern becomes - Qdp28Pw+xippOeY0v7ajQg==
  But when I use pwdhash utility in DSE after configuring CRYPT to use MD5 hashes it becomes -
  {crypt}$md5$$LiB/H70zXr3xfQPoXVuUQ1
  I used below command :
  pwdhash -D /opt/SUNWdsee/dsee6/ds6/slapd-oha-dev -s CRYPT testuser1
  Actual hash value of pwdhash is -LiB/H70zXr3xfQPoXVuUQ1 with rest of the prefix is to meet RFC standard and salt and algo name separator.
  I am wondering if Sun MD5 default uses any salt even when I haven't used or DS does it. Or if any other MD5 option is there which can be used.
  Thanks,
  Gaurav

• LDAP authentication with MD5 passwords

  Hi,
  in one of our Linux servers we have MD5 passwords stored in /etc/shadow. We want to implement pam_ldap on that machine, and move passwords to an LDAP database.
  I know it is to be done with {crypt} storage scheme.
  This works with DS 5.2 running on a Linux box, but under Solaris 8 I couldn't get it working. I know that Solaris 8 doesn't support MD5 passwords in its crypt(3) function, and I suppose Directory Server uses that. Somewhere I read that, however crypt() in Solaris 9 does support MD5.
  Can you confirm that after upgrading to Solaris 9, authentication with MD5-hashed passwords will be possible? Has anyone tried it?
  Thanks in advance,
  Kristof

  Thanks you for your reply.
  Our openldap version is openldap-2.3.39
  And all passwords are encrypted with : Base 64 encoded md5
  Below is a sample password:
  {md5}2FeO34RYzgb7xbt2pYxcpA==Thanks again for any help..

• My internet provider use 802.1x profile with MD5 protocol.

  I want to make wireless net at home with Air port Extreme. With it I cannot connect to the internet. My provider use verification 802.1x with MD5 protocol. I was trying to make new profile with iPCU (iPhone Configuration Utility) but found that now MD5 is not supporting.
  How I can connect the Air port Extreme?

  Unfortunately but I did not found in the article how to configure profile.
  Before in Mac OS Snow Leopard or earlier it was possible to choose authentication type: TTLS, EAP, TLS, EAP-FAST, LEAP, MD5.
  At the present moment in the iPCU (iPhone configuration utility) it is possible to choose: TLS, TTLS, LEAP, PEAP, EAP-FAST, EAP-SIM.
  In the manual for iOS 5 it is written that in the new OS MD5 protocol is not supported.
  Does it mean that I cannot connect to the local provider?

• Dm-crypt with LUKS and systemd changes

  I am planning on setting up an FSE using dm-crypt with LUKS and have just completed the secure wipe process using frandom. To avoid major pitfalls with the next step and confusion with outdated guides I was wondering if anyone can shed some light on dm-crypt with LUKS in regard to changes from systemd.
  Specifically I am looking to partition using LVM and have a key-file. This is more complex than using a standard paritions and password-only setup.
  Reading the discussion on the archwiki page for dm-crypt with LUKS it states at the bottom:
  systemd requires lvm-on-cryptdevice.service active in order to open LVMs on cryptdevices that are not the root partition (which is handled by the initrd).
  What does this mean in the scope of my desired setup and are there any more major changes on the dm-crypt process brought about by systemd? Thank you for the support.

  Thanks for the help so far. I decided against using a keyfile and tailored a set of instructions for my goal (LVM on LUKS, passphrase, non-efi). Is this procedure correct?
  Partitioning
  # cfdisk
            -sda1   -   Boot   -   Primary   -    Linux   -   200 (MB)
            -sda2   -             -   Primary   -    Linux   -
  Load the encryption module
  # modprobe dm-mod
  Configuring LUKS and formating paritions with a passphrase
  Format LUKS
  # cryptsetup -h SHA512 -i 5000 -c aes-xts-plain -y -s 512 luksFormat /dev/sda2
  Check results
  # cryptsetup luksDump /dev/sda2
  Unlocking/Mapping LUKS Partitions with the Device Mapper
  # cryptsetup luksOpen /dev/sda2 lvm
  Initialize physical volume
  # lvm pvcreate /dev/mapper/lvm
  Create volume group
  # lvm vgcreate vgroup /dev/mapper/lvm
  Add logical volumes to volume group
  # lvm lvcreate -L 20G -n root vgroup
  # lvm lvcreate -l 100%FREE -n home vgroup
  Make filesystems and mount partitions
  # mkfs.ext4 /dev/mapper/vgroup-root
  # mount /dev/mapper/vgroup-root /mnt
  # mkfs.ext4 /dev/mapper/vgroup-home
  # mkdir /mnt/home
  # mount /dev/mapper/vgroup-home /mnt/home
  # mkfs.ext2 /dev/sda1
  # mkdir /mnt/boot
  # mount /dev/sda1 /mnt/boot
  Backup cryptheader
  # cryptsetup luksHeaderBackup /dev/sda2 --header-backup-file /mnt/<backup>/<file>.img
  Create an initial ramdisk environment
  # nano /etc/mkinitcpio.conf
  HOOKS="base udev autodetect block encrypt lvm2 filesystems shutdown"
  # mkinitcpio -p linux
  Syslinux
  # pacman -S syslinux
  # syslinux-install_update -i -a -m
  Configure syslinux.cfg to point to the right root partition
  # nano /boot/syslinux/syslinux.cfg
  LABEL arch
          APPEND root=/dev/mapper/vgroup-root cryptdevice=/dev/sda2:vgroup ro
  Last edited by Divinorum (2013-01-22 16:02:13)

• Encrypt electronic billing chain with MD5-RSA 1024 for Mexico rules

  Hi,
  I'm working in a task to create electronic billing for Mexico Rules, to do this; I need to use programs that will encrypt the source information.
  For this reason, I'm looking how to use the method RSA with MD5 Encryption 1024 in some information that is stored in an Oracle Data Base.
  All this is for the new legislations rules in Mexico to use electronic billing.
  Please, if you have any reference about this, let me know.
  Thanks and regards.

  Hi Justin,
  Tks for you answer.
  Look, there are 2 steps where I’m working:
  1. - First I need to use the MD5 to sign the original source chain that contains all the information of the electronic billing; then after obtain the sign,
  2. - I need to encrypt the data using the encryption algorithm RSA of 1024 bits.
  All this is the complement to give a valid electronic billing.
  I will review the package that you mentioned, but if you have any other reference about this I will appreciate it.
  Regards.

• Solaris 10 openldap authentication with md5 passwords

  Hello to everyone,
  We are trying to enable ldap authentication with pam_ldap and md5 passwords on a Solaris 10 system to an openldap server. If passwords are stored using crypt, everything works correctly. But if the password in openldap is in md5, then authentication fails.
  We have installed openldap client along with pam_ldap and nss_ldap from padl (http://www.padl.com/pam_ldap.html)
  The error messages when trying to 'su -' to the ldap user are:
  Jun  1 18:35:23 servername su: [ID 896952 auth.debug] pam_unix_auth: entering pam_sm_authenticate()
  Jun  1 18:35:23 servername su: [ID 810491 auth.crit] 'su ldapuser' failed for mike on /dev/pts/4and for ssh:
  Jun  1 18:35:54 servername sshd[14197]: [ID 896952 auth.debug] pam_unix_auth: entering pam_sm_authenticate()
  Jun  1 18:35:54 servername sshd[14191]: [ID 800047 auth.error] error: PAM: Authentication failed for ldapuser from pc7395.sa.example.int
  Jun  1 18:36:00 servername sshd[14224]: [ID 896952 auth.debug] pam_unix_auth: entering pam_sm_authenticate()
  Jun  1 18:36:00 servername sshd[14191]: [ID 800047 auth.error] error: PAM: Authentication failed for ldapuser from pc7395.sa.example.int
  Jun  1 18:36:02 servername sshd[14278]: [ID 800047 auth.info] Accepted publickey for scponly from 10.24.4.52 port 35390 ssh2
  Jun  1 18:36:04 servername sshd[14270]: [ID 896952 auth.debug] pam_unix_auth: entering pam_sm_authenticate()
  Jun  1 18:36:04 servername sshd[14191]: [ID 800047 auth.error] error: PAM: Authentication failed for ldapuser from pc7395.sa.example.int
  Jun  1 18:36:04 servername sshd[14191]: [ID 800047 auth.info] Failed keyboard-interactive/pam for ldapuser from 192.168.1.25 port 41075 ssh2
  Jun  1 18:36:08 servername sshd[14191]: [ID 896952 auth.debug] pam_unix_auth: entering pam_sm_authenticate()
  Jun  1 18:36:08 servername sshd[14191]: [ID 800047 auth.info] Failed password for ldapuser from 192.168.1.25 port 41075 ssh2
  Jun  1 18:36:12 servername sshd[14191]: [ID 896952 auth.debug] pam_unix_auth: entering pam_sm_authenticate()
  Jun  1 18:36:12 servername sshd[14191]: [ID 800047 auth.info] Failed password for ldapuser from 192.168.1.25 port 41075 ssh2
  Jun  1 18:36:17 servername sshd[14191]: [ID 896952 auth.debug] pam_unix_auth: entering pam_sm_authenticate()
  Jun  1 18:36:17 servername sshd[14191]: [ID 800047 auth.info] Failed password for ldapuser from 192.168.1.25 port 41075 ssh2Below are the configuration files (pam.conf, nsswitch.conf, ldap.conf) and anything else that I imagine could help (comments of the files have been removed).
  Please feel free to ask for any other configuration file:
  */etc/pam.conf*
  login   auth requisite        pam_authtok_get.so.1
  login   auth required         pam_dhkeys.so.1
  login   auth required         pam_unix_cred.so.1
  login   auth required         pam_dial_auth.so.1
  login   auth sufficient       pam_unix_auth.so.1  server_policy debug
  login   auth required           /usr/lib/security/pam_ldap.so.1 debug
  rlogin auth sufficient       pam_rhosts_auth.so.1
  rlogin auth requisite        pam_authtok_get.so.1
  rlogin auth required         pam_dhkeys.so.1
  rlogin auth required         pam_unix_cred.so.1
  rlogin  auth required          pam_unix_auth.so.1 use_first_pass
  rsh    auth sufficient       pam_rhosts_auth.so.1
  rsh    auth required         pam_unix_cred.so.1
  rsh    auth required         pam_unix_auth.so.1
  ppp     auth requisite        pam_authtok_get.so.1
  ppp     auth required         pam_dhkeys.so.1
  ppp     auth required         pam_dial_auth.so.1
  ppp     auth sufficient       pam_unix_auth.so.1 server_policy
  other   auth sufficient         /usr/lib/security/pam_ldap.so.1 debug
  other   auth required           pam_unix_auth.so.1 use_first_pass debug
  passwd  auth sufficient          pam_passwd_auth.so.1 server_policy
  passwd  auth required           /usr/lib/security/pam_ldap.so.1 debug
  cron    account required      pam_unix_account.so.1
  other   account requisite     pam_roles.so.1
  other   account sufficient       pam_unix_account.so.1 server_policy
  other   account required        /usr/lib/security/pam_ldap.so.1 debug
  other   session required      pam_unix_session.so.1
  other   password required     pam_dhkeys.so.1
  other   password requisite    pam_authtok_get.so.1
  other   password requisite    pam_authtok_check.so.1
  other   password required     pam_authtok_store.so.1 server_policy*/etc/ldap.conf*
  base ou=users,ou=Example,dc=staff,dc=example
  ldap_version 3
  scope sub
  pam_groupdn [email protected],ou=groups,ou=Example,dc=staff,dc=example
  pam_member_attribute memberUid
  nss_map_attribute uid displayName
  nss_map_attribute cn sn
  pam_password_prohibit_message Please visit https://changepass.exapmle.int/ to change your password.
  uri ldap://ldapserver01/
  ssl no
  bind_timelimit 1
  bind_policy soft
  timelimit 10
  nss_reconnect_tries 3
  host klnsds01
  nss_base_group         ou=system_groups,ou=Example,dc=staff,dc=example?sub
  pam_password md5*/etc/nsswitch.conf*
  passwd:     files ldap
  group:      files ldap
  hosts:      files dns
  ipnodes:   files dns
  networks:   files
  protocols:  files
  rpc:        files
  ethers:     files
  netmasks:   files
  bootparams: files
  publickey:  files
  netgroup:   files
  automount:  files
  aliases:    files
  services:   files
  printers:       user files
  auth_attr:  files
  prof_attr:  files
  project:    files
  tnrhtp:     files
  tnrhdb:     files*/etc/security/policy.conf*
  AUTHS_GRANTED=solaris.device.cdrw
  PROFS_GRANTED=Basic Solaris User
  CRYPT_ALGORITHMS_DEPRECATE=__unix__
  LOCK_AFTER_RETRIES=YES
  CRYPT_ALGORITHMS_ALLOW=1,2a,md5
  CRYPT_DEFAULT=1Thanks in advance for any response...!!

  Thanks you for your reply.
  Our openldap version is openldap-2.3.39
  And all passwords are encrypted with : Base 64 encoded md5
  Below is a sample password:
  {md5}2FeO34RYzgb7xbt2pYxcpA==Thanks again for any help..

• How do i get my registration form to post with MD5

  Hi
  I have a registration form which posts to my, mysql database via this code:
  <?php
  define('DB_NAME','');
  define('DB_USER','');
  define('DB_PASSWORD','');
  define('DB_HOST','');
  define('DB_TABLE','user00');
  $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_TABLE);
  if (!$link){
            die ('Could not connect: ' . mysql_error());
  $db_selected = mysql_select_db(DB_NAME, $link);
  if (!$db_selected) {
            die('can\'t use' . DB_NAME . ': ' . mysql_error());
  $value1 = $_POST['Name'];
  $value2 = $_POST['EmailAddress'];
  $value3 = $_POST['Username'];
  $value4 = $_POST['Password'];
  $sql = "INSERT INTO user00 (Name, EmailAddress, Username, Password) VALUES ('$value1', '$value2', '$value3', '$value4')";
  echo 'connected successfully';
  if (!mysql_query($sql)){
            die('Error: ' . mysql_error());
  mysql_close();
  ?>
  The code works fine but i have just noticed that I have missed out the MD5 encryption that I want the password format to be in within the database.
  Any help would be appreaciated.

  AFAIK GoDaddy scripts do not provide support for anti-spam measures.  I'm pretty sure you would need to use a custom or 3rd party script.
  Or is there a better way to protect my form from spam bots?
  Yes.  IMO Captchas are not user friendly and should be used only as a last resort.
  The hidden Field Trick - Feeding an automated bot a field hidden with CSS. If it contains anything the message is deleted or flagged as spam.
  Form Timer - If the form is submitted too quickly (automated submission), it is deleted or marked as spam.
  See Formailer.php from DB Masters
  http://www.dbmasters.net/node/18
  Nancy O.
  Alt-Web Design & Publishing
  Web | Graphics | Print | Media  Specialists
  http://alt-web.com/
  http://twitter.com/altweb

• Logging in with md5 passwords.

  Hi,
  How is it possible to allow users to login when their passwords, have been encrypted into md5?
  Thank you.

  You encrypt the submitted value and compare it to the stored value.
  The way I do this with the Dreamweaver Log In User server behavior is to add this at the top of the login page:
  if (isset($_POST['password'])) {
    $_POST['password'] = md5($_POST['password']);

• Help with md5

  Hi, I have successfully added md5 to my membership join page
  and the password is encrypted in my database table. However, it
  does not go to the member page when successful. It adds all the
  data that was filled out in the form into the database table and
  then returns with the membership join page again but with the form
  empty. Here is my script.
  <?php require_once('Connections/member.php'); ?>
  <?php
  // *** Redirect if username exists
  $MM_flag="MM_insert";
  if (isset($_POST[$MM_flag])) {
  $MM_dupKeyRedirect="choose_another_username.php";
  $loginUsername = $_POST['username'];
  $LoginRS__query = "SELECT loginname FROM member WHERE
  loginname='" . $loginUsername . "'";
  mysql_select_db($database_member, $member);
  $LoginRS=mysql_query($LoginRS__query, $member) or
  die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  //if there is a row in the database, the username was found
  - can not add the requested username
  if($loginFoundUser){
  $MM_qsChar = "?";
  //append the username to the redirect page
  if (substr_count($MM_dupKeyRedirect,"?") >=1) $MM_qsChar
  = "&";
  $MM_dupKeyRedirect = $MM_dupKeyRedirect . $MM_qsChar
  ."requsername=".$loginUsername;
  header ("Location: $MM_dupKeyRedirect");
  exit;
  if (isset($_POST['password'])) {$_POST['password'] =
  md5($_POST['password']);}
  function GetSQLValueString($theValue, $theType,
  $theDefinedValue = "", $theNotDefinedValue = "")
  $theValue = (!get_magic_quotes_gpc()) ?
  addslashes($theValue) : $theValue;
  switch ($theType) {
  case "text":
  $theValue = ($theValue != "") ? "'" . $theValue . "'" :
  "NULL";
  break;
  case "long":
  case "int":
  $theValue = ($theValue != "") ? intval($theValue) : "NULL";
  break;
  case "double":
  $theValue = ($theValue != "") ? "'" . doubleval($theValue) .
  "'" : "NULL";
  break;
  case "date":
  $theValue = ($theValue != "") ? "'" . $theValue . "'" :
  "NULL";
  break;
  case "defined":
  $theValue = ($theValue != "") ? $theDefinedValue :
  $theNotDefinedValue;
  break;
  return $theValue;
  $editFormAction = $_SERVER['PHP_SELF'];
  if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" .
  htmlentities($_SERVER['QUERY_STRING']);
  if ((isset($_POST["MM_insert"])) &&
  ($_POST["MM_insert"] == "newuser")) {
  $insertSQL = sprintf("INSERT INTO member (loginname,
  password, lastname, firstname, street, suburb, `state`, postcode,
  email, phone, newsletter, changenotes) VALUES (%s, %s, %s, %s, %s,
  %s, %s, %s, %s, %s, %s, %s)",
  GetSQLValueString($_POST['username'], "text"),
  GetSQLValueString($_POST['password'], "text"),
  GetSQLValueString($_POST['lastname'], "text"),
  GetSQLValueString($_POST['firstname'], "text"),
  GetSQLValueString($_POST['street'], "text"),
  GetSQLValueString($_POST['suburb'], "text"),
  GetSQLValueString($_POST['select'], "text"),
  GetSQLValueString($_POST['postcode'], "int"),
  GetSQLValueString($_POST['email'], "text"),
  GetSQLValueString($_POST['phone'], "int"),
  GetSQLValueString(isset($_POST['subscribeyes']) ? "true" :
  "", "defined","'Y'","'N'"),
  GetSQLValueString(isset($_POST['changeyes']) ? "true" : "",
  "defined","'Y'","'N'"));
  mysql_select_db($database_member, $member);
  $Result1 = mysql_query($insertSQL, $member) or
  die(mysql_error());
  $insertGoTo = "members_home.php";
  if (isset($_SERVER['QUERY_STRING'])) {
  $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
  $insertGoTo .= $_SERVER['QUERY_STRING'];
  header(sprintf("Location: %s", $insertGoTo));
  ?>
  I am also trying to add md5 to the loginpage but without
  success. I have been told what to add but I am unsure where to add
  or what to modify to make it work. Your help on both matters would
  be awesome. Here is the md5 addition that I was given
  if (isset($_POST['password'])) {$_POST['password'] =
  md5($_POST['password']);}
  Here is my login script
  <?php require_once('Connections/member.php'); ?>
  <?php
  // *** Validate request to login to this site.
  if (!isset($_SESSION)) {
  session_start();
  $loginFormAction = $_SERVER['PHP_SELF'];
  if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
  if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  if (isset($_POST['password'])) {$_POST['password'] =
  md5($_POST['password']);}
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "members_home.php";
  $MM_redirectLoginFailed = "failed_login.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_member, $member);
  $LoginRS__query=sprintf("SELECT loginname, password FROM
  member WHERE loginname='%s' AND password='%s'",
  get_magic_quotes_gpc() ? $loginUsername :
  addslashes($loginUsername), get_magic_quotes_gpc() ? $password :
  addslashes($password));
  $LoginRS = mysql_query($LoginRS__query, $member) or
  die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
  $loginStrGroup = "";
  //declare two session variables and assign them
  $_SESSION['MM_Username'] = $loginUsername;
  $_SESSION['MM_UserGroup'] = $loginStrGroup;
  if (isset($_SESSION['PrevUrl']) && false) {
  $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
  header("Location: " . $MM_redirectLoginSuccess );
  else {
  header("Location: ". $MM_redirectLoginFailed );
  ?>
  Thanks everyone, I am a PHP nuffie and I really appreciate
  all the help!

  Shedlight wrote:
  > Hi, I have successfully added md5 to my membership join
  page and the password
  > is encrypted in my database table. However, it does not
  go to the member page
  > when successful.
  Does the member's page (members_home.php) have the Restrict
  Access to
  Page server behavior applied to it? If so, that's why the
  page doesn't
  load after registering a new user. The user needs to log in
  first.
  > I am also trying to add md5 to the loginpage but without
  success.
  The position of the md5 addition is OK, but the following
  section of
  code looks suspect:
  > $LoginRS__query=sprintf("SELECT loginname, password FROM
  member WHERE
  > loginname='%s' AND password='%s'",
  > get_magic_quotes_gpc() ? $loginUsername :
  addslashes($loginUsername),
  > get_magic_quotes_gpc() ? $password :
  addslashes($password));
  It looks as though you're using an outdated version of
  Dreamweaver.
  Apply any updaters, and build the page again.
  David Powers, Adobe Community Expert
  Author, "The Essential Guide to Dreamweaver CS3" (friends of
  ED)
  Author, "PHP Solutions" (friends of ED)
  http://foundationphp.com/

• How to get MessageDigest intance with MD5 algorithm

  Hi,
  When i try to get MessageDigest instance of MD5 algorithm the error 3 (no such algorithm) is returned.
  mD = MessageDigest.getInstance(MessageDigest.ALG_MD5, false);
  How can I do?
  Edited by: user9378729 on 4 avr. 2011 06:30

  From the Javadoc for JC2.2.2:
  Throws
  CryptoException with the following reason codes:
  CryptoException.NO_SUCH_ALGORITHM if the requested algorithm or shared access mode is not supported.Set the second parameter to "false" so that you don't request shared access mode to your digest object.
  EDIT: I missed that you already do that.
  Are you using a simulator?
  Adriaan
  Edited by: 797894 on Apr 4, 2011 7:55 AM

• Java Card simulator with MD5 MessageDigest support?

  Are there any Java Card simulators with support for the MD5 MessageDigest available? I checked both cref and jcwde, but they only support ALG_SHA.

  Thanks.
  By the way, do you happen to know if the newer JCOP cards (e.g. the NXP (Philips) JCOP 41 V2.2.1/72K USB
  NXP (Philips) JCOP 41 V2.2.1/72K) still support the MD5 MessageDigest? Older JCOP cards seem to support MD5, but at least in the publicly available JCOP 41 specs there is no mention of MD5 anymore; e.g. at http://www.bsi.bund.de/zertifiz/zert/reporte/0426b.pdf

• Encrypting String with MD5, then storing as String

  Hello.
  I believe I have a way to do this but I want to verify that:
  1) It is doing the action that I want
  2) There is no easier/simpler way with less lines
  What I am looking to do is take a String that is passed to the method, encrypt it using MD5 algorithm, and then store the result back into String form.
  In the following code encyptedPassword is the String to-be encrypted and this.encryptedPassword is the String for where I would like to save the result.
  try
              MessageDigest md=MessageDigest.getInstance("MD5");
              md.reset();
              md.update(encryptedPassword.getBytes());
              byte raw[]=md.digest();
              for(int x=0; x<raw.length;x++)
                  this.encryptedPassword+=(char)raw[x];
          catch(NoSuchAlgorithmException e)
              e.printStackTrace();
          }

  You will have to hex-encode or base-64-encode the encrypted data. String is not a container for binary data, and encrypted data is binary data.

• [SOLVED] dm-crypt with LUKS, questions about Pam mount

  Hello archers,
  recently i switched to an encrypted home partition on my laptop.
  /dev/sdb2 has been encrypted with
  cryptsetup options luksFormat /dev/sdb2
  After booting i login as root, and do the following:
  cryptsetup --allow-discards luksOpen /dev/sdb2 home
  mount -o defaults,nodev,nosuid,noatime,discard /dev/mapper/home /home
  I want to use pam_mount to automate the luksOpen and mount commands when i login as user.
  The wiki says
  archwiki wrote:It is probably necessary to change both /etc/pam.d/login and the file for your display manager [...]
  As the wiki does not say how to change the login file, and i do not use a login manager, i am a bit lost here.
  Also i do not know where to add the --allow-discards option.
  What i have done so far:
  * changed my users password to be identical to the luks passphrase
  * edited /etc/security pam_mount.conf.xml as by the wiki
  (* encrypted the partition)
  If you have already done this, your comments are much appreciated.
  Last edited by teateawhy (2013-10-02 14:46:33)

  vacant wrote:
  Strike0 wrote:Is there a specific reason you want to do it via pam-mount and not the normal way to let it automount via crypttab?
  I'm not the only user on my old laptop so I don't want it stopping to ask for a passphrase if someone else switches it on. Also, I leave it around running transmission overnight, downloading to a shared multimedia directory. Using pam_mount, I can log out leaving my stuff encrypted (though as I said, the umount doesn't always work).
  Before when I was the only user, I used lvm on luks - single password to unlock everything on boot, so I didn't use crypttab then either.
  Without going in too much detail: pam-mount is user-specific, meaning it will mount something for that one specific user. The OP was about the entire /home partition, which usually holds all of the user directories. And when it comes to LUKS, once unmouned the partition is unaccessible, leaving it "hidden" from all other applications, including a possibly backgrounded transmission (there may be your reason why the unmount did not work sometimes - a partition, in general, cannot be unmounted while there are opened files there).
  -m.

• The md5-sparc cannot open a file with size 2GB

  Hi,
  I would need to check the integrity of the file with size > 2GB with md5-sparc but I still get the error message "error opening file". Is there an update of this program which can open the large files, too? I have tried to search on web but without success.
  Thanks a lot Milan

  digest -a md5 seems to work:
  bash-3.00$ ls -l sol-10-u3-ga-sparc-dvd.iso
  -rw-r--r--   1 root     root     4207411200 Apr  6  2007 sol-10-u3-ga-sparc-dvd.iso
  bash-3.00$ digest -a md5 sol-10-u3-ga-sparc-dvd.iso
  6d046d5d95ac1cce58e742abcdd35238
  bash-3.00$ cat /etc/release
                         Solaris 10 11/06 s10s_u3wos_10 SPARC
             Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.
                          Use is subject to license terms.
                             Assembled 14 November 2006