I am porting some c code from Linux to Mac OSX (yosemite). The crypt () function for Mac OSX (which in unistd.h as I defined) is not the same as in gcc / gnu on Linux. I have test programs on Linux and Mac OSX, and the c-library crypt () function displays a string with 34 characters if you show the result using printf. The same code on Mac OSX only displays line 13 char. A little research shows that the difference seems to be a subroutine of the crypt () Linux library, generating a hash from longer vectors on the gnu / gcc side of Linux, using possibly a different encryption algorithm. Some information also suggests that the crypt () c-library () function for Mac OS X Apple uses only DES to encrypt the original string plus salt. I want my test code to produce the same results on Linux and Mac OSX platforms.
Is there a proper crypt () function for Apple Mac OSX, an isometric version of gnu / gcc Linux, perhaps in some open source encryption library?
Or is there a crypt (3) grypt / gcc equivalent feature available for Apple Mac OSX somewhere in the Mac OSX development tools? (I am very new to Mac OSX). I am using the clang compiler, part of the Xcode material downloaded from Apple for Yosemite 10.10.5, and I assume that I am not the first person to come across this anomaly. Thanx for any information.
Oh. just edit it a bit: Apple MacOSX uses the DES algorithm, hence the result of 13-char when checking the hash. Gnu / gcc uses the MD5 algorithm, hence the 34-char hash result. This is explained here: http://www.gnu.org/savannah-checkouts/gnu/libc/manual/html_node/crypt.html#crypt Then my subtle question; is there an equivalent crypt (3) function for Mac OSX that uses MD5 (or SHA512) instead of DES?
(*** 2nd edit Note: this becomes interesting. DES is bad, but can MD5 be cracked in Kali Linux using "hashcat"? The recommendation is to go to SHA512, apparently. Details on academic testing / verification re. MD5 cracking here: https://uwnthesis.wordpress.com/2013/08/07/kali-how-to-crack-passwords-using-hashcat/ However, my question remains. Is there an MD5 crypt function ( 3) for Mac OSX somewhere? Thanks.)
(Sorry, my rank of ignorance of the protocol. Mac OS X LLVM / gcc based on crypt () fuction is a borked junk, hardwired to use only DES, a valid cold-hiding hash, worse than MD5. (Call it a solo line like $ 6 $, and you will return to char 13 DES hashes. Incredible!) I have found many methods for correctly creating password hashes (ie MD5 and SHA512) on Linux platforms (perl, python, etc.). They usually use either the "crypt" lib ( the same one you use on gcc on Linux) or “passlib” for python, but my MacBook, just upgraded to Yosemite 10.10.5, doesn't even have “passlib”! (In my older Fedora box, otaet Python 2.5.1, the current field CentOS launches Python 2.6.6 Robust MacBook shows Python 2.7.10 using "python --version" command I found this excellent post on the site "ServerFault":.. https://serverfault.com / questions / 330069 / how-to-create-an-sha-512-hashed-password-for-shadow? newreg = df160746fbcd47878d600cbe76ec8b7f
The first python and perl scripts work on Linux because they use glibc crypt (), I suppose, but no "passlib.hash" seems to exist anywhere, Linux or Mac OS X.
How the hell can I create a decent password hash for this MacBook thing? I am a Mac OS X noob, and since I have confirmed that Apple uses SHA512 password hashes in its .plist files, I am sure that this function must exist somewhere on this strange (but beautiful) piece of foreign hardware. In case you are interested, you can enter this to see your "ShadowHashData" on Yosemite, from the cmd line in the terminal: (sorry, forgot the link for this, found that it is looking for the last end, really useful)
sudo defaults read /var/db/dslocal/nodes/Default/users/<yourusername>.plist ShadowHashData | tr -dc 0-9a-f | xxd -r -p | plutil -convert xml1 - -o -
So, it looks like Darwin / Yosemite uses ok encryption. I have read Apple's documentation on files with shared cryptographic code, but there is little information on how to configure gcc to actually point to the library containing this critical stuff. When I determine how to do this, I will post the answer here.