A solution for user authentication using MD5 in Linux

Use the MD5 function in openssl, which returns 16 bytes of data of type unsigned char, each byte ranging from 0 to 255

It's formatted as base 106, which is a 32-bit md5 code. Note: 1 byte is 8 bits, which is exactly 2 bits in base 106.

Use the user name of the login client to get the salt value and the encrypted password from the Redis database, and then encrypt the password of the login client through salt, and

Compare passwords in the Redis database. The same validates, otherwise the validation fails.

Passwords in the Redis database are stored in password:salt

The user verification algorithm is as follows:

int user_authenticate(char *username, char *password)

{

salt salt_pw char * and * and * pw;

char buf [40].

char tmp [3] = {} '\ 0', md5_str [33] = {} '\ 0';

unsigned char md [16].

int i;

//get_salt_pw calls Redis database to get password:salt

salt_pw = get_salt_pw (db username);

pw = strtok (salt_pw, ":");

if (! pw) {

return 0;

}

salt = strtok (NULL, ":");

if (! salt) {

return 0;

}

strcpy (buf password);

strcat (buf salt);

MD5((const unsigned char*)buf, strlen(buf), md);

/ / transform to md5 string

for (i = 0; i < 16; i++){

02 x sprintf (tmp, "%", md [i]);

strcat (md5_str tmp);

}

//compare encode password using md5

if (strcmp ((char *) md5_str pw)) {

return 0;

}

return 1;

}

Note the use of the strtok function and the conversion of the 16-byte unsigned char to a 32-bit hexadecimal number.