Under Macintosh OS/X the crypt function doesn't support MD5.
Under Linux, php has a crypt() function which takes the md5 format (and blowfish). This will produce a hash of:
<<CRYPT MAGIC>> << 8 CHAR SALT>> $ <<HASHED PW>>
PHP supports DES under Mac OS/X (no blowfish, or MD5 crypt). Sites I've been to, have informed the developer to use a different algorithm and that it would solve their problem. I, alas, cannot use a different system. The passwords are stored in someone else's DB and I am forced to use the Linux PHP/Crypt/MD5 version.
I have tried the md5(), mcrypt (as much as i can understand it, I am not an encryption expert), mhash (MHASH_MD5) functions to no avail.
To explain what I am doing...
With PHP's crypt() on Linux:
1) look up the password for the user logging in (in a DB or file)
2) grab the salt for that password (it's created at random when the password is created): chars between '$1$' and '$' (8 characters)
3) take the user supplied password, run it through PHP's crypt with the same salt: crypt("foobar","$1$"."FpsaEXUM"."$")
3a) Result: $1$FpsaEXUM$rXsH1UzUs6w3vfik/wHGr.
With mhash:
base64_encode(mhash(MHASH_MD5, $mypassword, "$1$".$salt."$"));
Result: 6ZspEb5d0AMqo/RkSod8dw==
With mhash:
base64_encode(mhash_keygen_s2k(MHASH_MD5, $mypassword, "$1$".$salt."$", 16));
Result: blAOWSV9/hmRk/Z06IFQKA==
I've tried permutations of those without the "$1$"..."$" and still nothing. Even if the hash matched, and I would just add the "$1$"..."$" that would work. I've tried md5(), no luck.
Needless to say, the crypt() functions on the mac don't work. I obviously recompiled php to support mcrypt and mhash (and gd, unrelated issue), hoping that would solve the issue... no dice.
I am stuck here. And since it's linked to the login script, it's a show stopper from my end. So if there's any help... PLEASE PLEASE PLEASE!!!