126 lines
2.8 KiB
HTML
126 lines
2.8 KiB
HTML
<HTML>
|
|
<HEAD>
|
|
<TITLE>crypt(3)</TITLE>
|
|
</HEAD>
|
|
<BODY>
|
|
<H1>crypt(3)</H1>
|
|
<HR>
|
|
<PRE>
|
|
|
|
</PRE>
|
|
<H2>NAME</H2><PRE>
|
|
crypt - one-way password encryption function
|
|
|
|
|
|
</PRE>
|
|
<H2>SYNOPSIS</H2><PRE>
|
|
<STRONG>#define</STRONG> <STRONG>_MINIX_SOURCE</STRONG> <STRONG>1</STRONG>
|
|
<STRONG>#include</STRONG> <STRONG><unistd.h></STRONG>
|
|
|
|
<STRONG>char</STRONG> <STRONG>*crypt(const</STRONG> <STRONG>char</STRONG> <STRONG>*</STRONG><EM>key</EM><STRONG>,</STRONG> <STRONG>const</STRONG> <STRONG>char</STRONG> <STRONG>*</STRONG><EM>salt</EM><STRONG>)</STRONG>
|
|
|
|
|
|
</PRE>
|
|
<H2>DESCRIPTION</H2><PRE>
|
|
The first use of <STRONG>crypt()</STRONG> is to encrypt a password. Its second use is to
|
|
authenticate a shadow password. In both cases <STRONG>crypt()</STRONG> calls <STRONG><A HREF="../man8/pwdauth.8.html">pwdauth(8)</A></STRONG>
|
|
to do the real work.
|
|
|
|
<STRONG>Crypt()</STRONG> encrypts a password if called with a user typed key, and a salt
|
|
whose first two characters are in the set [./0-9A-Za-z]. The result is a
|
|
character string in the [./0-9A-Za-z] alphabet of which the first two
|
|
characters are equal to the salt, and the rest is the result of
|
|
encrypting the key and the salt.
|
|
|
|
If <STRONG>crypt()</STRONG> is called with a salt that has the form <STRONG>##</STRONG><EM>user</EM> then the key is
|
|
encrypted and compared to the encrypted password of <EM>user</EM> in the shadow
|
|
password file. If they are equal then <STRONG>crypt()</STRONG> returns the <STRONG>##</STRONG><EM>user</EM>
|
|
argument, if not then some other string is returned. This trick assures
|
|
that the normal way to authenticate a password still works:
|
|
|
|
if (strcmp(pw->pw_passwd, crypt(key, pw->pw_passwd))) ...
|
|
|
|
If <EM>key</EM> is a null string, and the shadow password is a null string or the
|
|
salt is a null string then the result equals <EM>salt</EM>. (This is because the
|
|
caller can't tell if a password field is empty in the shadow password
|
|
file.)
|
|
|
|
The key and salt are limited to 1024 bytes total including the null
|
|
bytes.
|
|
|
|
|
|
</PRE>
|
|
<H2>FILES</H2><PRE>
|
|
|
|
/usr/lib/pwdauth The password authentication program
|
|
|
|
|
|
</PRE>
|
|
<H2>SEE ALSO</H2><PRE>
|
|
<STRONG><A HREF="../man3/getpass.3.html">getpass(3)</A></STRONG>, <STRONG><A HREF="../man3/getpwent.3.html">getpwent(3)</A></STRONG>, <STRONG><A HREF="../man5/passwd.5.html">passwd(5)</A></STRONG>, <STRONG><A HREF="../man8/pwdauth.8.html">pwdauth(8)</A></STRONG>.
|
|
|
|
|
|
</PRE>
|
|
<H2>NOTES</H2><PRE>
|
|
The result of an encryption is returned in a static array that is
|
|
overwritten by each call. The return value should not be modified.
|
|
|
|
|
|
|
|
|
|
|
|
</PRE>
|
|
<H2>AUTHOR</H2><PRE>
|
|
Kees J. Bot (kjb@cs.vu.nl)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</PRE>
|
|
</BODY>
|
|
</HTML>
|