75 lines
2.2 KiB
Diff
75 lines
2.2 KiB
Diff
diff -up man-pages-2.75/man3/crypt.3.pom man-pages-2.75/man3/crypt.3
|
|
--- man-pages-2.75/man3/crypt.3.pom 2008-01-03 17:07:29.000000000 +0100
|
|
+++ man-pages-2.75/man3/crypt.3 2008-01-14 11:04:42.000000000 +0100
|
|
@@ -141,22 +141,59 @@ function was not implemented, probably b
|
|
SVr4, 4.3BSD, POSIX.1-2001
|
|
.SH NOTES
|
|
.SS Glibc Notes
|
|
-The glibc2 version of this function has the following additional features.
|
|
+The glibc2 version of this function has the following additional features:
|
|
+
|
|
If
|
|
.I salt
|
|
-is a character string starting with the three characters "$1$"
|
|
-followed by at most eight characters, and optionally terminated by "$",
|
|
-then instead of using the DES machine, the glibc crypt function
|
|
-uses an MD5-based algorithm, and outputs up to 34 bytes,
|
|
-namely "$1$<salt>$<encoded>", where
|
|
-"<salt>" stands for the up to 8 characters following "$1$" in the salt,
|
|
-and "<encoded>" is a further 22 characters.
|
|
-The characters in "<salt>" and "<encoded>" are drawn from the set
|
|
+is a character string starting with the three characters "$<ID>$"
|
|
+followed by a string terminated by "$",
|
|
+
|
|
+$<ID>$<salt>$<pwd>
|
|
+
|
|
+then instead of using the DES machine, ID identifies the method used and
|
|
+this then determines how the rest of the password string is
|
|
+interpreted. So far the following ID values are in use:
|
|
+
|
|
+.TS
|
|
+l l.
|
|
+ID | Method
|
|
+_
|
|
+1 | MD5 (Linux, BSD)
|
|
+2a | Blowfish (OpenBSD)
|
|
+md5 | Sun MD5
|
|
+.TE
|
|
+
|
|
+For the new SHA-256 and SHA-512 methods the following values are
|
|
+selected:
|
|
+
|
|
+.TS
|
|
+l l.
|
|
+ID | Method
|
|
+_
|
|
+5 | SHA-256
|
|
+6 | SHA-512
|
|
+.TE
|
|
+
|
|
+So $5$<salt>$<pwd> is a SHA-256 encoded password and $6$<salt>$<pwd> is a
|
|
+SHA-512 encoded one.
|
|
+
|
|
+"<salt>" stands for the up to 16 characters following "$ID$" in the salt.
|
|
+The pwd part of the password string is the actual computed password.
|
|
+The size of this string is fixed:
|
|
+
|
|
+.TS
|
|
+l l.
|
|
+MD5 | 22 characters
|
|
+SHA-256 | 43 characters
|
|
+SHA-512 | 86 characters
|
|
+.TE
|
|
+
|
|
+The characters in "<salt>" and "<pwd>" are drawn from the set
|
|
[\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP].
|
|
-The entire
|
|
+In SHA implementation the entire
|
|
.I key
|
|
is significant here (instead of only the first
|
|
-8 bytes).
|
|
+8 bytes in MD5).
|
|
.SH "SEE ALSO"
|
|
.BR login (1),
|
|
.BR passwd (1),
|