|
Packit |
13e0ca |
.\" Written and revised by Solar Designer <solar at openwall.com> in 2000-2011.
|
|
Packit |
13e0ca |
.\" Revised by Zack Weinberg <zackw at panix.com> in 2017.
|
|
Packit |
13e0ca |
.\"
|
|
Packit |
13e0ca |
.\" No copyright is claimed, and this man page is hereby placed in the public
|
|
Packit |
13e0ca |
.\" domain. In case this attempt to disclaim copyright and place the man page
|
|
Packit |
13e0ca |
.\" in the public domain is deemed null and void, then the man page is
|
|
Packit |
13e0ca |
.\" Copyright 2000-2011 Solar Designer, 2017 Zack Weinberg, and it is
|
|
Packit |
13e0ca |
\" hereby released to the general public under the following terms:
|
|
Packit |
13e0ca |
.\"
|
|
Packit |
13e0ca |
.\" Redistribution and use in source and binary forms, with or without
|
|
Packit |
13e0ca |
.\" modification, are permitted.
|
|
Packit |
13e0ca |
.\"
|
|
Packit |
13e0ca |
.\" There's ABSOLUTELY NO WARRANTY, express or implied.
|
|
Packit |
13e0ca |
.\"
|
|
Packit |
13e0ca |
.\" This manual page in its current form is intended for use on systems
|
|
Packit |
13e0ca |
.\" based on the GNU C Library with crypt_blowfish patched into libcrypt.
|
|
Packit |
13e0ca |
.\"
|
|
Packit |
13e0ca |
.TH CRYPT_RN 3 "October 11, 2017" "Openwall Project" "Library functions"
|
|
Packit |
13e0ca |
.ad l
|
|
Packit |
13e0ca |
.\" No macros in NAME to keep makewhatis happy.
|
|
Packit |
13e0ca |
.SH NAME
|
|
Packit |
13e0ca |
\fBcrypt\fR, \fBcrypt_r\fR, \fBcrypt_rn\fR, \fBcrypt_ra\fR
|
|
Packit |
13e0ca |
\- passphrase hashing
|
|
Packit |
13e0ca |
.SH SYNOPSIS
|
|
Packit |
13e0ca |
.B #include <crypt.h>
|
|
Packit |
13e0ca |
.sp
|
|
Packit |
13e0ca |
.in +8
|
|
Packit |
13e0ca |
.ti -8
|
|
Packit |
13e0ca |
.BI "char *crypt(const char *" phrase ", const char *" setting );
|
|
Packit |
13e0ca |
.ti -8
|
|
Packit |
13e0ca |
.BI "char *crypt_r(const char *" phrase ", const char *" setting ", struct crypt_data *" data );
|
|
Packit |
13e0ca |
.ti -8
|
|
Packit |
13e0ca |
.BI "char *crypt_rn(const char *" phrase ", const char *" setting ", void *" data ", int " size );
|
|
Packit |
13e0ca |
.ti -8
|
|
Packit |
13e0ca |
.BI "char *crypt_ra(const char *" phrase ", const char *" setting ", void **" data ", int *" size );
|
|
Packit |
13e0ca |
.in -8
|
|
Packit |
13e0ca |
.sp
|
|
Packit |
13e0ca |
Link with
|
|
Packit |
13e0ca |
.IR -lcrypt .
|
|
Packit |
13e0ca |
.ad b
|
|
Packit |
13e0ca |
.SH DESCRIPTION
|
|
Packit |
13e0ca |
The
|
|
Packit |
13e0ca |
.BR crypt ", " crypt_r ", " crypt_rn ", and " crypt_ra
|
|
Packit |
13e0ca |
functions irreversibly \(lqhash\(rq
|
|
Packit |
13e0ca |
.I phrase
|
|
Packit |
13e0ca |
for storage in the system password database
|
|
Packit |
13e0ca |
.RB ( shadow (5))
|
|
Packit |
13e0ca |
using a cryptographic \(lqhashing method.\(rq
|
|
Packit |
13e0ca |
The result of this operation is called a \(lqhashed passphrase\(rq
|
|
Packit |
13e0ca |
or just a \(lqhash.\(rq
|
|
Packit |
13e0ca |
Hashing methods are described in
|
|
Packit |
13e0ca |
.BR crypt (5).
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
.I setting
|
|
Packit |
13e0ca |
controls which hashing method to use,
|
|
Packit |
13e0ca |
and also supplies various parameters to the chosen method,
|
|
Packit |
13e0ca |
most importantly a random \(lqsalt\(rq
|
|
Packit |
13e0ca |
which ensures that no two stored hashes are the same,
|
|
Packit |
13e0ca |
even if the
|
|
Packit |
13e0ca |
.I phrase
|
|
Packit |
13e0ca |
strings are the same.
|
|
Packit |
13e0ca |
The hashing methods are explained below.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
The
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
structure passed to
|
|
Packit |
13e0ca |
.B crypt_r
|
|
Packit |
13e0ca |
has at least these fields:
|
|
Packit |
13e0ca |
.sp
|
|
Packit |
13e0ca |
.in +4n
|
|
Packit |
13e0ca |
.nf
|
|
Packit |
13e0ca |
struct crypt_data {
|
|
Packit |
13e0ca |
char output[CRYPT_OUTPUT_SIZE];
|
|
Packit |
13e0ca |
char setting[CRYPT_OUTPUT_SIZE];
|
|
Packit |
13e0ca |
char phrase[CRYPT_MAX_PASSPHRASE_SIZE];
|
|
Packit |
13e0ca |
char initialized;
|
|
Packit |
13e0ca |
};
|
|
Packit |
13e0ca |
.fi
|
|
Packit |
13e0ca |
.in
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
Upon a successful return from
|
|
Packit |
13e0ca |
.BR crypt_r ,
|
|
Packit |
13e0ca |
the hashed passphrase will be stored in
|
|
Packit |
13e0ca |
.IR output .
|
|
Packit |
13e0ca |
Applications are encouraged, but not required, to use the
|
|
Packit |
13e0ca |
.I setting
|
|
Packit |
13e0ca |
and
|
|
Packit |
13e0ca |
.I phrase
|
|
Packit |
13e0ca |
fields to store the strings that they will pass as
|
|
Packit |
13e0ca |
.I phrase
|
|
Packit |
13e0ca |
and
|
|
Packit |
13e0ca |
.I setting
|
|
Packit |
13e0ca |
to
|
|
Packit |
13e0ca |
.BR crypt_r .
|
|
Packit |
13e0ca |
This will make it easier to erase all sensitive data
|
|
Packit |
13e0ca |
after it is no longer needed.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
The
|
|
Packit |
13e0ca |
.I initialized
|
|
Packit |
13e0ca |
field must be set to zero before the first time a
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
object is first used in a call to
|
|
Packit |
13e0ca |
.BR crypt_r .
|
|
Packit |
13e0ca |
We recommend zeroing the entire
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
object, not just
|
|
Packit |
13e0ca |
.I initialized
|
|
Packit |
13e0ca |
and not just the documented fields,
|
|
Packit |
13e0ca |
before the first use.
|
|
Packit |
13e0ca |
(Of course, do this before storing anything in
|
|
Packit |
13e0ca |
.I setting
|
|
Packit |
13e0ca |
and
|
|
Packit |
13e0ca |
.IR phrase .)
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
The
|
|
Packit |
13e0ca |
.I data
|
|
Packit |
13e0ca |
argument to
|
|
Packit |
13e0ca |
.B crypt_rn
|
|
Packit |
13e0ca |
should also point to a
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
object, and
|
|
Packit |
13e0ca |
.I size
|
|
Packit |
13e0ca |
should be the size of that object, cast to
|
|
Packit |
13e0ca |
.BR int .
|
|
Packit |
13e0ca |
When used with
|
|
Packit |
13e0ca |
.BR crypt_rn ,
|
|
Packit |
13e0ca |
the entire
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
object must be zeroed before its first use;
|
|
Packit |
13e0ca |
this is not just a recommendation, as it is for
|
|
Packit |
13e0ca |
.BR crypt_r .
|
|
Packit |
13e0ca |
.RI ( setting
|
|
Packit |
13e0ca |
and
|
|
Packit |
13e0ca |
.I phrase
|
|
Packit |
13e0ca |
are still allowed to be used.)
|
|
Packit |
13e0ca |
Otherwise, the fields of the object have the same uses that they do for
|
|
Packit |
13e0ca |
.BR crypt_r .
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
On the first call to
|
|
Packit |
13e0ca |
.BR crypt_ra ,
|
|
Packit |
13e0ca |
.I data
|
|
Packit |
13e0ca |
should be the address of a
|
|
Packit |
13e0ca |
.B void *
|
|
Packit |
13e0ca |
variable set to NULL, and
|
|
Packit |
13e0ca |
.I size
|
|
Packit |
13e0ca |
should be the address of an
|
|
Packit |
13e0ca |
.B int
|
|
Packit |
13e0ca |
variable set to zero.
|
|
Packit |
13e0ca |
.B crypt_ra
|
|
Packit |
13e0ca |
will allocate and initialize a
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
object, using
|
|
Packit |
13e0ca |
.BR malloc (3),
|
|
Packit |
13e0ca |
and write its address and size into
|
|
Packit |
13e0ca |
.RI * data
|
|
Packit |
13e0ca |
and
|
|
Packit |
13e0ca |
.RI * size .
|
|
Packit |
13e0ca |
These can be reused in subsequent calls.
|
|
Packit |
13e0ca |
After the application is done hashing passphrases,
|
|
Packit |
13e0ca |
it should deallocate
|
|
Packit |
13e0ca |
.RI * data
|
|
Packit |
13e0ca |
using
|
|
Packit |
13e0ca |
.BR free (3).
|
|
Packit |
13e0ca |
.SH RETURN VALUE
|
|
Packit |
13e0ca |
Upon successful completion,
|
|
Packit |
13e0ca |
.BR crypt ", " crypt_r ", " crypt_rn ", and " crypt_ra
|
|
Packit |
13e0ca |
return a pointer to a string which encodes both the hashed passphrase,
|
|
Packit |
13e0ca |
and the settings that were used to encode it.
|
|
Packit |
13e0ca |
This string is directly usable as
|
|
Packit |
13e0ca |
.I setting
|
|
Packit |
13e0ca |
with other calls to
|
|
Packit |
13e0ca |
.BR crypt ", " crypt_r ", " crypt_rn ", and " crypt_ra ,
|
|
Packit |
13e0ca |
and as
|
|
Packit |
13e0ca |
.I prefix
|
|
Packit |
13e0ca |
with calls to
|
|
Packit |
13e0ca |
.BR crypt_gensalt ", " crypt_gensalt_rn ", and " crypt_gensalt_ra .
|
|
Packit |
13e0ca |
It will be entirely printable ASCII,
|
|
Packit |
13e0ca |
and will not contain whitespace
|
|
Packit |
13e0ca |
or the characters \(oq\fB:\fR\(cq,
|
|
Packit |
13e0ca |
\(oq\fB;\fR\(cq,
|
|
Packit |
13e0ca |
\(oq\fB*\fR\(cq,
|
|
Packit |
13e0ca |
\(oq\fB!\fR\(cq, or
|
|
Packit |
13e0ca |
\(oq\fB\e\fR\(cq.
|
|
Packit |
13e0ca |
See
|
|
Packit |
13e0ca |
.BR crypt (5)
|
|
Packit |
13e0ca |
for more detail on the format of hashed passphrases.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
places its result in a static storage area,
|
|
Packit |
13e0ca |
which will be overwritten by subsequent calls to
|
|
Packit |
13e0ca |
.BR crypt .
|
|
Packit |
13e0ca |
It is not safe to call
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
from multiple threads simultaneously.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
.BR crypt_r ", " crypt_rn ", and " crypt_ra
|
|
Packit |
13e0ca |
place their result in the
|
|
Packit |
13e0ca |
.I output
|
|
Packit |
13e0ca |
field of the
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
object that they are supplied with; it is safe to call them from
|
|
Packit |
13e0ca |
multiple threads simultaneously, as long as a separate
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
object is used for each thread.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
Upon error,
|
|
Packit Service |
0b5db0 |
.BR crypt_r ", " crypt_rn ", and " crypt_ra
|
|
Packit Service |
0b5db0 |
write an
|
|
Packit Service |
f1eab5 |
.I invalid
|
|
Packit Service |
0b5db0 |
hashed passphrase to the
|
|
Packit Service |
0b5db0 |
.I output
|
|
Packit Service |
0b5db0 |
field of their
|
|
Packit Service |
0b5db0 |
.I crypt_data
|
|
Packit Service |
0b5db0 |
object, and
|
|
Packit Service |
0b5db0 |
.B crypt
|
|
Packit Service |
0b5db0 |
writes an invalid hash to its static storage area.
|
|
Packit |
13e0ca |
This string will be shorter than 13 characters,
|
|
Packit |
13e0ca |
will begin with a \(oq\fB*\fR\(cq,
|
|
Packit |
13e0ca |
and will not compare equal to
|
|
Packit |
13e0ca |
.IR setting .
|
|
Packit Service |
0b5db0 |
.PP
|
|
Packit Service |
0b5db0 |
Upon error,
|
|
Packit Service |
0b5db0 |
.BR crypt_rn " and " crypt_ra
|
|
Packit Service |
0b5db0 |
return a null pointer.
|
|
Packit Service |
0b5db0 |
.BR crypt_r " and " crypt
|
|
Packit Service |
0b5db0 |
may also return a null pointer,
|
|
Packit Service |
0b5db0 |
or they may return a pointer to the invalid hash,
|
|
Packit Service |
0b5db0 |
depending on how
|
|
Packit Service |
0b5db0 |
.I libcrypt
|
|
Packit Service |
0b5db0 |
was configured.
|
|
Packit Service |
0b5db0 |
(The option to return the invalid hash is for compatibility
|
|
Packit |
13e0ca |
with old applications that assume that
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
cannot return a null pointer.
|
|
Packit |
13e0ca |
See
|
|
Packit |
13e0ca |
.B "PORTABILITY NOTES"
|
|
Packit |
13e0ca |
below.)
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
All four functions set
|
|
Packit |
13e0ca |
.I errno
|
|
Packit |
13e0ca |
when they fail.
|
|
Packit |
13e0ca |
.SH ERRORS
|
|
Packit |
13e0ca |
.TP
|
|
Packit |
13e0ca |
.B EINVAL
|
|
Packit |
13e0ca |
.I setting
|
|
Packit |
13e0ca |
is invalid, or requests a hashing method that is not supported.
|
|
Packit |
13e0ca |
.TP
|
|
Packit |
13e0ca |
.B ERANGE
|
|
Packit |
13e0ca |
.B crypt_rn
|
|
Packit |
13e0ca |
only:
|
|
Packit |
13e0ca |
.I size
|
|
Packit |
13e0ca |
is too small for the hashing method requested by
|
|
Packit |
13e0ca |
.IR setting .
|
|
Packit |
13e0ca |
.TP
|
|
Packit |
13e0ca |
.B ENOMEM
|
|
Packit |
13e0ca |
Failed to allocate internal scratch memory.
|
|
Packit |
13e0ca |
.br
|
|
Packit |
13e0ca |
.BR crypt_ra
|
|
Packit |
13e0ca |
only: failed to allocate memory for
|
|
Packit |
13e0ca |
.RI * data .
|
|
Packit |
13e0ca |
.TP
|
|
Packit |
13e0ca |
.BR ENOSYS " or " EOPNOTSUPP
|
|
Packit |
13e0ca |
Hashing passphrases is not supported at all on this installation,
|
|
Packit |
13e0ca |
or the hashing method requested by
|
|
Packit |
13e0ca |
.I setting
|
|
Packit |
13e0ca |
is not supported.
|
|
Packit |
13e0ca |
These error codes are not used by this version of
|
|
Packit |
13e0ca |
.IR libcrypt ,
|
|
Packit |
13e0ca |
but may be encountered on other systems.
|
|
Packit |
13e0ca |
.SH PORTABILITY NOTES
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
is included in POSIX, but
|
|
Packit |
13e0ca |
.BR crypt_r ", " crypt_rn ", and " crypt_ra
|
|
Packit |
13e0ca |
are not part of any standard.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
POSIX does not specify any hashing methods,
|
|
Packit |
13e0ca |
and does not require hashed passphrases to be portable between systems.
|
|
Packit |
13e0ca |
In practice, hashed passphrases are portable
|
|
Packit |
13e0ca |
as long as both systems support the hashing method that was used.
|
|
Packit |
13e0ca |
However, the set of supported hashing methods
|
|
Packit |
13e0ca |
varies considerably from system to system.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
The behavior of
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
on errors isn't well standardized.
|
|
Packit |
13e0ca |
Some implementations simply can't fail
|
|
Packit |
13e0ca |
(except by crashing the program),
|
|
Packit |
13e0ca |
others return a null pointer or a fixed string.
|
|
Packit |
13e0ca |
Most implementations don't set
|
|
Packit |
13e0ca |
.IR errno ,
|
|
Packit |
13e0ca |
but some do.
|
|
Packit |
13e0ca |
POSIX specifies returning a null pointer and setting
|
|
Packit |
13e0ca |
.IR errno ,
|
|
Packit |
13e0ca |
but it defines only one possible error,
|
|
Packit |
13e0ca |
.BR ENOSYS ,
|
|
Packit |
13e0ca |
in the case where
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
is not supported at all.
|
|
Packit |
13e0ca |
Many existing applications are not prepared to handle null pointers
|
|
Packit |
13e0ca |
returned by
|
|
Packit |
13e0ca |
.BR crypt .
|
|
Packit |
13e0ca |
The behavior described above for this implementation,
|
|
Packit |
13e0ca |
setting
|
|
Packit |
13e0ca |
.I errno
|
|
Packit |
13e0ca |
and returning an invalid hashed passphrase different from
|
|
Packit |
13e0ca |
.IR setting ,
|
|
Packit |
13e0ca |
is chosen to make these applications fail closed when an error occurs.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
Due to historical restrictions
|
|
Packit |
13e0ca |
on the export of cryptographic software from the USA,
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
is an optional POSIX component.
|
|
Packit |
13e0ca |
Applications should therefore be prepared for
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
not to be available,
|
|
Packit |
13e0ca |
or to always fail (setting
|
|
Packit |
13e0ca |
.I errno
|
|
Packit |
13e0ca |
to
|
|
Packit |
13e0ca |
.BR ENOSYS )
|
|
Packit |
13e0ca |
at runtime.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
POSIX specifies that
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
is declared in
|
|
Packit |
13e0ca |
.BR unistd.h ,
|
|
Packit |
13e0ca |
but only if the macro
|
|
Packit |
13e0ca |
.B _XOPEN_CRYPT
|
|
Packit |
13e0ca |
is defined and has a value greater than or equal to zero. Since
|
|
Packit |
13e0ca |
.I libcrypt
|
|
Packit |
13e0ca |
does not provide
|
|
Packit |
13e0ca |
.BR unistd.h ,
|
|
Packit |
13e0ca |
it declares
|
|
Packit |
13e0ca |
.BR crypt ", " crypt_r ", " crypt_rn ", and " crypt_ra
|
|
Packit |
13e0ca |
in
|
|
Packit |
13e0ca |
.B crypt.h
|
|
Packit |
13e0ca |
instead.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
On a minority of systems (notably recent versions of Solaris),
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
uses a thread-specific static storage buffer,
|
|
Packit |
13e0ca |
which makes it safe to call from multiple threads simultaneously,
|
|
Packit |
13e0ca |
but does not prevent each call within a thread
|
|
Packit |
13e0ca |
from overwriting the results of the previous one.
|
|
Packit |
13e0ca |
.SH BUGS
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
Some implementations of
|
|
Packit |
13e0ca |
.BR crypt ,
|
|
Packit |
13e0ca |
upon error,
|
|
Packit |
13e0ca |
return an invalid hash that is stored in a read-only location
|
|
Packit |
13e0ca |
or only initialized once,
|
|
Packit |
13e0ca |
which means that it is only safe to erase the buffer pointed to by the
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
return value if an error did not occur.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
.I struct crypt_data
|
|
Packit |
13e0ca |
may be quite large (32kB in this implementation of
|
|
Packit |
13e0ca |
.IR libcrypt ;
|
|
Packit |
13e0ca |
over 128kB in some other implementations).
|
|
Packit |
13e0ca |
This is large enough that it may be unwise to allocate it on the stack.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
Some recently designed hashing methods need even more scratch memory,
|
|
Packit |
13e0ca |
but the
|
|
Packit |
13e0ca |
.B crypt_r
|
|
Packit |
13e0ca |
interface makes it impossible to change the size of
|
|
Packit |
13e0ca |
.I crypt_data
|
|
Packit |
13e0ca |
without breaking binary compatibility.
|
|
Packit |
13e0ca |
The
|
|
Packit |
13e0ca |
.B crypt_rn
|
|
Packit |
13e0ca |
interface could accommodate larger allocations for specific hashing methods,
|
|
Packit |
13e0ca |
but the caller of
|
|
Packit |
13e0ca |
.B crypt_rn
|
|
Packit |
13e0ca |
has no way of knowing how much memory to allocate.
|
|
Packit |
13e0ca |
.B crypt_ra
|
|
Packit |
13e0ca |
does the allocation itself,
|
|
Packit |
13e0ca |
but can only make a single call to
|
|
Packit |
13e0ca |
.BR malloc (3).
|
|
Packit |
13e0ca |
.SH ATTRIBUTES
|
|
Packit |
13e0ca |
For an explanation of the terms used in this section, see
|
|
Packit |
13e0ca |
.BR attributes (7).
|
|
Packit |
13e0ca |
.ad l
|
|
Packit |
13e0ca |
.TS
|
|
Packit |
13e0ca |
allbox;
|
|
Packit |
13e0ca |
lb lb lb
|
|
Packit |
13e0ca |
l l l.
|
|
Packit |
13e0ca |
Interface Attribute Value
|
|
Packit |
13e0ca |
T{
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
T} Thread safety MT-Unsafe race:crypt
|
|
Packit |
13e0ca |
T{
|
|
Packit |
13e0ca |
.BR crypt_r ", " crypt_rn ", " crypt_ra
|
|
Packit |
13e0ca |
T} Thread safety MT-Safe
|
|
Packit |
13e0ca |
.TE
|
|
Packit |
13e0ca |
.ad b
|
|
Packit |
13e0ca |
.sp
|
|
Packit |
13e0ca |
.SH HISTORY
|
|
Packit |
13e0ca |
A rotor-based
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
function appeared in Version 6 AT&T UNIX.
|
|
Packit |
13e0ca |
The "traditional" DES-based
|
|
Packit |
13e0ca |
.B crypt
|
|
Packit |
13e0ca |
first appeared in Version 7 AT&T UNIX.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
.B crypt_r
|
|
Packit |
13e0ca |
originates with the GNU C Library.
|
|
Packit |
13e0ca |
There's also a
|
|
Packit |
13e0ca |
.B crypt_r
|
|
Packit |
13e0ca |
function on HP-UX and MKS Toolkit, but the prototypes and semantics
|
|
Packit |
13e0ca |
differ.
|
|
Packit |
13e0ca |
.PP
|
|
Packit |
13e0ca |
.BR crypt_rn
|
|
Packit |
13e0ca |
and
|
|
Packit |
13e0ca |
.BR crypt_ra
|
|
Packit |
13e0ca |
originate with the Openwall project.
|
|
Packit |
13e0ca |
.SH SEE ALSO
|
|
Packit |
13e0ca |
.ad l
|
|
Packit |
13e0ca |
.BR crypt_gensalt (3),
|
|
Packit |
13e0ca |
.BR getpass (3),
|
|
Packit |
13e0ca |
.BR getpwent (3),
|
|
Packit |
13e0ca |
.BR shadow (3),
|
|
Packit |
13e0ca |
.BR login (1),
|
|
Packit |
13e0ca |
.BR passwd (1),
|
|
Packit |
13e0ca |
.BR crypt (5),
|
|
Packit |
13e0ca |
.BR passwd (5),
|
|
Packit |
13e0ca |
.BR shadow (5),
|
|
Packit |
13e0ca |
.BR pam (8)
|