diff options
Diffstat (limited to 'static/openbsd/man3/crypt.3')
| -rw-r--r-- | static/openbsd/man3/crypt.3 | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/static/openbsd/man3/crypt.3 b/static/openbsd/man3/crypt.3 new file mode 100644 index 00000000..6a21571d --- /dev/null +++ b/static/openbsd/man3/crypt.3 @@ -0,0 +1,144 @@ +.\" $OpenBSD: crypt.3,v 1.46 2025/01/09 23:18:08 jsg Exp $ +.\" +.\" FreeSec: libcrypt +.\" +.\" Copyright (c) 1994 David Burren +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 4. Neither the name of the author nor the names of other contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" Manual page, using -mandoc macros +.\" +.Dd $Mdocdate: January 9 2025 $ +.Dt CRYPT 3 +.Os +.Sh NAME +.Nm crypt , +.Nm bcrypt_gensalt , +.Nm bcrypt +.Nd password hashing +.Sh SYNOPSIS +.In stdlib.h +.Pp +.In unistd.h +.Ft char * +.Fn crypt "const char *key" "const char *setting" +.In pwd.h +.Ft char * +.Fn bcrypt_gensalt "u_int8_t log_rounds" +.Ft char * +.Fn bcrypt "const char *key" "const char *salt" +.Sh DESCRIPTION +These functions are deprecated in favor of +.Xr crypt_checkpass 3 +and +.Xr crypt_newhash 3 . +.Pp +The +.Fn crypt +function performs password hashing. +Additional code has been added to deter key search attempts and to use +stronger hashing algorithms. +.Pp +The first argument to +.Fn crypt +is a NUL-terminated +string +.Fa key , +typically a user's typed password. +The second, +.Fa setting , +currently supports a single form. +If it begins +with a string character +.Pq Ql $ +and a number then a different algorithm is used depending on the number. +At the moment +.Ql $2 +chooses Blowfish hashing; see below for more information. +.Ss Blowfish crypt +The Blowfish version of crypt has 128 bits of +.Fa salt +in order to make building dictionaries of common passwords space consuming. +The initial state of the +Blowfish cipher is expanded using the +.Fa salt +and the +.Fa password +repeating the process a variable number of rounds, which is encoded in +the password string. +The maximum password length is 72. +The final Blowfish password entry is created by encrypting the string +.Pp +.Dq OrpheanBeholderScryDoubt +.Pp +with the Blowfish state 64 times. +.Pp +The version number, the logarithm of the number of rounds and +the concatenation of salt and hashed password are separated by the +.Ql $ +character. +An encoded +.Sq 8 +would specify 256 rounds. +A valid Blowfish password looks like this: +.Pp +.Dq $2b$12$FPWWO2RJ3CK4FINTw0Hi8OiPKJcX653gzSS.jqltHFMxyDmmQ0Hqq . +.Pp +The whole Blowfish password string is passed as +.Fa setting +for interpretation. +.Sh RETURN VALUES +The function +.Fn crypt +returns a pointer to the encrypted value on success, and +.Dv NULL +on failure. +.Sh SEE ALSO +.Xr encrypt 1 , +.Xr login 1 , +.Xr passwd 1 , +.Xr blowfish 3 , +.Xr crypt_checkpass 3 , +.Xr getpass 3 , +.Xr passwd 5 +.Sh HISTORY +An M-209 based +.Fn crypt +function appeared in +.At v3 . +A DES-based +.Fn crypt +first appeared in +.At v7 . +.Fn bcrypt +first appeared in +.Ox 2.1 . +.Sh BUGS +The +.Fn crypt +function returns a pointer to static data, and subsequent calls to +.Fn crypt +will modify the same object. |