CRYPT.3
上传用户:jnzhq888
上传日期:2007-01-18
资源大小:51694k
文件大小:2k
- .TH CRYPT 3
- .SH NAME
- crypt - one-way password encryption function
- .SH SYNOPSIS
- .ft B
- .nf
- #define _MINIX_SOURCE 1
- #include <unistd.h>
- char *crypt(const char *fIkeyfP, const char *fIsaltfP)
- .fi
- .ft P
- .SH DESCRIPTION
- The first use of
- .B crypt()
- is to encrypt a password. Its second use is to authenticate a shadow
- password. In both cases
- .B crypt()
- calls
- .BR pwdauth (8)
- to do the real work.
- .PP
- .B Crypt()
- encrypts a password if called with a user typed key, and a salt
- whose first two characters are in the set [./0-9A-Za-z]. The result is a
- character string in the [./0-9A-Za-z] alphabet of which the first two
- characters are equal to the salt, and the rest is the result of encrypting
- the key and the salt.
- .PP
- If
- .B crypt()
- is called with a salt that has the form
- .BI "##" user
- then the key is encrypted and compared to the encrypted password of
- .I user
- in the shadow password file. If they are equal then
- .B crypt()
- returns the
- .BI "##" user
- argument, if not then some other string is returned. This trick assures
- that the normal way to authenticate a password still works:
- .PP
- .RS
- .nf
- if (strcmp(pw->pw_passwd, crypt(key, pw->pw_passwd))) ...
- .fi
- .RE
- .PP
- If
- .I key
- is a null string, and the shadow password is a null string or the salt is a
- null string then the result equals
- .IR salt .
- (This is because the caller can't tell if a password field is empty in the
- shadow password file.)
- .PP
- The key and salt are limited to 1024 bytes total including the null bytes.
- .SH FILES
- .TP 25
- /usr/lib/pwdauth
- The password authentication program
- .SH "SEE ALSO"
- .BR getpass (3),
- .BR getpwent (3),
- .BR passwd (5),
- .BR pwdauth (8).
- .SH NOTES
- The result of an encryption is returned in a static array that is
- overwritten by each call. The return value should not be modified.
- .SH AUTHOR
- Kees J. Bot (kjb@cs.vu.nl)
English
