DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

crypt(3G)


crypt -- encrypt passwords

Synopsis

   cc [flag . . . ] file . . . -lgen [library] . . .
   

#include <unistd.h>

char *crypt(const char *key, const char *salt);

void setkey(const char *key);

void encrypt(char *block, int edflag);

Description

setkey- access password hashing algorithm

encrypt- access password hashing algorithm

crypt is the password encryption function. It is based on a one-way encryption algorithm with variations intended (among other things) to frustrate use of hardware implementations of a key search.

key is the input string to encrypt, for instance, a user's typed password. Only the first eight characters are used; the rest are ignored. salt is a two-character string chosen from the set [a-zA-Z0-9./]; this string is used to perturb the hashing algorithm in one of 4096 different ways, after which the input string is used as the key to encrypt repeatedly a constant string. The returned value points to the encrypted input string. The first two characters of the return value are the salt itself.

The setkey and encrypt functions provide access to the hashing algorithm. The argument of setkey is a character array of length 64 containing only the characters with numerical value 0 and 1. This string is divided into groups of 8, the low-order bit in each group is ignored; this gives a 56-bit key that is set into the machine. This is the key that will be used with the hashing algorithm to encrypt the string block with the encrypt function.

The block argument of encrypt is a character array of length 64 containing only the characters with numerical value 0 and 1. The argument array is modified in place to a similar array representing the bits of the argument after having been subjected to the hashing algorithm using the key set by setkey. The argument edflag, indicating decryption rather than encryption, is ignored; use encrypt in libcrypt [see crypt(3X)] for decryption.

Errors

If edflag is set to anything other than zero, errno will be set to ENOSYS.

References

crypt(3X), getpass(3C), login(1), passwd(1), passwd(4)

Notices

The return value for crypt points to static data that are overwritten by each call.
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004