crypt(3)



NAME

     crypt - one-way password encryption function


SYNOPSIS

     #define _MINIX_SOURCE 1
     #include <unistd.h>

     char *crypt(const char *key, const char *salt)


DESCRIPTION

     The first use of crypt() is to encrypt a password.  Its second use is  to
     authenticate  a  shadow password.  In both cases crypt() calls pwdauth(8)
     to do the real work.

     Crypt() encrypts a password if called with a user typed key, and  a  salt
     whose first two characters are in the set [./0-9A-Za-z].  The result is a
     character string in the [./0-9A-Za-z] alphabet of  which  the  first  two
     characters  are  equal  to  the  salt,  and  the  rest  is  the result of
     encrypting the key and the salt.

     If crypt() is called with a salt that has the form ##user then the key is
     encrypted  and  compared  to the encrypted password of user in the shadow
     password file.  If  they  are  equal  then  crypt()  returns  the  ##user
     argument,  if not then some other string is returned.  This trick assures
     that the normal way to authenticate a password still works:

          if (strcmp(pw->pw_passwd, crypt(key, pw->pw_passwd))) ...

     If key is a null string, and the shadow password is a null string or  the
     salt  is a null string then the result equals salt.  (This is because the
     caller can't tell if a password field is empty  in  the  shadow  password
     file.)

     The key and salt are limited to  1024  bytes  total  including  the  null
     bytes.


FILES


     /usr/lib/pwdauth         The password authentication program


SEE ALSO

     getpass(3), getpwent(3), passwd(5), pwdauth(8).


NOTES

     The result of an encryption  is  returned  in  a  static  array  that  is
     overwritten by each call.  The return value should not be modified.





AUTHOR

     Kees J. Bot (kjb@cs.vu.nl)