diff options
| author | provos <> | 1998-02-25 11:25:13 +0000 |
|---|---|---|
| committer | provos <> | 1998-02-25 11:25:13 +0000 |
| commit | f060286ec44186bff0adae195f2ae6db9c37bd01 (patch) | |
| tree | df4dd461c6a885c892d2ae6f784d18f6bc8cebab /src/lib/libc/crypt | |
| parent | 29f37fa5eb99386623624c59bc25871daecf27da (diff) | |
| download | openbsd-f060286ec44186bff0adae195f2ae6db9c37bd01.tar.gz openbsd-f060286ec44186bff0adae195f2ae6db9c37bd01.tar.bz2 openbsd-f060286ec44186bff0adae195f2ae6db9c37bd01.zip | |
clarify about possible password lengths.
Diffstat (limited to 'src/lib/libc/crypt')
| -rw-r--r-- | src/lib/libc/crypt/crypt.3 | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/lib/libc/crypt/crypt.3 b/src/lib/libc/crypt/crypt.3 index 0ec89c038f..6f360cc65f 100644 --- a/src/lib/libc/crypt/crypt.3 +++ b/src/lib/libc/crypt/crypt.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: crypt.3,v 1.9 1997/11/30 23:16:30 provos Exp $ | 1 | .\" $OpenBSD: crypt.3,v 1.10 1998/02/25 11:25:13 provos Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" FreeSec: libcrypt | 3 | .\" FreeSec: libcrypt |
| 4 | .\" | 4 | .\" |
| @@ -99,11 +99,13 @@ For | |||
| 99 | crypt the version number, | 99 | crypt the version number, |
| 100 | .Fa salt | 100 | .Fa salt |
| 101 | and the hashed password are separated | 101 | and the hashed password are separated |
| 102 | by the ``$'' character. A valid password looks like this: | 102 | by the ``$'' character. The maximum length of a password is limited by |
| 103 | the length counter of the MD5 context, which is about | ||
| 104 | 2**64. A valid MD5 password entry looks like this: | ||
| 103 | .Pp | 105 | .Pp |
| 104 | ``$1$caeiHQwX$hsKqOjrFRRN6K32OWkCBf1''. | 106 | ``$1$caeiHQwX$hsKqOjrFRRN6K32OWkCBf1''. |
| 105 | .Pp | 107 | .Pp |
| 106 | The whole password string is passed as | 108 | The whole MD5 password string is passed as |
| 107 | .Fa setting | 109 | .Fa setting |
| 108 | for interpretation. | 110 | for interpretation. |
| 109 | .Ss "Blowfish" crypt: | 111 | .Ss "Blowfish" crypt: |
| @@ -121,7 +123,8 @@ cipher is expanded using the | |||
| 121 | and the | 123 | and the |
| 122 | .Fa password | 124 | .Fa password |
| 123 | repeating the process a variable number of rounds, which is encoded in | 125 | repeating the process a variable number of rounds, which is encoded in |
| 124 | the password string. The final password entry is created by encrypting | 126 | the password string. The maximum password length is 72. The final Blowfish |
| 127 | password entry is created by encrypting | ||
| 125 | the string ``OrpheanBeholderScryDoubt'' with the | 128 | the string ``OrpheanBeholderScryDoubt'' with the |
| 126 | .Tn Blowfish | 129 | .Tn Blowfish |
| 127 | state 64 times. | 130 | state 64 times. |
| @@ -130,11 +133,11 @@ The version number, the logarithm of the number of rounds and | |||
| 130 | the concatenation of salt and | 133 | the concatenation of salt and |
| 131 | hashed password are separated by the ``$'' character. An encoded ``8'' | 134 | hashed password are separated by the ``$'' character. An encoded ``8'' |
| 132 | would specify 256 rounds. | 135 | would specify 256 rounds. |
| 133 | A valid password looks like this: | 136 | A valid Blowfish password looks like this: |
| 134 | .Pp | 137 | .Pp |
| 135 | ``$2a$12$eIAq8PR8sIUnJ1HaohxX2O9x9Qlm2vK97LJ5dsXdmB.eXF42qjchC''. | 138 | ``$2a$12$eIAq8PR8sIUnJ1HaohxX2O9x9Qlm2vK97LJ5dsXdmB.eXF42qjchC''. |
| 136 | .Pp | 139 | .Pp |
| 137 | The whole password string is passed as | 140 | The whole Blowfish password string is passed as |
| 138 | .Fa setting | 141 | .Fa setting |
| 139 | for interpretation. | 142 | for interpretation. |
| 140 | .Ss "Traditional" crypt: | 143 | .Ss "Traditional" crypt: |