diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libc/crypt/crypt.3 | 85 | ||||
| -rw-r--r-- | src/lib/libc/crypt/crypt_checkpass.3 | 19 | 
2 files changed, 55 insertions, 49 deletions
| diff --git a/src/lib/libc/crypt/crypt.3 b/src/lib/libc/crypt/crypt.3 index 0271e46cbb..9a73c7a515 100644 --- a/src/lib/libc/crypt/crypt.3 +++ b/src/lib/libc/crypt/crypt.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: crypt.3,v 1.42 2014/11/25 03:36:34 tedu Exp $ | 1 | .\" $OpenBSD: crypt.3,v 1.43 2014/12/02 07:39:58 schwarze Exp $ | 
| 2 | .\" | 2 | .\" | 
| 3 | .\" FreeSec: libcrypt | 3 | .\" FreeSec: libcrypt | 
| 4 | .\" | 4 | .\" | 
| @@ -31,7 +31,7 @@ | |||
| 31 | .\" | 31 | .\" | 
| 32 | .\" Manual page, using -mandoc macros | 32 | .\" Manual page, using -mandoc macros | 
| 33 | .\" | 33 | .\" | 
| 34 | .Dd $Mdocdate: November 25 2014 $ | 34 | .Dd $Mdocdate: December 2 2014 $ | 
| 35 | .Dt CRYPT 3 | 35 | .Dt CRYPT 3 | 
| 36 | .Os | 36 | .Os | 
| 37 | .Sh NAME | 37 | .Sh NAME | 
| @@ -71,21 +71,27 @@ and | |||
| 71 | The | 71 | The | 
| 72 | .Fn crypt | 72 | .Fn crypt | 
| 73 | function performs password hashing based on the | 73 | function performs password hashing based on the | 
| 74 | .Tn NBS | 74 | NBS Data Encryption Standard (DES). | 
| 75 | Data Encryption Standard (DES). | ||
| 76 | Additional code has been added to deter key search attempts and to use | 75 | Additional code has been added to deter key search attempts and to use | 
| 77 | stronger hashing algorithms. | 76 | stronger hashing algorithms. | 
| 78 | .Pp | 77 | .Pp | 
| 79 | The first argument to | 78 | The first argument to | 
| 80 | .Fn crypt | 79 | .Fn crypt | 
| 81 | is a | 80 | is a NUL-terminated | 
| 82 | .Dv NUL Ns -terminated | 81 | string | 
| 83 | string, typically a user's typed password. | 82 | .Fa key , | 
| 84 | The second is in one of three forms: | 83 | typically a user's typed password. | 
| 84 | The second, | ||
| 85 | .Fa setting , | ||
| 86 | is in one of three forms: | ||
| 85 | if it begins with an underscore | 87 | if it begins with an underscore | 
| 86 | .Pq Ql _ | 88 | .Pq Ql _ | 
| 87 | then an extended format is used | 89 | then an extended format is used | 
| 88 | in interpreting both the key and the setting, as outlined below. | 90 | in interpreting both the | 
| 91 | .Fa key | ||
| 92 | and the | ||
| 93 | .Fa setting , | ||
| 94 | as outlined below. | ||
| 89 | If it begins | 95 | If it begins | 
| 90 | with a string character | 96 | with a string character | 
| 91 | .Pq Ql $ | 97 | .Pq Ql $ | 
| @@ -95,7 +101,7 @@ At the moment | |||
| 95 | chooses Blowfish hashing; see below for more information. | 101 | chooses Blowfish hashing; see below for more information. | 
| 96 | .Ss Extended crypt | 102 | .Ss Extended crypt | 
| 97 | The | 103 | The | 
| 98 | .Ar key | 104 | .Fa key | 
| 99 | is divided into groups of 8 characters (the last group is null-padded) | 105 | is divided into groups of 8 characters (the last group is null-padded) | 
| 100 | and the low-order 7 bits of each character (56 bits per group) are | 106 | and the low-order 7 bits of each character (56 bits per group) are | 
| 101 | used to form the DES key as follows: | 107 | used to form the DES key as follows: | 
| @@ -103,7 +109,9 @@ the first group of 56 bits becomes the initial DES key. | |||
| 103 | For each additional group, the XOR of the encryption of the current DES | 109 | For each additional group, the XOR of the encryption of the current DES | 
| 104 | key with itself and the group bits becomes the next DES key. | 110 | key with itself and the group bits becomes the next DES key. | 
| 105 | .Pp | 111 | .Pp | 
| 106 | The setting is a 9-character array consisting of an underscore followed | 112 | The | 
| 113 | .Fa setting | ||
| 114 | is a 9-character array consisting of an underscore followed | ||
| 107 | by 4 bytes of iteration count and 4 bytes of salt. | 115 | by 4 bytes of iteration count and 4 bytes of salt. | 
| 108 | These are encoded as printable characters, 6 bits per character, | 116 | These are encoded as printable characters, 6 bits per character, | 
| 109 | least significant character first. | 117 | least significant character first. | 
| @@ -113,15 +121,12 @@ This allows 24 bits for both | |||
| 113 | .Fa count | 121 | .Fa count | 
| 114 | and | 122 | and | 
| 115 | .Fa salt . | 123 | .Fa salt . | 
| 116 | .Ss "Blowfish" crypt | 124 | .Ss Blowfish crypt | 
| 117 | The | 125 | The Blowfish version of crypt has 128 bits of | 
| 118 | .Tn Blowfish | ||
| 119 | version of crypt has 128 bits of | ||
| 120 | .Fa salt | 126 | .Fa salt | 
| 121 | in order to make building dictionaries of common passwords space consuming. | 127 | in order to make building dictionaries of common passwords space consuming. | 
| 122 | The initial state of the | 128 | The initial state of the | 
| 123 | .Tn Blowfish | 129 | Blowfish cipher is expanded using the | 
| 124 | cipher is expanded using the | ||
| 125 | .Fa salt | 130 | .Fa salt | 
| 126 | and the | 131 | and the | 
| 127 | .Fa password | 132 | .Fa password | 
| @@ -132,9 +137,7 @@ The final Blowfish password entry is created by encrypting the string | |||
| 132 | .Pp | 137 | .Pp | 
| 133 | .Dq OrpheanBeholderScryDoubt | 138 | .Dq OrpheanBeholderScryDoubt | 
| 134 | .Pp | 139 | .Pp | 
| 135 | with the | 140 | with the Blowfish state 64 times. | 
| 136 | .Tn Blowfish | ||
| 137 | state 64 times. | ||
| 138 | .Pp | 141 | .Pp | 
| 139 | The version number, the logarithm of the number of rounds and | 142 | The version number, the logarithm of the number of rounds and | 
| 140 | the concatenation of salt and hashed password are separated by the | 143 | the concatenation of salt and hashed password are separated by the | 
| @@ -150,13 +153,15 @@ A valid Blowfish password looks like this: | |||
| 150 | The whole Blowfish password string is passed as | 153 | The whole Blowfish password string is passed as | 
| 151 | .Fa setting | 154 | .Fa setting | 
| 152 | for interpretation. | 155 | for interpretation. | 
| 153 | .Ss "Traditional" crypt | 156 | .Ss Traditional crypt | 
| 154 | The first 8 bytes of the key are null-padded, and the low-order 7 bits of | 157 | The first 8 bytes of the | 
| 155 | each character is used to form the 56-bit | 158 | .Fa key | 
| 156 | .Tn DES | 159 | are null-padded, and the low-order 7 bits of | 
| 157 | key. | 160 | each character is used to form the 56-bit DES key. | 
| 158 | .Pp | 161 | .Pp | 
| 159 | The setting is a 2-character array of the ASCII-encoded salt. | 162 | The | 
| 163 | .Fa setting | ||
| 164 | is a 2-character array of the ASCII-encoded salt. | ||
| 160 | Thus only 12 bits of | 165 | Thus only 12 bits of | 
| 161 | .Fa salt | 166 | .Fa salt | 
| 162 | are used. | 167 | are used. | 
| @@ -165,29 +170,24 @@ is set to 25. | |||
| 165 | .Ss DES Algorithm | 170 | .Ss DES Algorithm | 
| 166 | The | 171 | The | 
| 167 | .Fa salt | 172 | .Fa salt | 
| 168 | introduces disorder in the | 173 | introduces disorder in the DES | 
| 169 | .Tn DES | ||
| 170 | algorithm in one of 16777216 or 4096 possible ways | 174 | algorithm in one of 16777216 or 4096 possible ways | 
| 171 | (i.e., with 24 or 12 bits: if bit | 175 | (i.e., with 24 or 12 bits: if bit | 
| 172 | .Em i | 176 | .Em i | 
| 173 | of the | 177 | of the | 
| 174 | .Ar salt | 178 | .Fa salt | 
| 175 | is set, then bits | 179 | is set, then bits | 
| 176 | .Em i | 180 | .Em i | 
| 177 | and | 181 | and | 
| 178 | .Em i+24 | 182 | .Em i+24 | 
| 179 | are swapped in the | 183 | are swapped in the DES E-box output). | 
| 180 | .Tn DES | ||
| 181 | E-box output). | ||
| 182 | .Pp | 184 | .Pp | 
| 183 | The DES key is used to encrypt a 64-bit constant using | 185 | The DES key is used to encrypt a 64-bit constant using | 
| 184 | .Ar count | 186 | .Fa count | 
| 185 | iterations of | 187 | iterations of DES. | 
| 186 | .Tn DES . | 188 | The value returned is a NUL-terminated | 
| 187 | The value returned is a | ||
| 188 | .Dv NUL Ns -terminated | ||
| 189 | string, 20 or 13 bytes (plus NUL) in length, consisting of the | 189 | string, 20 or 13 bytes (plus NUL) in length, consisting of the | 
| 190 | .Ar setting | 190 | .Fa setting | 
| 191 | followed by the encoded 64-bit encryption. | 191 | followed by the encoded 64-bit encryption. | 
| 192 | .Pp | 192 | .Pp | 
| 193 | The functions | 193 | The functions | 
| @@ -197,8 +197,7 @@ The functions | |||
| 197 | and | 197 | and | 
| 198 | .Fn des_cipher | 198 | .Fn des_cipher | 
| 199 | provide access to the | 199 | provide access to the | 
| 200 | .Tn DES | 200 | DES algorithm itself. | 
| 201 | algorithm itself. | ||
| 202 | .Fn setkey | 201 | .Fn setkey | 
| 203 | is passed a 64-byte array of binary values (numeric 0 or 1). | 202 | is passed a 64-byte array of binary values (numeric 0 or 1). | 
| 204 | A 56-bit key is extracted from this array by dividing the | 203 | A 56-bit key is extracted from this array by dividing the | 
| @@ -237,16 +236,14 @@ using | |||
| 237 | .Xr abs 3 | 236 | .Xr abs 3 | 
| 238 | of | 237 | of | 
| 239 | .Fa count | 238 | .Fa count | 
| 240 | iterations of | 239 | iterations of DES | 
| 241 | .Tn DES | ||
| 242 | and stores the 64-bit result in the 8 characters at | 240 | and stores the 64-bit result in the 8 characters at | 
| 243 | .Fa out | 241 | .Fa out | 
| 244 | (which may be the same as | 242 | (which may be the same as | 
| 245 | .Fa in ) . | 243 | .Fa in ) . | 
| 246 | The | 244 | The | 
| 247 | .Fa salt | 245 | .Fa salt | 
| 248 | specifies perturbations to the | 246 | specifies perturbations to the DES | 
| 249 | .Tn DES | ||
| 250 | E-box output as described above. | 247 | E-box output as described above. | 
| 251 | .Pp | 248 | .Pp | 
| 252 | The | 249 | The | 
| diff --git a/src/lib/libc/crypt/crypt_checkpass.3 b/src/lib/libc/crypt/crypt_checkpass.3 index fd60523502..09f2d02796 100644 --- a/src/lib/libc/crypt/crypt_checkpass.3 +++ b/src/lib/libc/crypt/crypt_checkpass.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: crypt_checkpass.3,v 1.4 2014/11/21 12:52:54 jmc Exp $ | 1 | .\" $OpenBSD: crypt_checkpass.3,v 1.5 2014/12/02 07:39:58 schwarze Exp $ | 
| 2 | .\" | 2 | .\" | 
| 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 
| 4 | .\" | 4 | .\" | 
| @@ -14,7 +14,7 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 
| 16 | .\" | 16 | .\" | 
| 17 | .Dd $Mdocdate: November 21 2014 $ | 17 | .Dd $Mdocdate: December 2 2014 $ | 
| 18 | .Dt CRYPT_CHECKPASS 3 | 18 | .Dt CRYPT_CHECKPASS 3 | 
| 19 | .Os | 19 | .Os | 
| 20 | .Sh NAME | 20 | .Sh NAME | 
| @@ -31,10 +31,19 @@ | |||
| 31 | The | 31 | The | 
| 32 | .Fn crypt_checkpass | 32 | .Fn crypt_checkpass | 
| 33 | function is provided to simplify checking a user's password. | 33 | function is provided to simplify checking a user's password. | 
| 34 | If both the hash and the password are the empty string, authentication | 34 | If both the | 
| 35 | .Fa hash | ||
| 36 | and the | ||
| 37 | .Fa password | ||
| 38 | are the empty string, authentication | ||
| 35 | is a success. | 39 | is a success. | 
| 36 | Otherwise, the password is hashed and compared to the provided hash. | 40 | Otherwise, the | 
| 37 | If the hash is | 41 | .Fa password | 
| 42 | is hashed and compared to the provided | ||
| 43 | .Fa hash . | ||
| 44 | If the | ||
| 45 | .Fa hash | ||
| 46 | is | ||
| 38 | .Dv NULL , | 47 | .Dv NULL , | 
| 39 | authentication will always fail, but a default | 48 | authentication will always fail, but a default | 
| 40 | amount of work is performed to simulate the hashing operation. | 49 | amount of work is performed to simulate the hashing operation. | 
