OpenBSD manual page server

Manual Page Search Parameters
CRYPT_CHECKPASS(3) Library Functions Manual CRYPT_CHECKPASS(3)

crypt_checkpass, crypt_newhash
password hashing

#include <unistd.h>

int
crypt_checkpass(const char *password, const char *hash);

int
crypt_newhash(const char *password, const char *pref, char *hash, size_t hashsize);

The crypt_checkpass() function is provided to simplify checking a user's password. If both the hash and the password are the empty string, authentication is a success. Otherwise, the password is hashed and compared to the provided hash. If the hash is NULL, authentication will always fail, but a default amount of work is performed to simulate the hashing operation. A successful match will return 0. A failure will return -1 and set errno(2).

The crypt_newhash() function is provided to simplify the creation of new password hashes. The provided password is randomly salted and hashed and stored in hash. The pref argument identifies the preferred hashing algorithm and parameters. Possible values are:

“bcrypt,<rounds>”
The bcrypt algorithm, where the value of rounds can be between 4 and 31 and specifies the base 2 logarithm of the number of rounds. The special rounds value ‘a’ automatically selects rounds based on system performance.

The crypt_checkpass() and crypt_newhash() functions return the value 0 if successful; otherwise the value -1 is returned and the global variable errno is set to indicate the error.

The crypt_checkpass() function sets errno to EACCESS when authentication fails.

The crypt_newhash() function sets errno to EINVAL if pref is unsupported.

crypt(3), login.conf(5), passwd(5)

The function crypt_checkpass() first appeared in OpenBSD 5.6, and crypt_newhash() in OpenBSD 5.7.

Ted Unangst <tedu@openbsd.org>
July 23, 2015 OpenBSD-6.1