| CRYPT(3) | Library Functions Manual | CRYPT(3) |
crypt, bcrypt_gensalt,
bcrypt —
#include <stdlib.h>
#include <unistd.h>
char *
crypt(const
char *key, const char
*setting);
#include
<pwd.h>
char *
bcrypt_gensalt(u_int8_t
log_rounds);
char *
bcrypt(const
char *key, const char
*salt);
The crypt() function performs password
hashing. Additional code has been added to deter key search attempts and to
use stronger hashing algorithms.
The first argument to crypt() is a
NUL-terminated string key, typically a user's typed
password. The second, setting, currently supports a
single form. If it begins with a string character
(‘$’) and a number then a different
algorithm is used depending on the number. At the moment
‘$2’ chooses Blowfish hashing; see
below for more information.
“OrpheanBeholderScryDoubt”
with the Blowfish state 64 times.
The version number, the logarithm of the number of rounds and the
concatenation of salt and hashed password are separated by the
‘$’ character. An encoded
‘8’ would specify 256 rounds. A valid Blowfish password looks
like this:
“$2b$12$FPWWO2RJ3CK4FINTw0Hi8OiPKJcX653gzSS.jqltHFMxyDmmQ0Hqq”.
The whole Blowfish password string is passed as setting for interpretation.
crypt() returns a pointer to the encrypted
value on success, and NULL on failure.
crypt() function appeared in
Version 3 AT&T UNIX. A DES-based
crypt() first appeared in
Version 7 AT&T UNIX.
bcrypt() first appeared in OpenBSD
2.1.
crypt() function returns a pointer to static data,
and subsequent calls to crypt() will modify the same
object.
| April 6, 2015 | OpenBSD-current |