crypt - one-way password encryption function
#define _MINIX_SOURCE 1
char *crypt(const char *key, const char *salt)
The first use of crypt() is to encrypt a password. Its second use is to
authenticate a shadow password. In both cases crypt() calls pwdauth(8)
to do the real work.
Crypt() encrypts a password if called with a user typed key, and a salt
whose first two characters are in the set [./0-9A-Za-z]. The result is a
character string in the [./0-9A-Za-z] alphabet of which the first two
characters are equal to the salt, and the rest is the result of
encrypting the key and the salt.
If crypt() is called with a salt that has the form ##user then the key is
encrypted and compared to the encrypted password of user in the shadow
password file. If they are equal then crypt() returns the ##user
argument, if not then some other string is returned. This trick assures
that the normal way to authenticate a password still works:
if (strcmp(pw->pw_passwd, crypt(key, pw->pw_passwd))) ...
If key is a null string, and the shadow password is a null string or the
salt is a null string then the result equals salt. (This is because the
caller can't tell if a password field is empty in the shadow password
The key and salt are limited to 1024 bytes total including the null
/usr/lib/pwdauth The password authentication program
getpass(3), getpwent(3), passwd(5), pwdauth(8).
The result of an encryption is returned in a static array that is
overwritten by each call. The return value should not be modified.
Kees J. Bot (firstname.lastname@example.org)