Home | History | Annotate | Download | only in libcrypt
History log of /src/lib/libcrypt/crypt.h
RevisionDateAuthorComments
 1.8  16-Oct-2021  nia libcrypt: Hide more private symbols by default. Fix style.
 1.7  12-Oct-2021  nia crypt(3): match the Argon2 reference implementation's Base64 exactly

There are too many minor variations regarding padding and exact alphabet
to safely use the implementation in libc or an existing implementation
in libcrypt.
 1.6  12-Oct-2021  nia crypt(3): Make Argon2 implementation match the reference impl by
making sure input salts are decoded as base64.
 1.5  21-Oct-2019  jhigh adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2
 1.4  27-Oct-2006  drochner branches: 1.4.82;
As discussed back in June, move the implementation of hmac_sha1 here
because this is not a public function and crypt-sha1.c is the only
place where it is used (It must have been that way formerly, because
there was a stale prototype in crypt.h all the time.)
Being here, do some RCSID and prototype cleanup, and add as much "const"
as needed to compile these files with WARNS=3.
 1.3  12-Jan-2005  christos - change the gensalt functions to take an optional string instead of
the number of rounds.
- make pw_gensalt() more generic, so that it does not depend in libutil.
 1.2  11-Jan-2005  christos - remove local UNCONST
- add new __gensalt functions
 1.1  02-Jul-2004  sjg Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.
 1.4.82.1  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411

RSS XML Feed