man md5crypt () - MD5-based password encryption
NAME
md5crypt - MD5-based password encryption
SYNOPSIS
package require Tcl 8.2 package require md5 2.0 package require md5crypt ?1.0.0? ::md5crypt::md5crypt password salt ::md5crypt::aprcrypt password salt
DESCRIPTION
This package provides an implementation of the MD5-crypt password encryption algorithm as pioneered by FreeBSD and currently in use as a replacement for the unix crypt(3) function in many modern systems. An implementation of the closely related Apache MD5-crypt is also available. The output of these commands are compatible with the BSD and OpenSSL implementation of md5crypt and the Apache 2 htpasswd program.
COMMANDS
- ::md5crypt::md5crypt password salt
- Generate a BSD compatible md5-encoded password hash from the plaintext password and a random salt (see SALT).
- ::md5crypt::aprcrypt password salt
- Generate an Apache compatible md5-encoded password hash from the plaintext password and a random salt (see SALT).
SALT
The salt passed to either of the encryption schemes implemented here is checked to see if it begins with the encryption scheme magic string (either "$1$" for MD5-crypt or "$apr1$" for Apache crypt). If so, this is removed. The remaining characters up to the next $ and up to a maximum of 8 characters are then used as the salt. The salt text should probably be restricted the set of ASCII alphanumeric characters plus "./" (dot and forward-slash) - this is to preserve maximum compatability with the unix password file format.
EXAMPLES
% md5crypt::md5crypt password 01234567 $1$01234567$b5lh2mHyD2PdJjFfALlEz1
% md5crypt::aprcrypt password 01234567 $apr1$01234567$IXBaQywhAhc0d75ZbaSDp/
SEE ALSO
md5
KEYWORDS
hashing, md5, md5crypt, message-digest, security
COPYRIGHT
Copyright (c) 2003, Pat Thoyts <patthoyts@users.sourceforge.net>