md5crypt(3tcl) MD5-based password encryption md5crypt(3tcl)
______________________________________________________________________________
NAME
md5crypt - MD5-based password encryption
SYNOPSIS
package require Tcl 8.2
package require md5 2.0
package require md5crypt ?1.1.0?
::md5crypt::md5crypt password salt
::md5crypt::aprcrypt password salt
::md5crypt::salt ?length?
______________________________________________________________________________
DESCRIPTION
This package provides an implementation of the MD5-crypt password en-
cryption algorithm as pioneered by FreeBSD and currently in use as a
replacement for the unix crypt(3) function in many modern systems. An
implementation of the closely related Apache MD5-crypt is also avail-
able. The output of these commands are compatible with the BSD and
OpenSSL implementation of md5crypt and the Apache 2 htpasswd program.
COMMANDS
::md5crypt::md5crypt password salt
Generate a BSD compatible md5-encoded password hash from the
plaintext password and a random salt (see SALT).
::md5crypt::aprcrypt password salt
Generate an Apache compatible md5-encoded password hash from the
plaintext password and a random salt (see SALT).
::md5crypt::salt ?length?
Generate a random salt string suitable for use with the md5crypt
and aprcrypt commands.
SALT
The salt passed to either of the encryption schemes implemented here is
checked to see if it begins with the encryption scheme magic string
(either "$1$" for MD5-crypt or "$apr1$" for Apache crypt). If so, this
is removed. The remaining characters up to the next $ and up to a maxi-
mum of 8 characters are then used as the salt. The salt text should
probably be restricted the set of ASCII alphanumeric characters plus
"./" (dot and forward-slash) - this is to preserve maximum compatabil-
ity with the unix password file format.
If a password is being generated rather than checked from a password
file then the salt command may be used to generate a random salt.
EXAMPLES
% md5crypt::md5crypt password 01234567
$1$01234567$b5lh2mHyD2PdJjFfALlEz1
% md5crypt::aprcrypt password 01234567
$apr1$01234567$IXBaQywhAhc0d75ZbaSDp/
% md5crypt::md5crypt password [md5crypt::salt]
$1$dFmvyRmO$T.V3OmzqeEf3hqJp2WFcb.
BUGS, IDEAS, FEEDBACK
This document, and the package it describes, will undoubtedly contain
bugs and other problems. Please report such in the category md5crypt
of the Tcllib Trackers [http://core.tcl.tk/tcllib/reportlist]. Please
also report any ideas for enhancements you may have for either package
and/or documentation.
When proposing code changes, please provide unified diffs, i.e the out-
put of diff -u.
Note further that attachments are strongly preferred over inlined
patches. Attachments can be made by going to the Edit form of the
ticket immediately after its creation, and then using the left-most
button in the secondary navigation bar.
SEE ALSO
md5
KEYWORDS
hashing, md5, md5crypt, message-digest, security
CATEGORY
Hashes, checksums, and encryption
COPYRIGHT
Copyright (c) 2003, Pat Thoyts <patthoyts@users.sourceforge.net>
tcllib 1.1.0 md5crypt(3tcl)