NAME

     crypt - one-way password encryption function


SYNOPSIS

     #define _MINIX_SOURCE 1
     #include <unistd.h>

     char *crypt(const char *key, const char *salt)


DESCRIPTION

     The first use of crypt() is  to  encrypt  a  password.   Its
     second  use  is  to authenticate a shadow password.  In both
     cases crypt() calls pwdauth(8) to do the real work.

     Crypt() encrypts a password if called with a user typed key,
     and  a  salt whose first two characters are in the set [./0-
     9A-Za-z].  The result is a character string in the  [./0-9A-
     Za-z]  alphabet  of which the first two characters are equal
     to the salt, and the rest is the result  of  encrypting  the
     key and the salt.

     If crypt() is called with a salt that has  the  form  ##user
     then  the  key  is  encrypted  and compared to the encrypted
     password of user in the shadow password file.  If  they  are
     equal  then crypt() returns the ##user argument, if not then
     some other string is returned.  This trick assures that  the
     normal way to authenticate a password still works:

          if (strcmp(pw->pw_passwd, crypt(key, pw->pw_passwd))) ...

     If key is a null string, and the shadow password is  a  null
     string  or  the salt is a null string then the result equals
     salt.  (This is because the caller can't tell if a  password
     field is empty in the shadow password file.)

     The key and salt are limited to 1024 bytes  total  including
     the null bytes.


FILES

     /usr/lib/pwdauth         The password authentication program


SEE ALSO

     getpass(3), getpwent(3), passwd(5), pwdauth(8).


NOTES

     The result of an encryption is returned in  a  static  array
     that  is  overwritten by each call.  The return value should
     not be modified.


AUTHOR

     Kees J. Bot (kjb@cs.vu.nl)