Hi, On 2023-07-16 03:51, Xi Ruoyao wrote: > libcrypt is the password hashing library, and libcrypto is a completely > different library (OpenSSL cryptography library). While the encrypt() > function can "encrypt" things, it uses a broken algorithm so let's not > call libcrypt an "encryption" library at all. In crypt.3, also replace > "encrypt" with "hash" except several places where it really means > "encrypt". > > Signed-off-by: Xi Ruoyao <xry111@xxxxxxxxxxx> Patch applied. Thanks! Alex > --- > man3/crypt.3 | 30 +++++++++++++++--------------- > man3/encrypt.3 | 4 ++-- > 2 files changed, 17 insertions(+), 17 deletions(-) > > diff --git a/man3/crypt.3 b/man3/crypt.3 > index 1f3e4792e..57027ed5d 100644 > --- a/man3/crypt.3 > +++ b/man3/crypt.3 > @@ -17,10 +17,10 @@ > .\" > .TH crypt 3 (date) "Linux man-pages (unreleased)" > .SH NAME > -crypt, crypt_r \- password and data encryption > +crypt, crypt_r \- password hashing > .SH LIBRARY > -Encryption and decryption library > -.RI ( libcrypto ", " \-lcrypto ) > +Password hashing library > +.RI ( libcrypt ", " \-lcrypt ) > .SH SYNOPSIS > .nf > .B #include <unistd.h> > @@ -52,7 +52,7 @@ Feature Test Macro Requirements for glibc (see > .fi > .SH DESCRIPTION > .BR crypt () > -is the password encryption function. > +is the password hashing function. > It is based on the Data Encryption > Standard algorithm with variations intended (among other things) to > discourage use of hardware implementations of a key search. > @@ -72,7 +72,7 @@ a 56-bit key is obtained. > This 56-bit key is used to encrypt repeatedly a > constant string (usually a string consisting of all zeros). > The returned > -value points to the encrypted password, a series of 13 printable ASCII > +value points to the hashed password, a series of 13 printable ASCII > characters (the first two characters represent the salt itself). > The return value points to static data whose content is > overwritten by each call. > @@ -115,7 +115,7 @@ the only thing that the caller should do with this structure is to set > to zero before the first call to > .BR crypt_r (). > .SH RETURN VALUE > -On success, a pointer to the encrypted password is returned. > +On success, a pointer to the hashed password is returned. > On error, NULL is returned. > .SH ERRORS > .TP > @@ -165,7 +165,7 @@ function was not implemented, probably because of U.S.A. export restrictions. > .B EPERM > .I /proc/sys/crypto/fips_enabled > has a nonzero value, > -and an attempt was made to use a weak encryption type, such as DES. > +and an attempt was made to use a weak hashing type, such as DES. > .SH ATTRIBUTES > For an explanation of the terms used in this section, see > .BR attributes (7). > @@ -225,7 +225,7 @@ is an ABI-compatible drop-in replacement. > .SH NOTES > .SS Features in glibc > The glibc version of this function supports additional > -encryption algorithms. > +hashing algorithms. > .PP > If > .I salt > @@ -234,11 +234,11 @@ followed by a string optionally terminated by "$", > then the result has the form: > .RS > .PP > -$\fIid\fP$\fIsalt\fP$\fIencrypted\fP > +$\fIid\fP$\fIsalt\fP$\fIhashed\fP > .RE > .PP > .I id > -identifies the encryption method used instead of DES and this > +identifies the hashing method used instead of DES and this > then determines how the rest of the password string is interpreted. > The following values of > .I id > @@ -265,13 +265,13 @@ T} > .TE > .RE > .PP > -Thus, $5$\fIsalt\fP$\fIencrypted\fP and $6$\fIsalt\fP$\fIencrypted\fP > -contain the password encrypted with, respectively, functions > +Thus, $5$\fIsalt\fP$\fIhashed\fP and $6$\fIsalt\fP$\fIhashed\fP > +contain the password hashed with, respectively, functions > based on SHA-256 and SHA-512. > .PP > "\fIsalt\fP" stands for the up to 16 characters > following "$\fIid\fP$" in the salt. > -The "\fIencrypted\fP" > +The "\fIhashed\fP" > part of the password string is the actual computed password. > The size of this string is fixed: > .RS > @@ -283,7 +283,7 @@ SHA-512 86 characters > .TE > .RE > .PP > -The characters in "\fIsalt\fP" and "\fIencrypted\fP" are drawn from the set > +The characters in "\fIsalt\fP" and "\fIhashed\fP" are drawn from the set > [\fBa\-zA\-Z0\-9./\fP]. > In the MD5 and SHA implementations the entire > .I key > @@ -299,7 +299,7 @@ followed by "rounds=\fIxxx\fP$", where \fIxxx\fP is an integer, then the > result has the form > .RS > .PP > -$\fIid\fP$\fIrounds=yyy\fP$\fIsalt\fP$\fIencrypted\fP > +$\fIid\fP$\fIrounds=yyy\fP$\fIsalt\fP$\fIhashed\fP > .RE > .PP > where \fIyyy\fP is the number of hashing rounds actually used. > diff --git a/man3/encrypt.3 b/man3/encrypt.3 > index 9f7ea9627..49549a28f 100644 > --- a/man3/encrypt.3 > +++ b/man3/encrypt.3 > @@ -13,8 +13,8 @@ > .SH NAME > encrypt, setkey, encrypt_r, setkey_r \- encrypt 64-bit messages > .SH LIBRARY > -Encryption and decryption library > -.RI ( libcrypto ", " \-lcrypto ) > +Password hashing library > +.RI ( libcrypt ", " \-lcrypt ) > .SH SYNOPSIS > .nf > .BR "#define _XOPEN_SOURCE" " /* See feature_test_macros(7) */" -- <http://www.alejandro-colomar.es/> GPG key fingerprint: A9348594CE31283A826FBDD8D57633D441E25BB5
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
