1Authen::Passphrase::CryUpste1r6(C3opnmt)ributed Perl DocAuumtehnetna:t:iPoanssphrase::Crypt16(3pm)
2
3
4

NAME

6       Authen::Passphrase::Crypt16 - passphrases using Ultrix crypt16
7       algorithm
8

SYNOPSIS

10               use Authen::Passphrase::Crypt16;
11
12               $ppr = Authen::Passphrase::Crypt16->new(
13                       salt_base64 => "qi",
14                       hash_base64 => "8H8R7OM4xMUNMPuRAZxlY.");
15
16               $ppr = Authen::Passphrase::Crypt16->new(
17                       salt_random => 12,
18                       passphrase => "passphrase");
19
20               $salt = $ppr->salt;
21               $salt_base64 = $ppr->salt_base64_2;
22               $hash = $ppr->hash;
23               $hash_base64 = $ppr->hash_base64;
24
25               $ppr0 = $ppr->first_half;
26               $ppr1 = $ppr->second_half;
27
28               if($ppr->match($passphrase)) { ...
29

DESCRIPTION

31       An object of this class encapsulates a passphrase hashed using the
32       "crypt16" hash function found in Ultrix and Tru64.  Do not confuse this
33       with the "bigcrypt" found on HP-UX, Digital Unix, and OSF/1 (for which
34       see Authen::Passphrase::BigCrypt).  This is a subclass of
35       Authen::Passphrase, and this document assumes that the reader is
36       familiar with the documentation for that class.
37
38       This is a derivation of the original DES-based crypt function found on
39       all Unices (see Authen::Passphrase::DESCrypt).  The first eight bytes
40       of the passphrase are used as a DES key to encrypt the all-bits-zero
41       block through 20 rounds of (12-bit) salted DES.  (The standard crypt
42       function does this, but with 25 encryption rounds instead of 20.)  Then
43       the next eight bytes, or the null string if the passphrase is eight
44       bytes or shorter, are used as a DES key to encrypt the all-bits-zero
45       block through 5 rounds of salted DES with the same salt.  The two
46       eight-byte ciphertexts are concatenated to form the sixteen-byte hash.
47
48       A password hash of this scheme is conventionally represented in ASCII
49       as a 24-character string using a base 64 encoding.  The first two
50       characters give the salt, the next eleven give the hash of the first
51       half, and the last eleven give the hash of the second half.  A hash
52       thus encoded is used as a crypt string, on those systems where the
53       crypt16 algorithm is part of crypt(), but the syntax clashes with that
54       of bigcrypt.  This module does not treat it as a crypt string syntax.
55
56       Because the two halves of the passphrase are hashed separately, it is
57       possible to manipulate (e.g., crack) a half hash in isolation.  See
58       Authen::Passphrase::DESCrypt for handling of a single half.
59
60       Warning: This is a fatally flawed design, often providing less security
61       than the plain DES scheme alone.  Do not use seriously.
62

CONSTRUCTOR

64       Authen::Passphrase::Crypt16->new(ATTR => VALUE, ...)
65           Generates a new passphrase recogniser object using the crypt16 hash
66           algorithm.  The following attributes may be given:
67
68           salt
69               The salt, as an integer in the range [0, 4096).
70
71           salt_base64
72               The salt, as a string of two base 64 digits.
73
74           salt_random
75               Causes salt to be generated randomly.  The value given for this
76               attribute must be 12, indicating generation of 12 bits of salt.
77               The source of randomness may be controlled by the facility
78               described in Data::Entropy.
79
80           hash
81               The hash, as a string of 16 bytes.
82
83           hash_base64
84               The hash, as a string of 22 base 64 digits.
85
86           passphrase
87               A passphrase that will be accepted.
88
89           The salt must be given, and either the hash or the passphrase.
90

METHODS

92       $ppr->salt
93           Returns the salt, as a Perl integer.
94
95       $ppr->salt_base64_2
96           Returns the salt, as a string of two base 64 digits.
97
98       $ppr->hash
99           Returns the hash value, as a string of 16 bytes.
100
101       $ppr->hash_base64
102           Returns the hash value, as a string of 22 base 64 digits.  This is
103           the concatenation of the base 64 encodings of the two hashes,
104           rather than a base64 encoding of the combined hash.
105
106       $ppr->first_half
107           Returns the hash of the first half of the passphrase, as an
108           Authen::Passphrase::DESCrypt passphrase recogniser.
109
110       $ppr->second_half
111           Returns the hash of the second half of the passphrase, as an
112           Authen::Passphrase::DESCrypt passphrase recogniser.
113
114       $ppr->match(PASSPHRASE)
115           This method is part of the standard Authen::Passphrase interface.
116

SEE ALSO

118       Authen::Passphrase, Authen::Passphrase::DESCrypt
119

AUTHOR

121       Andrew Main (Zefram) <zefram@fysh.org>
122
124       Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram)
125       <zefram@fysh.org>
126

LICENSE

128       This module is free software; you can redistribute it and/or modify it
129       under the same terms as Perl itself.
130
131
132
133perl v5.38.0                      2023-07-20  Authen::Passphrase::Crypt16(3pm)
Impressum