1Authen::Passphrase::CryUpste1r6(C3o)ntributed Perl DocumAeuntthaetni:o:nPassphrase::Crypt16(3)
2
3
4
6 Authen::Passphrase::Crypt16 - passphrases using Ultrix crypt16
7 algorithm
8
10 use Authen::Passphrase::Crypt16;
11
12 $ppr = Authen::Passphrase::Crypt16->new(
13 salt_base64 => "qi",
14 hash_base64 => "8H8R7OM4xMUNMPuRAZxlY.");
15
16 $ppr = Authen::Passphrase::Crypt16->new(
17 salt_random => 12,
18 passphrase => "passphrase");
19
20 $salt = $ppr->salt;
21 $salt_base64 = $ppr->salt_base64_2;
22 $hash = $ppr->hash;
23 $hash_base64 = $ppr->hash_base64;
24
25 $ppr0 = $ppr->first_half;
26 $ppr1 = $ppr->second_half;
27
28 if($ppr->match($passphrase)) { ...
29
31 An object of this class encapsulates a passphrase hashed using the
32 "crypt16" hash function found in Ultrix and Tru64. Do not confuse this
33 with the "bigcrypt" found on HP-UX, Digital Unix, and OSF/1 (for which
34 see Authen::Passphrase::BigCrypt). This is a subclass of
35 Authen::Passphrase, and this document assumes that the reader is
36 familiar with the documentation for that class.
37
38 This is a derivation of the original DES-based crypt function found on
39 all Unices (see Authen::Passphrase::DESCrypt). The first eight bytes
40 of the passphrase are used as a DES key to encrypt the all-bits-zero
41 block through 20 rounds of (12-bit) salted DES. (The standard crypt
42 function does this, but with 25 encryption rounds instead of 20.) Then
43 the next eight bytes, or the null string if the passphrase is eight
44 bytes or shorter, are used as a DES key to encrypt the all-bits-zero
45 block through 5 rounds of salted DES with the same salt. The two
46 eight-byte ciphertexts are concatenated to form the sixteen-byte hash.
47
48 A password hash of this scheme is conventionally represented in ASCII
49 as a 24-character string using a base 64 encoding. The first two
50 characters give the salt, the next eleven give the hash of the first
51 half, and the last eleven give the hash of the second half. A hash
52 thus encoded is used as a crypt string, on those systems where the
53 crypt16 algorithm is part of crypt(), but the syntax clashes with that
54 of bigcrypt. This module does not treat it as a crypt string syntax.
55
56 Because the two halves of the passphrase are hashed separately, it is
57 possible to manipulate (e.g., crack) a half hash in isolation. See
58 Authen::Passphrase::DESCrypt for handling of a single half.
59
60 Warning: This is a fatally flawed design, often providing less security
61 than the plain DES scheme alone. Do not use seriously.
62
64 Authen::Passphrase::Crypt16->new(ATTR => VALUE, ...)
65 Generates a new passphrase recogniser object using the crypt16 hash
66 algorithm. The following attributes may be given:
67
68 salt
69 The salt, as an integer in the range [0, 4096).
70
71 salt_base64
72 The salt, as a string of two base 64 digits.
73
74 salt_random
75 Causes salt to be generated randomly. The value given for this
76 attribute must be 12, indicating generation of 12 bits of salt.
77 The source of randomness may be controlled by the facility
78 described in Data::Entropy.
79
80 hash
81 The hash, as a string of 16 bytes.
82
83 hash_base64
84 The hash, as a string of 22 base 64 digits.
85
86 passphrase
87 A passphrase that will be accepted.
88
89 The salt must be given, and either the hash or the passphrase.
90
92 $ppr->salt
93 Returns the salt, as a Perl integer.
94
95 $ppr->salt_base64_2
96 Returns the salt, as a string of two base 64 digits.
97
98 $ppr->hash
99 Returns the hash value, as a string of 16 bytes.
100
101 $ppr->hash_base64
102 Returns the hash value, as a string of 22 base 64 digits. This is
103 the concatenation of the base 64 encodings of the two hashes,
104 rather than a base64 encoding of the combined hash.
105
106 $ppr->first_half
107 Returns the hash of the first half of the passphrase, as an
108 Authen::Passphrase::DESCrypt passphrase recogniser.
109
110 $ppr->second_half
111 Returns the hash of the second half of the passphrase, as an
112 Authen::Passphrase::DESCrypt passphrase recogniser.
113
114 $ppr->match(PASSPHRASE)
115 This method is part of the standard Authen::Passphrase interface.
116
118 Authen::Passphrase, Authen::Passphrase::DESCrypt
119
121 Andrew Main (Zefram) <zefram@fysh.org>
122
124 Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram)
125 <zefram@fysh.org>
126
128 This module is free software; you can redistribute it and/or modify it
129 under the same terms as Perl itself.
130
131
132
133perl v5.30.0 2019-07-26 Authen::Passphrase::Crypt16(3)