Tcl Library Source Code
md5crypt - MD5-based password encryption
Not logged in
Bounty program for improvements to Tcl and certain Tcl packages.
Tcl 2018 Conference, Houston/TX, US, Oct 15-19
Send your abstracts to tclconference@googlegroups.com or submit via the online form
by Aug 20.

[ Main Table Of Contents | Table Of Contents | Keyword Index | Categories | Modules | Applications ]

md5crypt(n) 1.1.0 tcllib "MD5-based password encryption"

Name

md5crypt - MD5-based password encryption

Synopsis

  • package require Tcl 8.2
  • package require md5 2.0
  • package require md5crypt ?1.1.0?

Description

This package provides an implementation of the MD5-crypt password encryption algorithm as pioneered by FreeBSD and currently in use as a replacement for the unix crypt(3) function in many modern systems. An implementation of the closely related Apache MD5-crypt is also available. The output of these commands are compatible with the BSD and OpenSSL implementation of md5crypt and the Apache 2 htpasswd program.

COMMANDS

::md5crypt::md5crypt password salt

Generate a BSD compatible md5-encoded password hash from the plaintext password and a random salt (see SALT).

::md5crypt::aprcrypt password salt

Generate an Apache compatible md5-encoded password hash from the plaintext password and a random salt (see SALT).

::md5crypt::salt ?length?

Generate a random salt string suitable for use with the md5crypt and aprcrypt commands.

SALT

The salt passed to either of the encryption schemes implemented here is checked to see if it begins with the encryption scheme magic string (either "$1$" for MD5-crypt or "$apr1$" for Apache crypt). If so, this is removed. The remaining characters up to the next $ and up to a maximum of 8 characters are then used as the salt. The salt text should probably be restricted the set of ASCII alphanumeric characters plus "./" (dot and forward-slash) - this is to preserve maximum compatability with the unix password file format.

If a password is being generated rather than checked from a password file then the salt command may be used to generate a random salt.

EXAMPLES

% md5crypt::md5crypt password 01234567
$1$01234567$b5lh2mHyD2PdJjFfALlEz1
% md5crypt::aprcrypt password 01234567
$apr1$01234567$IXBaQywhAhc0d75ZbaSDp/
% md5crypt::md5crypt password [md5crypt::salt]
$1$dFmvyRmO$T.V3OmzqeEf3hqJp2WFcb.

Bugs, Ideas, Feedback

This document, and the package it describes, will undoubtedly contain bugs and other problems. Please report such in the category md5crypt of the Tcllib Trackers. Please also report any ideas for enhancements you may have for either package and/or documentation.

When proposing code changes, please provide unified diffs, i.e the output of diff -u.

Note further that attachments are strongly preferred over inlined patches. Attachments can be made by going to the Edit form of the ticket immediately after its creation, and then using the left-most button in the secondary navigation bar.

Category

Hashes, checksums, and encryption