FreeBSD Manual Pages

home | help
CRYPT_CHECKSALT(3)	    Library Functions Manual	    CRYPT_CHECKSALT(3)

NAME
       crypt_checksalt -- validate a crypt setting string

LIBRARY
       Crypt Library (libcrypt,	-lcrypt)

SYNOPSIS
       #include	<crypt.h>

       int
       crypt_checksalt(const char *setting);

DESCRIPTION
       crypt_checksalt checks the setting string against the system configura-
       tion and	reports	whether	the hashing method and parameters it specifies
       are acceptable.	It is intended to be used by programs such as login(1)
       to  determine  whether  the user's passphrase should be re-hashed using
       the currently preferred hashing method.

RETURN VALUES
       The return value	is 0 if	there is  nothing  wrong  with	this  setting.
       Otherwise, it is	one of the following constants:

       CRYPT_SALT_OK
	     setting  is  a  fully  correct  setting string.  This constant is
	     guaranteed	to equal 0.

       CRYPT_SALT_INVALID
	     setting is	not a valid setting  string;  either  it  specifies  a
	     hashing method that is not	known to this version of libxcrypt, or
	     it	specifies invalid parameters for the method.

       CRYPT_SALT_METHOD_DISABLED (Not implemented, yet)
	     setting  specifies	 a hashing method that is no longer allowed to
	     be	used at	all; crypt will	fail if	passed this  setting.	Manual
	     intervention will be required to reactivate the user's account.

       CRYPT_SALT_METHOD_LEGACY
	     setting  specifies	 a hashing method that is no longer considered
	     strong enough for use with	new passphrases.  crypt	will still au-
	     thenticate	a passphrase against this setting, but if  authentica-
	     tion  succeeds, the passphrase should be re-hashed	using the cur-
	     rently preferred method.

       CRYPT_SALT_TOO_CHEAP (Not implemented, yet)
	     setting specifies cost parameters that are	considered  too	 cheap
	     for  use  with  new passphrases.  crypt will still	authenticate a
	     passphrase	against	this setting, but if authentication  succeeds,
	     the  passphrase should be re-hashed using the currently preferred
	     method.

FEATURE	TEST MACROS
       <crypt.h>  will	 define	  the	macro	CRYPT_CHECKSALT_AVAILABLE   if
       crypt_checksalt is available in the current version of libxcrypt.

BUGS
       Since  full  configurability is not yet implemented, the	current	imple-
       mentation will only ever	return CRYPT_SALT_OK (0) or CRYPT_SALT_INVALID
       when invoked.

PORTABILITY NOTES
       The function crypt_checksalt is not part	of any standard.  It was added
       to libxcrypt in version 4.3.0.

ATTRIBUTES
       For  an	explanation  of	 the  terms  used   in	 this	section,   see
       attributes(7).
       +-----------------+---------------+---------+
       | Interface	 | Attribute	 | Value   |
       +-----------------+---------------+---------+
       | crypt_checksalt | Thread safety | MT-Safe |
       +-----------------+---------------+---------+

SEE ALSO
       crypt(3), crypt_gensalt(3), crypt(5)

libxcrypt		       November	8, 2018		    CRYPT_CHECKSALT(3)
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=crypt_checksalt&sektion=3&manpath=FreeBSD+Ports+14.3.quarterly>
home | help
Header And Logo

Peripheral Links

Site Navigation

FreeBSD Manual Pages

Header And Logo

Peripheral Links

Search

Site Navigation

FreeBSD Manual Pages
